Results 1 to 10 of 10

Thread: Removing "Received: localhost" header

  1. #1
    cerri is offline Member
    Join Date
    Jan 2013
    Posts
    14
    Rep Power
    2

    Unhappy Removing "Received: localhost" header

    Hi to all,

    I've spent about 3 hours to try to remove the "Received: localhost" header from zimbra mails.
    I've modified the amavis.conf.in adding two lines:

    $insert_received_line = 0;
    $allowed_added_header_fields{lc('Received')} = 0;

    I've modified the postftix_header_checks.in with

    /^Received: from localhost/ IGNORE
    /^Received: from localhost.* by FQ\.D\.N/ IGNORE

    But I cannot succeded.
    The mod in amavis.conf did a part of the trick, because it removed the amavisd part, but I'm stuck with the other part.
    This is an example of a mail:

    Code:
    Delivered-To: MYMAIL
    Received: by 10.68.125.34 with SMTP id mn2csp186802pbb;
            Tue, 15 Jan 2013 15:06:41 -0800 (PST)
    X-Received: by 10.50.91.168 with SMTP id cf8mr3309322igb.20.1358291201293;
            Tue, 15 Jan 2013 15:06:41 -0800 (PST)
    Return-Path: <ORIGINATINGMAIL>
    Received: from FQDN (FQDN. [IP])
            by mx.google.com with ESMTP id wx9si5687547igb.20.2013.01.15.15.06.38;
            Tue, 15 Jan 2013 15:06:39 -0800 (PST)
    Received-SPF: pass (google.com: domain of ORIGINATINGMAIL designates IP as permitted sender) client-ip=IP;
    Authentication-Results: mx.google.com;
           spf=pass (google.com: domain of ORIGINATINGMAIL designates IP as permitted sender) smtp.mail=ORIGINATINGMAIL;
           dkim=pass header.i=@ORIGINATINGDOMAIN
    Received: from localhost (localhost [127.0.0.1])
    	by FQDNit (Postfix) with ESMTP id 51AB6321927
    	for <MYMAIL>; Wed, 16 Jan 2013 00:07:24 +0100 (CET)
    X-Virus-Scanned: amavisd-new at DOMAIN
    Received: from localhost (localhost [127.0.0.1])
    	by FQDN (Postfix) with ESMTP id B2134321926
    	for <MYMAIL>; Wed, 16 Jan 2013 00:07:23 +0100 (CET)
    DKIM-Filter: OpenDKIM Filter v2.7.1 FQDN B2134321926
    DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=DOMAIN;
    	s=1F3A6370-42ED-11E2-ABFE-A5E20191D087; t=1358291243;
    	bh=PS8W1bl9ClumuLdvbhvxwc+izFwmhzDXK0/6xzb2OtA=;
    	h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type:
    	 Content-Transfer-Encoding;
    	b=d1qmKbI2McHuwrIee1qihb7qYvXv2ByQUxNd0wj95R2+fu3u9MXC0+2bQEwRzBw4t
    	 kwdXTrWuMVmtqMRK/V/lQZ4VpADjbF6NtsM0lpPZpa/pNnOrRSIj4t2mry10swGL9T
    	 9kMCIQoprL6V6hgnXxTBHlFZaY6tGyrWqPA3tkb0=
    X-Virus-Scanned: amavisd-new at DOMAIN
    Received: from FQDN (FQDN [IP])
    	by FQDN (Postfix) with ESMTP id 2A61732190B
    	for <MYMAIL>; Wed, 16 Jan 2013 00:07:23 +0100 (CET)
    Date: Wed, 16 Jan 2013 00:07:21 +0100 (CET)
    I've stripped many informations but I think that the code is clear.
    Anyone can help me?

    Thanks

  2. #2
    cerri is offline Member
    Join Date
    Jan 2013
    Posts
    14
    Rep Power
    2

    Default

    Can someone help me?
    Thanks

  3. #3
    cerri is offline Member
    Join Date
    Jan 2013
    Posts
    14
    Rep Power
    2

    Default

    This problem is very important because all emails through Zimbra trigger Spamassassin RCVD_ILLEGAL_IP check.
    No-one can help me with?

  4. #4
    snpz's Avatar
    snpz is offline Intermediate Member
    Join Date
    Mar 2009
    Location
    Riga, Latvia
    Posts
    23
    Rep Power
    6

    Default

    Quote Originally Posted by cerri View Post
    This problem is very important because all emails through Zimbra trigger Spamassassin RCVD_ILLEGAL_IP check.
    No-one can help me with?
    I'm having the same problem, but no solution at all or reaction from

  5. #5
    cerri is offline Member
    Join Date
    Jan 2013
    Posts
    14
    Rep Power
    2

    Default

    I'll be very happy if someone could help!

  6. #6
    slickdakine is offline Junior Member
    Join Date
    Aug 2013
    Posts
    7
    Rep Power
    1

    Default

    I too am having this problem. I think those who aren't having this problem have established mail servers, with good reputation related to their public IPs, so Gmail and Hotmail let their messages through even though it has the localhost and 127.0.0.1 in the headers.

    We recently setup a new server with a new IP and domain. The IP is clean and passes all the spam database checks, however it doesn't have rep.
    I've ran all the mail tests I could find on several sites, including mxtoolbox, and the server passes with 0 problems.
    On Email Security Grader - Test your mail server it scored:

    Overall Configuration Score: 97%
    Rank: 171th place out of 37420 domains tested
    Percentile: 99th
    Status: VERY STRONG SECURITY
    PASSED ALL OF THE FOLLOWING TESTS:
    MX Connection Test
    Reverse DNS Test
    DNSBL Verification Test
    SPF Server Test
    SPF Client Test
    Open Relay and Email Format Test
    SMTP Plain Text Authentication Test
    POP3 Connection Test
    IMAP Connection and Authentication Test

    All email, even standard plain text emails being sent from the new server are being sent to the spam folders at Gmail and Hotmail.
    Gmail's reason is: "Why is this message in Spam? It's similar to messages that were detected by our spam filters."
    Further reading here for that specific reason:
    https://support.google.com/mail/answ...=mail&expand=5
    "Messages sent from accounts or IP addresses that have sent other spam messages"

    How much spam has been sent with the IP 127.0.0.1 in the headers? I imagine a lot.
    Having localhost and 127.0.0.1 in the headers is the only suspicious thing I can find. I found another thread where instructions were given on how to remove them on previous versions of Zimbra, however I was not able to get it to work on Zimbra 8:
    Changing localhost (localhost.localdomain [127.0.0.1]) in message headers

    Much thanks to anyone who knows how to do this on Zimbra 8!!

  7. #7
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by slickdakine View Post
    I too am having this problem. I think those who aren't having this problem have established mail servers, with good reputation related to their public IPs,
    That would be good if it were true, my server gets a much lower score on your reputation test mentioned below. It scores 70% and is 5307th on the list of tested domain, so how can I send mail to gmail and hotmail without any problems?

    Quote Originally Posted by slickdakine View Post
    so Gmail and Hotmail let their messages through even though it has the localhost and 127.0.0.1 in the headers.
    I have those headers in my email and it causes me no problems whatsoever and never has.

    Quote Originally Posted by slickdakine View Post
    All email, even standard plain text emails being sent from the new server are being sent to the spam folders at Gmail and Hotmail.
    Gmail's reason is: "Why is this message in Spam? It's similar to messages that were detected by our spam filters."
    Further reading here for that specific reason:
    https://support.google.com/mail/answ...=mail&expand=5
    "Messages sent from accounts or IP addresses that have sent other spam messages"
    So what steps have you taken to resolve the issues with sending mail to gmail and hotmail? For example, have you actually implemented DKIM? As there's no mention of it in your post I'd suggest you implement that. Perhaps your netblock or your ISP is part of the problem?

    My opinion is that mail server 'reputation' checking is highly overrated as a means for checking whether you are a spam source and most mail server will check sources where they can actually verify the state of your server i.e. DKIM, SPF, DMARC and good RBL lists to see if your server is actually a spam source.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  8. #8
    slickdakine is offline Junior Member
    Join Date
    Aug 2013
    Posts
    7
    Rep Power
    1

    Default

    Hi Bill,

    Thanks for taking the time to look at this. I put my responses below yours.

    That would be good if it were true, my server gets a much lower score on your reputation test mentioned below. It scores 70% and is 5307th on the list of tested domain, so how can I send mail to gmail and hotmail without any problems?
    I have those headers in my email and it causes me no problems whatsoever and never has.
    Oh that test doesn't check your "rep". It only checks your servers configuration and if its on any blacklists.
    I'm sorry, I don't think I explained what I understand "rep" to be. You can check your IP's rep by going to:
    https://www.senderscore.org (the domain I'm having issues with scored "Insufficient Email Seen")
    and also:
    SenderBase (the domain, IP and mail server all score "Neutral")
    Because its a new server, domain and new IP they have no rep yet. I imagine your mail server does. I think this is why established servers are able to get mail through with "localhost" in the headers. Of course this is just the way I understand it. The only way to truely test it would be to send an email without "localhost" in the headers.

    So what steps have you taken to resolve the issues with sending mail to gmail and hotmail? For example, have you actually implemented DKIM? As there's no mention of it in your post I'd suggest you implement that. Perhaps your netblock or your ISP is part of the problem?
    The domain has SPF, DKIM, DMARC, ADSP all implemented and working.
    I confirmed this by running these tests:
    Port 25's Auth Verifier:
    check-auth@verifier.port25.com
    UnlockTheMailBox's Mail Tests:
    mailtest@unlocktheinbox.com
    AllAboutSpams's Email Server Tests:
    test@allaboutspam.com
    The server/domain/ip passes every test on every one of those sites. That is why it has such a high security score at Email Security Grader - Test your mail server
    I also confirmed that the above services are working within the headers of email sent to several Gmail accounts (thats residing in the spam folder).
    Spam Assassian is rating the emails -3.1 (where 5 or higher is considered spam).
    The emails are not commercial in nature.
    I'm not sure about the netblock or the ISP being a problem. The IP is not on any blacklists. I've tested prob. over 10 different websites that check 30+ blacklists, and the IP is clean.

    Would there be a way for me to send a test email from my Zimbra server at the prompt, that would send it without the "localhost" in the headers?
    That would be the true test to see if this is what is causing the problem or not. In the end, I can see the diagnostic reasons for the headers if your trying to find a problem with a mail server, but they should have a checkbox that allows you to disable them when not needed.

    If you check:
    http://wiki.apache.org/spamassassin/...CVD_ILLEGAL_IP
    As mentioned above, you'll find that using localhost and 127.0.0.1 can cause SpamAssassin to give a RCVD_ILLEGAL_IP error.

    Again, if anyone knows how to remove localhost or 127.0.0.1 out of the headers, we would be very thankful!


    *******
    PS- Here is a start in the right direction:
    To disable X-Originating-IP goto Global MTA Settings in the Admin GUI and uncheck the box that enables X-Originating-IP.
    To disable X-Mailer in header:
    As Zimbra run:
    zmprov mcf zimbraSmtpSendAddMailer "FALSE";
    Found here along with reasons why you would want to disable them: How to disable X-Mailer and X-Virus-Scanned
    Sooner or later we'll have these headers cleaned up!

    *********************
    PSS- I finally found out why my messages were going to spam.
    My SPF record looked something like this:
    SPF: v=spf1 mx ip4:abc.abc.abc.abc mx:mail.mydomain.com -all
    I used microsoft's wizard to create the SPF string. It also passed all the SPF checks.
    However, Gmail and Hotmail didn't like the double reference to the mail server (one being IP, the other being DNS name) and would put my email in the spam folder.
    I ended up revising it to something like:
    Revised SPF: v=spf1 ip4:abc.abc.abc.abc -all
    Now all my mail arrives in the inbox at both Hotmail and Gmail.

    On an ending note, I still would like to know how to disable these headers. I think it would be best to have them as an option, like X-Originating IP, that can be enabled for diagnostic purposes when needed, disabled when not.
    Last edited by slickdakine; 08-19-2013 at 02:13 AM.

  9. #9
    winston6071 is offline Member
    Join Date
    Jun 2012
    Posts
    12
    Rep Power
    2

    Default

    is there a solution out there really working now for hiding for 8.0.6

    Received: from email.maydomain.at (localhost.localdomain [127.0.0.1])

    i tried
    vi main.cf
    header_check = /opt/zimbra/postfix/postfix_header_check

    vi /opt/zimbra/postfix/postfix_header_check.in
    vi /opt/zimbra/postfix/postfix_header_check
    /^Received:\ .*/ IGNORE
    /^X-Originating-IP:/ IGNORE

    zmprov mcf zimbraSmtpSendAddMailer "FALSE";

    X-originating Add --> Admin Gui unter MTA

    NO Running Spam amavis

    thanks

    cheers

  10. #10
    winston6071 is offline Member
    Join Date
    Jun 2012
    Posts
    12
    Rep Power
    2

    Default

    Quote Originally Posted by winston6071 View Post
    is there a solution out there really working now for hiding for 8.0.6

    Received: from email.maydomain.at (localhost.localdomain [127.0.0.1])

    i tried
    vi main.cf
    header_check = /opt/zimbra/postfix/postfix_header_check

    vi /opt/zimbra/postfix/postfix_header_check.in
    vi /opt/zimbra/postfix/postfix_header_check
    /^Received:\ .*/ IGNORE
    /^X-Originating-IP:/ IGNORE

    zmprov mcf zimbraSmtpSendAddMailer "FALSE";

    X-originating Add --> Admin Gui unter MTA

    NO Running Spam amavis

    thanks

    cheers
    OK This was the Solution
    because zimbra overrites the main.cf added this as workaround found here [SOLVED] zimbra 8 header_checks | HF*P
    vi /opt/zimbra/bin/postfix

    adding this
    postconf -e header_checks=pcre:/opt/zimbra/conf/postfix_header_checks

    above this line
    sudo ${zimbra_home}/postfix/sbin/postfix "$@"

    If there is a better Solution please let me know

    thanks

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. customize the format for "Received" and "Sent"
    By tiger2000 in forum Administrators
    Replies: 4
    Last Post: 01-05-2013, 12:38 PM
  2. Replies: 0
    Last Post: 09-24-2009, 05:20 AM
  3. Replies: 1
    Last Post: 06-24-2008, 04:42 AM
  4. BAD HEADER Duplicate header field: "Message-ID"
    By mezza in forum Administrators
    Replies: 4
    Last Post: 12-06-2007, 08:01 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •