How to disable X-Mailer and X-Virus-Scanned

[barth]

Hello,

I try to figure out where to disable X-Mailer and X-Virus-Scanned in email headers.
I've put zimbraSmtpSendAddMailer=FALSE into my /opt/zimbra/config.xxxx
restart zimbra using zmcontrol but it doesn't work.

My zimbra version : Zimbra 6.0.5_GA_2213.RHEL5

--
Thanks
Barth

[uxbod]

Why are you wishing to remove those headers ?

[barth]

Due to security reasons.
I don't want to show people what do I use.

[uxbod]

Try setting the following in /opt/zimbra/conf/amavisd.conf.in

Code:

$notify_xmailer_header = '';
su - zimbra
zmamavisdctl stop ; zmamavisdctl start

[barth]

I've put it below :
$defang_virus = 1; # MIME-wrap passed infected mail
$defang_banned = 1; # MIME-wrap passed mail containing banned name
$notify_xmailer_header = '';
restart
but still have:
X-Mailer: Zimbra 6.0.5_GA_2213.RHEL5 (ZimbraWebClient - FF3.0 (Win)/6.0.5_GA_2213.RHEL5)

[uxbod]

The X-Mailer is added by ZCS Java process and the other was by amavisd will have to research how to disable that.

[barth]

Any new ideas where to disable it?

[halley]

i have same problem...
how to disable this?

[emfs]

Anybody find a solve?

[frankman]

Along with removing "X-Mailer" and "X-Virus-Scanned", how do we remove "X-Originating-IP" as well? Don't need to give the outside world our internal network.

Removing them, especially X-Mailer, seems even more critical, because the Release Notes for 7.1.3 shows a couple of security fixes without going into detail.

Right now it feels like we're advertising that we're open to a couple of security holes every time a user sends out an email via the web client.