By default, Postfix adds a Received header — on all mail that you send —
that lists the IP of the device you sent the mail from. This feature is
great if you're a mail provider and you need to debug why one user is
having sending issues. This feature is not so great if you run your own
mail server and you don't want every recipient of every email you send
to know the device and IP you sent the email from.
To limit this filtering to outgoing mail only, we apply the filters just
to the submission port. See these guides [1] [2] for more context.
I have taken care to make the configuration logic be **idempotent**.
Unfortunately, due to the syntax of `master.cf`, this requires a small
amount of `sed` and `perl` wizardry :(
In addition to filtering the Received header, the
`submission_header_checks` file is currently configured to filter other,
privacy-sensitive headers. If people object, we can remove those
filters. The important thing is that the IP be filtered or masked.
[1] http://askubuntu.com/a/78168/11259
[2] http://www.void.gr/kargig/blog/2013/11/24/anonymize-headers-in-postfix/
Postfix, Dovecot, and nginx all read the key file while they're running
as root — before dropping permissions — so no authorization is needed on
the private key file beyond being root-readable.
Michael Kropat
Joshua Tauberer