So, I've been hosting my own email server for a couple of months, I don't use it a lot, but is nice to have something 'private' and off the record for Big Brother.
Anyway, little i knew that i was missing something important (at this point i didn't have a problem but could be useful from now), and it was SMTP headers.
When you send an email from a client, your client connects to the email server, then the server connects to the email server of the person you are sending the email and it is like this:
pc <-> [your server] <-> [external server] <-> your friend pc
While the message is being delivered, some information that could be used to get someone's private information is passed over the emails, like the email client you are using, your IP and the hostname of your computer:
This is how an email i sent to myself looks:
Received: from server.myemailserver.com ([127.0.0.1]) by server.myemailserver.com (server.myemailserver.com [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id oyhKc9rGfSRW for <email@example.com>; Fri, 6 Jan 2017 05:32:10 +0100 (CET) Received: from Debian (unknown [184.108.40.206 ]) by server.myemailserver.com (Postfix) with ESMTPSA id BAD241080028 for <firstname.lastname@example.org>; Fri, 6 Jan 2017 05:32:02 +0100 (CET) Message-ID: <email@example.com> Subject: wewlad From: Bryan Hernandez <firstname.lastname@example.org> To: email@example.com Date: Thu, 05 Jan 2017 22:31:41 -0600 X-Mailer: Evolution 3.22.3
As you can see, it's leaking my machine name
Debian, my IP address
unknown [220.127.116.11] and my client
X-Mailer: Evolution 3.22.3
That kind of information, as i said before, could be useful to track down activist, or anyone who needs strong OPSEC rules, so, in order to remove that from the emails, before it gets delivered, we create or open a new file:
vim /etc/postfix/header_checks i
(the i is to put vim in editing mode)
we paste the following:
/^Received:/ IGNORE /^X-Originating-IP:/ IGNORE /^X-Mailer:/ IGNORE /^Mime-Version:/ REPLACE Mime-Version: 1.0 /^\s*User-Agent/ IGNORE /^\s*X-Enigmail/ IGNORE /^X-PHP-Originating-Script:/ IGNORE /^Message-Id:/ IGNORE
To exit vim we press
ESC then we press the following:
:x, that will save and exit the editor.
We repeat the vim process and open
and post the following:
mime_header_checks = regexp:/etc/postfix/header_checks header_checks = regexp:/etc/postfix/header_checks
and finally, we restart posfix:
postmap /etc/postfix/header_checks postfix reload
Now, if you are careful, you will see what it does, it's pretty simple, if the email postfix receives has in its header something like 'User-Agent', 'X-Mailer', 'Received', postfix will ignore them and will continue passing the email on its way for the receiver.
That's all. :)
if you see a new email, the headers will be this:
Received: from server.myemailserver.com ([127.0.0.1]) by server.myemailserver.com (server.myemailserver.com [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id yCTYjXhXtgMK for <firstname.lastname@example.org>; Fri, 6 Jan 2017 06:07:13 +0100 (CET) Subject: last test From: Bryan Hernandez <email@example.com> To: firstname.lastname@example.org Date: Thu, 05 Jan 2017 23:07:06 -0600 Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Message-ID: <20170106050714.123D3108055F@myemailserver.com>
Note: Pretty much i just copypasted from
But welp, from 2013 to 2017 some times has passed, so I wanted to make sure that still works.
I also did this in some iRedMail installation, the only different thing was that I only had to add
mime_header_checks = regexp:/etc/postfix/header_checks, the other line was already there.