Sender Information Disclose When Sending Out an Email

**wcpon** · 07-10-2012, 01:03 AM

Hi guys,

I'm facing a problem that I will disclose my personal information (My Local IP, Computer Name) when sending out an email to the recipient (gmail, yahoo or any mail provider).
For better understanding, please find the message details from the recipient below,

Code:

Received-SPF: pass (google.com: domain of poon@abc.com designates 117.100.243.2 as permitted sender) client-ip=117.100.243.2;

This is the local computer (sender information),

Code:

Received: from CPU00030 (unknown [10.1.1.53])
	by mail.abc.com (Postfix) with ESMTPA id 89B157839D
	for <poon@gmail.com>; Tue, 10 Jul 2012 12:37:40 +0800 (MYT)

May I know, how can I eliminate my sender local pc/client information to the recipient??

**phoenix** · 07-10-2012, 02:37 AM

Originally Posted by wcpon

I'm facing a problem that I will disclose my personal information (My Local IP, Computer Name) when sending out an email to the recipient (gmail, yahoo or any mail provider).

So what? That's what a mail server does and the information is required so that mail can be traced back to the sending server if there's a problem.

Originally Posted by wcpon

May I know, how can I eliminate my sender local pc/client information to the recipient??

Why do you think it's a problem?

**wcpon** · 07-10-2012, 06:59 AM

Originally Posted by phoenix

So what? That's what a mail server does and the information is required so that mail can be traced back to the sending server if there's a problem.

Why do you think it's a problem?

Hi phoenix, usually we send out the email by using other mail server.
It will not display the sender detail information from the mail header.
I tried for yahoo mail, gmail and etc. Its only display the mail server public IP and where is it send from, but not the sender local pc ip address and local computer name.

In my case, my client ip address (10.1.1.53) and client pc name (CPU00030) are display from message header.

Just security concern, I just do not wish to publish my local pc details to outsider.
Just to check with you, can I eliminate this details from my email sending?

**kruon** · 07-10-2012, 08:33 AM

Let's phrase it like this:
Your server logs show that someone in your network of 1000 computers is sending 10000 spam messages every hour.
You have filtered sending workstation information away from your server because you have security concerns about hostname like CPU00030 and private network address like 10.1.0.0.
How do you diagnose which one of the workstations is actually sending the spam?
Do you simply kill the entire server and take off email for entire company?
Kill network segments one by one to see which of the networks is source for spam, stopping work on several departments?

By eliminating that information, you'll cause yourself more harm rather than increasing security.

**wcpon** · 07-10-2012, 07:18 PM

Originally Posted by kruon

Let's phrase it like this:
Your server logs show that someone in your network of 1000 computers is sending 10000 spam messages every hour.
You have filtered sending workstation information away from your server because you have security concerns about hostname like CPU00030 and private network address like 10.1.0.0.
How do you diagnose which one of the workstations is actually sending the spam?
Do you simply kill the entire server and take off email for entire company?
Kill network segments one by one to see which of the networks is source for spam, stopping work on several departments?

By eliminating that information, you'll cause yourself more harm rather than increasing security.

Appreciate everyone for sharing your own experience.
I understand where you guys are coming from... But let's assume that knowing all this, but still I do not wish to leak out my client IP information from the e-mail header, is it possible to do so. If it is possible, can anyone share some light on this? A million thanks.

**kruon** · 07-11-2012, 12:58 AM

You can use postfix header checks in main.cf:

header_checks = pcre:/etc/postfix/header_checks

The file should contain regular expressions and what they should be rewritten to, something like:

/^(Received: .*CPU.*)/ REPLACE X-Recieved: IANA — Example domains

But I still advise against this, some spam filters might consider your messages as spam, since they like to check originating IP is sane.
Also, zimbra likes to overwrite its postfix settings files, so make sure you place the changes in one that's not regenerated when zimbra restarts.

**wcpon** · 07-11-2012, 01:58 AM

Originally Posted by kruon

You can use postfix header checks in main.cf:

header_checks = pcre:/etc/postfix/header_checks

The file should contain regular expressions and what they should be rewritten to, something like:

/^(Received: .*CPU.*)/ REPLACE X-Recieved: IANA — Example domains

But I still advise against this, some spam filters might consider your messages as spam, since they like to check originating IP is sane.
Also, zimbra likes to overwrite its postfix settings files, so make sure you place the changes in one that's not regenerated when zimbra restarts.

Thanks for your reply.

Just to check, are there option 2 if I do not wish to amend the main.cf ?

**phoenix** · 07-11-2012, 02:57 AM

Originally Posted by wcpon

Just security concern, I just do not wish to publish my local pc details to outsider.

I find it rather amusing that you make that statement and you then post the information in a public forum that's indexed by every search engine on the planet.

Originally Posted by wcpon

Just to check with you, can I eliminate this details from my email sending?

It really is a waste of your time and serves no useful purpose.

**wcpon** · 07-11-2012, 03:33 AM

Originally Posted by phoenix

I find it rather amusing that you make that statement and you then post the information in a public forum that's indexed by every search engine on the planet.

It really is a waste of your time and serves no useful purpose.

Apologizes if I posted something that you feel not make sense...

But this is my concern before I raise the post, the reason I posted is want to get the advice from the expert in the forum...
I search from the search engine, there are some others people also asked the same question...

Appreciate it that you guys advice on my problems...

**phoenix** · 07-11-2012, 04:26 AM

You're behind a NAT router and (I'm assuming) if you don't have any ports open to your PC then it makes no difference to your 'security' if people know your LAN IP address or the machine name. There is no access from the internet to a machine that's on a LAN unless those ports are open - if you have a breach of your security then you have a far greater problem than worrying about whether someone 'outside' know your LAN IP address. As I've already said, it's of no consequence that your IP address or machine name are known to the world - if you hide it your security does not increase one tiny bit. You are far better directing your efforts to keeping your LAN secure but this is not something that needs to be hidden. I've been using Zimbra for seven years and various other mail servers for a lot longer than I care to remember, having my LAN IP and machine name in an email has never once caused a problem. You can do it as has been mentioned above but you'll have to remember to make the changes after each ZCS upgrade. Save yourself some energy and don't bother doing it.

Zimbra

Thread: Sender Information Disclose When Sending Out an Email

LinkBack

Thread Tools

Search Thread

Display

Sender Information Disclose When Sending Out an Email

Thread Information

Users Browsing this Thread

Similar Threads

SAID: 450 4.7.0 you are sending too many emails... slow down[sender] (in reply to com

How to use custom sender when sending an email. (To get rid of spam)

Get all sender email

Wierd Email sender

Sending Contact Information in Web Client

Tags for this Thread

Posting Permissions