This re-implements part of PR #69 by @mkropat, who wrote:
By default, Postfix adds a Received header — on all mail that you send —
that lists the IP of the device you sent the mail from. This feature is
great if you're a mail provider and you need to debug why one user is
having sending issues. This feature is not so great if you run your own
mail server and you don't want every recipient of every email you send
to know the device and IP you sent the email from.
To limit this filtering to outgoing mail only, we apply the filters just
to the submission port. See these guides [1] [2] for more context.
[1] http://askubuntu.com/a/78168/11259
[2] http://www.void.gr/kargig/blog/2013/11/24/anonymize-headers-in-postfix/
* using it to enable the Postfix submission service
* per @mkropat's suggestion in #69, set an option to distinguish submission from regular smpd in syslog by giving submission a new name (doing this here to test that editconf is working right on master.cf)
Postfix, Dovecot, and nginx all read the key file while they're running
as root — before dropping permissions — so no authorization is needed on
the private key file beyond being root-readable.