Forums
Welcome to Zextras ...
Articles
How to remove sensi...
 
Notifications
Clear all

How to remove sensitive information like client IP address and X-Mailer from outbound email message headers

 
Articles
2 Posts
2 Users
1 Reactions
11 Views
RSS
 z3xtr4s
(@z3xtr4s)
New Member
Joined: 3 years ago
Posts: 1
Topic starter 05/11/2025 02:09  

Like Zimbra, by default outbound email messages in Carbonio include detailed email client information like client IP address (gasp!) and X-Mailer headers. I am not going to paste my own from tests, but just some semi-sanitized stuff that is already on the internet, further below, to illustrate what I mean.

 

Thought to quickly share the fix, so others can easily achieve the same result, and maintain a reasonable sense of privacy, just like the big email providers like Gmail and Microsoft 365 offer. If you are a Carbonio admin and think removing this header information will prevent you from identifying abuse from your Carbonio account holders, it doesn't.  It will require you to dig into logs, rather than just have that info for everyone in the world to see (and potentially abuse themselves).

Edit the following file as zextras user (or as root/with sudo):

/opt/zextras/conf/postfix_header_checks

to add the following:

 removed link  ESMTPSA/ IGNORE
/^X-Originating-IP:/ IGNORE
/^X-Mailer:/ IGNORE
/^Mime-Version:/ IGNORE
/^User-Agent:/ IGNORE

save the file, then issue the following commands as zextras user:

 

postmap /opt/zextras/conf/postfix_header_checks
postfix reload

That's it, now your home, work Wi-Fi (or secret lover's home) IP address won't show, as in below. 😀 

Received: from smtpclient.apple ([174.29.38.75]) by mrelay.perfora.net
(mreueus003 [74.208.5.2]) with ESMTPSA (Nemesis) id 0MS4Ue-1ps3Qv0vMo-00TGuw for <s*******@gmail.com>; Mon, 27 Mar 2023 03:59:55 +0200
Content-Type: multipart/alternative; boundary=Apple-Mail-4CA8FB79-EFCA-45D8-8F6C-5C5613F2A8B1
Content-Transfer-Encoding: 7bit
From: Ronnpj <r@.com>
Mime-Version: 1.0 (1.0)
Subject: Re: March 25 Lumberjack
Date: Sun, 26 Mar 2023 19:59:44 -0600
Message-Id: <3384AA9E-1D11-4181-A0ED-81161C448180@*.com>
References: <CAKyN-DSNJvrT2iEfWcYX27LECOpGo3tid6MKEPqjjKVWePVirQ@mail.gmail.com>
In-Reply-To: <CAKyN-DSNJvrT2iEfWcYX27LECOpGo3tid6MKEPqjjKVWePVirQ@mail.gmail.com>
To: S* <s******@gmail.com>
X-Mailer: iPhone Mail (20D67)

   
Md. Shariful Islam reacted
Quote
 Md. Shariful Islam
(@sharif)
Reputable Member Admin
Joined: 3 years ago
Posts: 711
05/12/2025 08:23  

That's great. Thanks for your insight and I believe it would help users to strengthen their server security. 

🙏


   
ReplyQuote
Forum Jump:
  Previous Topic