[BlueOnyx:26025] BlueOnyx 5210R/5211R with Postfix: "Hide Previous Headers"

[Michael Stauber]

Hi all,

All BlueOnyx versions with Sendmail have a neat option under "Server 
Management" / "Network Services" / "Email" in the "Advanced" tab:

"Hide Previous Headers"

If this checkbox is ticked and an authorized and authenticated user 
sends an email through the Submission port (587/TCP) of your BlueOnyx, 
then the sent email will not include headers that disclose the IP 
address of the initial device (PC, phone, whatever) from which the email 
originated.

Instead the first "Received" header in the email will be from your 
BlueOnyx through which the Email was sent via the SMTP Submission-Port.

If Postfix was configured as MTA (instead of Sendmail), then the field 
"Hide Previous Headers" was hidden in the GUI and our Postfix ignored 
it. Postfix would always include all headers in that case.

Now with the new AV-SPAM available a few of our users have issues with 
RBL checks firing on the originating headers of the sending users. Like 
someone sending an email from his dynamic broadband IP at home, 
SpamAssassin seeing that IP in the "Received" headers and this then 
triggering RBL checks on said home-IP because some RBLs list broadband 
consumer IPs by default.

For that reason the feature "Hide Previous Headers" is now also 
available on BlueOnyx 5210R and 5211R even if they use Postfix instead 
of Sendmail.

Respective base-email-* RPMs have just been published. The feature "Hide 
Previous Headers" is disabled by default, but you can now turn it on of 
you need to or want to.

Benefit: Hides the IP of authenticated users. RBLs won't trigger on said 
IP should it be blacklisted somewhere. Protects the privacy of your users.

Drawback: Might make troubleshooting email "Received" headers more 
difficult, but your /var/log/maillog will still have the missing 
information.

-- 
With best regards

Michael Stauber