From owner-freebsd-chat Wed May 15 12:24:11 2002 Delivered-To: freebsd-chat@freebsd.org Received: from excalibur.skynet.be (excalibur.skynet.be [195.238.3.90]) by hub.freebsd.org (Postfix) with ESMTP id 36E4337B400 for ; Wed, 15 May 2002 12:24:07 -0700 (PDT) Received: from [10.0.1.37] (ip-27.shub-internet.org [194.78.144.27] (may be forged)) by excalibur.skynet.be (8.11.6/8.11.6/Skynet-OUT-2.19) with ESMTP id g4FJMvH00244; Wed, 15 May 2002 21:22:58 +0200 (MET DST) (envelope-from ) Mime-Version: 1.0 X-Sender: bs663385@pop.skynet.be Message-Id: In-Reply-To: <3CE27739.E009411E@centtech.com> References: <3CE2702A.A67642FE@centtech.com> <20020515164724.S82994@lpt.ens.fr> <3CE27739.E009411E@centtech.com> X-Grok: +++ath X-WebTV-Stationery: Standard; BGColor=black; TextColor=black Reply-By: Wed, 1 Jan 1984 12:34:56 +0100 X-Message-Flag: Your copy of Outlook will expire in 3 days. Please contact Microsoft about purchasing a new license. Remember: software piracy is a felony! Date: Wed, 15 May 2002 21:17:09 +0200 To: anderson@centtech.com, Rahul Siddharthan From: Brad Knowles Subject: Re: internal hosts in email Cc: freebsd-chat@freebsd.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 9:56 AM -0500 2002/05/15, Eric Anderson wrote: > I don't use procmail, so I'd hate to add another chunk of binary > goo to my mail server for that. I'm sure someone has an m4 trick. > Thanks for the hints, I'll keep that in mind if we do have to use > procmail. While I agree with the "there's no sense in exposing unnecessary information" philosophy, I'm with Drew on this one. I have yet to hear a valid reason for stripping these headers, outside of anonymous remailers. And even then I wouldn't strip them, but encrypt them instead (so that the information is recoverable if the right key is used). The only sendmail way to solve this problem (so far as I know) is to have a modified sendmail binary that is configured to strip all "Received:" headers (i.e., go hack the source code), and to use that on the inside of your mail firewall. Make sure to use the "real" sendmail binary on the outside. Other MTAs may have other ways to solve this problem, but I am not aware of an easy way to do that with sendmail. -- Brad Knowles, "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message