From f7b9c723e6cef13fc5c1b2bc316817c0364e8739 Mon Sep 17 00:00:00 2001 From: Xiao Pan Date: Fri, 28 Feb 2025 03:02:44 +0000 Subject: postfix hide client hostname and ip Details see `man postconf.5`. It seems smtpd_hide_client_session config for port 25 smtp MTA this must be no, port 587 and 465 (submission and submissions) MTU can be set to yes in master.cf. Port 25 smtp MTA receives messages from others to me. Port 587 and 465 (submission and submissions) MTU receives messages from me to others. main.cf is configs for all. master.cf I can set configs specifically to submission and submissions. Before, when others receives my email that send from my laptop, it will leak my laptop's hostname and ip in one of its `Received` header like `Received: from ( []) by mail.flylightning.xyz ...`. After set smtpd_hide_client_session to yes, that line changed to `Received: by mail.flylightning.xyz ...`, note there's no `from ...` that leaks my ip. --- etc/postfix/master.cf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/postfix/master.cf b/etc/postfix/master.cf index 00bb1250..195327d4 100644 --- a/etc/postfix/master.cf +++ b/etc/postfix/master.cf @@ -26,7 +26,7 @@ submission inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_auth_only=yes # -o local_header_rewrite_clients=static:all -# -o smtpd_hide_client_session=yes + -o smtpd_hide_client_session=yes -o smtpd_reject_unlisted_recipient=no # Instead of specifying complex smtpd__restrictions here, # specify "smtpd__restrictions=$mua__restrictions" @@ -46,7 +46,7 @@ submissions inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes # -o local_header_rewrite_clients=static:all -# -o smtpd_hide_client_session=yes + -o smtpd_hide_client_session=yes -o smtpd_reject_unlisted_recipient=no # Instead of specifying complex smtpd__restrictions here, # specify "smtpd__restrictions=$mua__restrictions" -- cgit v1.2.3-70-g09d2