How to hide IP address when sending emails?

How to configure postfix to hide the client IP address when sending email? By default, postfix will add a “Received:” header to emails it receives. The “Received:” header leaks the privacy such as your home IP address and your computer name(Yes, email client such as outlook express will send your computer name rather than a FQDN in the EHLO command). There are several methods to keep you anonymized.

First, you can config postfix to remove the “Received:” header from messages: Set the header_checks           = regexp:/etc/postfix/header_checks in /etc/postfix/main.cf, and edit /etc/postfix/header_checks to include the following line:

/^Received:/ IGNORE
This way, postfix will match every header beginning with “Received:” and get rid of these headers(this is what the “IGNORE” action does). However, if you use opendkim with postfix, the missing “Received:” header will make opendkim not work. You will find the DKIM-Signature header is missing and a new header appears to indicate this error:

Authentication-Results: domainhostseotool.com; dkim=permerror (bad message/signature format)

Second, you can use the REPLACE action in /etc/postfix/header_checks to replace the client IP address with another value so as not to expose the original IP address. We use the regex in this post to match the “Received:” header. In order to make the regex work, you should add a line in /etc/postfix/main.cf:

smtpd_sasl_authenticated_header = yes

This will instruct postfix to generate the string like “Authenticated sender: admin@domainhostseotool.com” in the “Received:” header, and the following regular expression will catch the “Received:” header, then the replace action will rewrite the header to hide the IP.

Note there are two lines: one is the regexp, the other is the replace action.

The benefit of this method is that it will not break opendkim but also keep the “Received:” header in incoming emails untouched because it does not contain the “Authenticated sender” pattern. Only outgoing emails alter their  “Received:” header.

 

 

Posted in tips of hosting