1 (edited by PineMail11 2011-08-04 13:04:50)

Topic: [Solved] Header IP 127.0.0.1

Hi,

Is there any way to remove or change local ip ( 127.0.0.1) to internal IP ( 192.168.1.15) or external IP ( 123.456.789.012) from the header which is received by any recipient, Here is a typical header received by gmail id when it was sent from iredmail.

Delivered-To: abcd@gmail.com
Received: by 10.204.118.148 with SMTP id v20cs51876bkq;
        Sun, 17 Jul 2011 23:17:38 -0700 (PDT)
Received: by 10.142.149.30 with SMTP id w30mr2969017wfd.411.1310969857490;
        Sun, 17 Jul 2011 23:17:37 -0700 (PDT)
Return-Path: <iredmailuser@iredmaildomain.com>
Received: from iredmail.hostname.com(iredmail.hostname.com[123.456.789.012])
        by mx.google.com with ESMTP id r18si11337169wfd.129.2011.07.17.23.17.34;
        Sun, 17 Jul 2011 23:17:36 -0700 (PDT)
Received-SPF: pass (google.com: domain of iredmailuser@iredmaildomain.com designates 123.456.789.012 as permitted sender) client-ip=123.456.789.012;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of iredmailuser@iredmaildomain.com designates 123.456.789.012 as permitted sender) smtp.mail=iredmailuser@iredmaildomain.com
Received: from localhost (iredmail.hostname.com[127.0.0.1])
        by iredmail.hostname.com(MS EX SMTP) with ESMTP id 9495B157E01;
        Mon, 18 Jul 2011 11:47:32 +0530 (IST)
X-Virus-Scanned: amavisd-new at safe1.securemailsystem.com
Received: from iredmail.hostname.com([127.0.0.1])
        by localhost (iredmail.hostname.com[127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id 4SNCleT7lzLm; Mon, 18 Jul 2011 11:47:31 +0530 (IST)
Received: from mail.ivaluemea.com (iredmail.hostname.com[127.0.0.1])
        by iredmail.hostname.com(MS EX SMTP) with ESMTPA id 6B40D157DF8;
        Mon, 18 Jul 2011 11:47:28 +0530 (IST)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
format=flowed
Content-Transfer-Encoding: 7bit

Thanks in advance.

Pine Apps Admin

2

Re: [Solved] Header IP 127.0.0.1

May i know why you want to replace it? It doesn't matter at all.
If you really want to replace it, try postfix header_checks(5), action 'REPLACE':
http://www.postfix.org/header_checks.5.html

Also, there's a sample file available on your server, /etc/postfix/header_checks.pcre, generated by iRedMail.

3

Re: [Solved] Header IP 127.0.0.1

We have experienced that certain anti spam solutions solutions blocks / quarantine mails with 127.0.0.1.

Thanks for the help, we will look into it.

Regards,

PineApp Admin

4

Re: [Solved] Header IP 127.0.0.1

Please don't forget to share with us how you solved it. smile

5

Re: [Solved] Header IP 127.0.0.1

I updated following files and I was able to remove one internal header.

header_checks = pcre:/etc/postfix/header_checks.pcre              in main.cf
/^Received: from .*127.0.0.1*/    IGNORE                                    in /etc/postfix/header_checks.pcre

Now header look like as follows

Delivered-To: abcd@gmail.com
Received: by 10.204.118.148 with SMTP id v20cs51876bkq;
        Sun, 17 Jul 2011 23:17:38 -0700 (PDT)
Received: by 10.142.149.30 with SMTP id w30mr2969017wfd.411.1310969857490;
        Sun, 17 Jul 2011 23:17:37 -0700 (PDT)
Return-Path: <iredmailuser@iredmaildomain.com>
Received: from iredmail.hostname.com(iredmail.hostname.com[123.456.789.012])
        by mx.google.com with ESMTP id r18si11337169wfd.129.2011.07.17.23.17.34;
        Sun, 17 Jul 2011 23:17:36 -0700 (PDT)
Received-SPF: pass (google.com: domain of iredmailuser@iredmaildomain.com designates 123.456.789.012 as permitted sender) client-ip=123.456.789.012;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of iredmailuser@iredmaildomain.com designates 123.456.789.012 as permitted sender) smtp.mail=iredmailuser@iredmaildomain.com
Received: from localhost (iredmail.hostname.com[127.0.0.1])
        by iredmail.hostname.com(MS EX SMTP) with ESMTP id 9495B157E01;
        Mon, 18 Jul 2011 11:47:32 +0530 (IST)
X-Virus-Scanned: amavisd-new at safe1.securemailsystem.com
Received: from iredmail.hostname.com([127.0.0.1])
        by localhost (iredmail.hostname.com[127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id 4SNCleT7lzLm; Mon, 18 Jul 2011 11:47:31 +0530 (IST)

MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
format=flowed
Content-Transfer-Encoding: 7bit


Is there any way to remove other two internal headers?

Thanks in advance

Regards,

PineApps Admin

6

Re: [Solved] Header IP 127.0.0.1

Why action 'IGNORE' instead of 'REPLACE'?
You can add two more header check rule to replace them.

7

Re: [Solved] Header IP 127.0.0.1

'IGNORE' action is much better in fact it helps in removing the entire internal header which creates unwanted SPAM issues sometime.

with " /^Received: from .*127.0.0.1*/    IGNORE "  command I am able to remove first header, I don't know how to remove the remaining two internal headers.

Thanks in advance

Pine Apps Admin

8

Re: [Solved] Header IP 127.0.0.1

we could figured out why those two local headers were not getting removed. look like header_checks works till it sends to amavisd, header generated by amavisd are not getting removed with this command. as soon as we disabled amavisd all the remaining  unwanted headers were removed. so it is not the right approach to disable amavisd to achieve this.

Is there any way to remove headers from amavisd?

Regards,

Pine Mail Admin

9

Re: [Solved] Header IP 127.0.0.1

Can you show us original headers, and which headers do you want to remove/ignore? (You showed one in above post, but i didn't fully understood which headers you want to remove/ignore.)

10

Re: [Solved] Header IP 127.0.0.1

PineMail11 wrote:

Received: from iredmail.hostname.com([127.0.0.1])
        by localhost (iredmail.hostname.com[127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id 4SNCleT7lzLm; Mon, 18 Jul 2011 11:47:31 +0530 (IST)

Try to add '$insert_received_line = 0;' in /etc/amavisd.conf, then Amavisd won't insert above header at all.
Maybe you can try to add two header_checks rule to remove two headers.

I want to repeat my opinion, it's not recommended to remove mail headers.
And, mail headers are easy to forge, mail header based anti-spam is not so trustworthy. (DKIM/SPF will query DNS for addition info, so they're ok.)

11

Re: [Solved] Header IP 127.0.0.1

ZhangHuangbin wrote:

ot so trustwor

Thanks for the suggestion, we understand DKIM and SPF, definitely we are keeping close watch while doing such changes.

We are not intended remove header(s) which are the base to authenticate email.

Regards,

Pine Mail Admin

12

Re: [Solved] Header IP 127.0.0.1

Thanks Zhang!

it worked!

Regards,

Pine Mail Admin