Deleting "received from headers"

Hi,
i´m running an sendmail system for delivering my internal email to the whole
world :-)

My Problem is that Email send out from my network passes many stations
bevore they go to the recipient mailserver through my sendmail server.

The Header of my mails contain 3 till 5 received from lines bevore they go
out. How could i delete all this headers to prevent giving thr recipient an
view of my internal network struktures?

Is there an milter plugin ore something like that?

Greetings Armin

Re: Deleting "received from headers"

"Armin Krämer" writes:

> Hi,
> i´m running an sendmail system for delivering my internal email to the whole
> world :-)
>
> My Problem is that Email send out from my network passes many stations
> bevore they go to the recipient mailserver through my sendmail server.
>
> The Header of my mails contain 3 till 5 received from lines bevore they go
> out. How could i delete all this headers to prevent giving thr recipient an
> view of my internal network struktures?
>
> Is there an milter plugin ore something like that?

0) Do not *delete*, strip "protected" info
a)"Received:" headers are used to detect "mail loop", simply removing
them is asking for ugly troubles sometime
b) letter of RFC prohibits changing/removing "Received:" generated by
other hosts. It may be argued that stripping some info from
"Received:" headers generated by hosts under your control does not
break spirit of the RFC "recommendation".
1) I would suggest using MIMEDefang milter as a platform for
implementing what you want (but wait a day or two for other recommendations)

--
[pl>en: Andrew] Andrzej Adam Filip : anfi@priv.onet.pl : anfi@xl.wp.pl
Open-Sendmail: http://open-sendmail.sourceforge.net/
Politics: A strife of interests masquerading as a contest of principles.
The conduct of public affairs for private advantage.
-- Ambrose Bierce
----
http://groups.google.com/groups?selm=87wsq6gdct@leanne.fsf.h obby-site.com

Re: Deleting "received from headers"

On Sat, 19 Jan 2008 14:21:38 +0100, Andrzej Adam Filip
wrote:

>"Armin Krämer" writes:
>
>> Hi,
>> i´m running an sendmail system for delivering my internal email to the whole
>> world :-)
>>
>> My Problem is that Email send out from my network passes many stations
>> bevore they go to the recipient mailserver through my sendmail server.
>>
>> The Header of my mails contain 3 till 5 received from lines bevore they go
>> out. How could i delete all this headers to prevent giving thr recipient an
>> view of my internal network struktures?
>>
>> Is there an milter plugin ore something like that?
>
>0) Do not *delete*, strip "protected" info
> a)"Received:" headers are used to detect "mail loop", simply removing
> them is asking for ugly troubles sometime
> b) letter of RFC prohibits changing/removing "Received:" generated by
> other hosts. It may be argued that stripping some info from
> "Received:" headers generated by hosts under your control does not
> break spirit of the RFC "recommendation".

c) Stripping Received: headers will prevent you from finding spamming
host inside your network. And yes, some they you will have such a
host. No security is fool-proof and when it starts spamming and
you mailserver ends up on a blacklist you want to find that host
as fast as possible.

--
Peter Peters

Re: Deleting "received from headers"

On 01/19/08 07:00, Armin Krämer wrote:
> The Header of my mails contain 3 till 5 received from lines before
> they go out. How could i delete all this headers to prevent giving
> the recipient an view of my internal network structures?

*nod*

This could be considered a bit of a sticky wicket. Most people will
argue that you should not remove Received: headers from messages at all.
(As you have seen.) I however understand the desire to remove
*INTERNAL* Received: headers from outbound messages while not modifying
inbound messages. As others have pointed out, these Received: headers
are invaluable when trying to track down an internal problem, be it
intentional or not.

I have thought about this one at length over the last few years and
still have not come up with any good answer. You really do want to
retain (in an archive somewhere) the information that you would be
removing from the message. I don't know if it would be appropriate to
syslog the Received: headers under the current message ID, or to archive
a pre-redacted message, or hash the data in the message, or what.

Remember that other collaboration (Exchange, GroupWise, Domino) systems
do not have internal Received: headers. Rather said collaboration
systems gateway from their internal protocol to SMTP at the edge of the
network, thus there is nothing to redact and / or maintain.

I personally think the most scalable solution (not requiring disk space
on the institutions side) is to alter the headers of the message in such
a way as the information is hidden (encrypted or encoded) in the out
going message. Thus the data is there is any one ever contacts the
sending institution and can be reclaimed if necessary.

Then the question becomes, do you want to maintain all previous
Received: headers, or just the one that refers to the immediately
previous SMTP server thus pointing you back to that server to go through
logs? This would turn in to a manual process of back tracking server to
server, but would also reduce the amount of data that must be encrypted
/ encoded and stored (locally or in message)

> Is there an milter plug-in ore something like that?

I'm not aware of any drop in utility (milter) to do exactly this.
However I think it would be somewhat trivial to write something in Perl
using MIMEDefang to remove existing Received: headers and encrypt /
encode them and add them back to the message as some other X-