Date: Wed, 15 May 2002 21:17:09 +0200 From: Brad Knowles <brad.knowles@skynet.be> To: anderson@centtech.com, Rahul Siddharthan <rsidd@online.fr> Cc: freebsd-chat@freebsd.org Subject: Re: internal hosts in email Message-ID: <p0511170ab90863eb9460@[10.0.1.37]> In-Reply-To: <3CE27739.E009411E@centtech.com> References: <3CE2702A.A67642FE@centtech.com> <20020515164724.S82994@lpt.ens.fr> <3CE27739.E009411E@centtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 9:56 AM -0500 2002/05/15, Eric Anderson wrote:
> I don't use procmail, so I'd hate to add another chunk of binary
> goo to my mail server for that. I'm sure someone has an m4 trick.
> Thanks for the hints, I'll keep that in mind if we do have to use
> procmail.
While I agree with the "there's no sense in exposing unnecessary
information" philosophy, I'm with Drew on this one. I have yet to
hear a valid reason for stripping these headers, outside of anonymous
remailers. And even then I wouldn't strip them, but encrypt them
instead (so that the information is recoverable if the right key is
used).
The only sendmail way to solve this problem (so far as I know) is
to have a modified sendmail binary that is configured to strip all
"Received:" headers (i.e., go hack the source code), and to use that
on the inside of your mail firewall. Make sure to use the "real"
sendmail binary on the outside.
Other MTAs may have other ways to solve this problem, but I am
not aware of an easy way to do that with sendmail.
--
Brad Knowles, <brad.knowles@skynet.be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p0511170ab90863eb9460>