From cd1802fecc75099346dd6b92e76d73510f27d637 Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Sun, 8 Jun 2014 17:30:37 -0400 Subject: [PATCH] Filter privacy-sensitive headers on outgoing mail MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This re-implements part of PR #69 by @mkropat, who wrote: By default, Postfix adds a Received header — on all mail that you send — that lists the IP of the device you sent the mail from. This feature is great if you're a mail provider and you need to debug why one user is having sending issues. This feature is not so great if you run your own mail server and you don't want every recipient of every email you send to know the device and IP you sent the email from. To limit this filtering to outgoing mail only, we apply the filters just to the submission port. See these guides [1] [2] for more context. [1] http://askubuntu.com/a/78168/11259 [2] http://www.void.gr/kargig/blog/2013/11/24/anonymize-headers-in-postfix/ --- conf/postfix_outgoing_mail_header_filters | 10 ++++++++++ setup/mail.sh | 14 ++++++++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) create mode 100644 conf/postfix_outgoing_mail_header_filters diff --git a/conf/postfix_outgoing_mail_header_filters b/conf/postfix_outgoing_mail_header_filters new file mode 100644 index 00000000..4848c014 --- /dev/null +++ b/conf/postfix_outgoing_mail_header_filters @@ -0,0 +1,10 @@ +# Remove the first line of the Received: header. Note that we cannot fully remove the Received: header +# because OpenDKIM requires that a header be present when signing outbound mail. The first line is +# where the user's home IP address would be. +/^\s*Received:[^\n]*(.*)/ REPLACE Received: from authenticated-user (unknown [127.0.0.1])$1 + +# Remove other typically private information. +/^\s*User-Agent:/ IGNORE +/^\s*X-Enigmail:/ IGNORE +/^\s*X-Mailer:/ IGNORE +/^\s*X-Originating-IP:/ IGNORE diff --git a/setup/mail.sh b/setup/mail.sh index 1722a962..a2d7d3f8 100755 --- a/setup/mail.sh +++ b/setup/mail.sh @@ -17,7 +17,7 @@ source setup/functions.sh # load our functions source /etc/mailinabox.conf # load global vars apt_install \ - postfix postgrey \ + postfix postgrey postfix-pcre \ dovecot-core dovecot-imapd dovecot-lmtpd dovecot-sqlite sqlite3 \ openssl @@ -28,9 +28,19 @@ mkdir -p $STORAGE_ROOT/mail # Enable the 'submission' port 587 smtpd server, and give it a different # name in syslog to distinguish it from the port 25 smtpd server. +# +# Add a new cleanup service specific to the submission service ('authclean') +# that filters out privacy-sensitive headers on mail being sent out by +# authenticated users. tools/editconf.py /etc/postfix/master.cf -s -w \ "submission=inet n - - - - smtpd - -o syslog_name=postfix/submission" + -o syslog_name=postfix/submission + -o cleanup_service_name=authclean" \ + "authclean=unix n - - - 0 cleanup + -o header_checks=pcre:/etc/postfix/outgoing_mail_header_filters" + +# Install `outgoing_mail_header_filters` file required by 'authclean' service. +cp conf/postfix_outgoing_mail_header_filters /etc/postfix/outgoing_mail_header_filters # Enable TLS and require it for all user authentication. tools/editconf.py /etc/postfix/main.cf \