In the email headers there is some sensitive information. Where the connection originated from, which client is used.
Can this be stripped so that the received does not gain information about you and keep it down to only the essential parts?
Example:
Return-Path: <[email protected]>
Received-SPF: pass (domain.example: 35.157.0.0 is authorized to use '[email protected]' in 'mfrom' identity (mechanism 'mx' matched)) receiver=mail.example; identity=mailfrom; envelope-from="[email protected]"; helo=mail.domain.example; client-ip=35.157.0.0
Received: from mail.domain.example (mail.domain.example [35.157.0.0])
by mail.domain.example (Postfix) with ESMTPS id 062112E097F
for <[email protected]>; Sun, 6 Aug 2017 12:19:30 +0300 (MSK)
Received: from localhost (localhost [127.0.0.1])
by mail.domain.example (Postfix) with ESMTP id 7A80518003D;
Sun, 6 Aug 2017 09:19:28 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at domain.example
Received: from mail.domain.example ([127.0.0.1])
by localhost (mail.domain.example [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id ixpQhbfk0t-s; Sun, 6 Aug 2017 09:19:27 +0000 (UTC)
Received: from iMac.local (unknown [88.159.0.0])
(Authenticated sender: [email protected])
by mail.domain.example (Postfix) with ESMTPSA id 5CE1D18003A;
Sun, 6 Aug 2017 09:19:27 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=domain.example;
s=mail; t=1502011167;
To: [email protected]
From: Johan Smits <[email protected]>
Subject: Abuse
Message-ID: <[email protected]>
Disposition-Notification-To: Johan Smits <[email protected]>
Date: Sun, 6 Aug 2017 11:19:24 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0)
Gecko/20100101 Thunderbird/52.2.1
Should remove these items:
- User-Agent
- Received: from iMac.local (unknown [88.159.0.0])
- Received: from mail.domain.example ([127.0.0.1])
- X-Virus-Scanned: Debian amavisd-new at domain.example
- Received: from localhost (localhost [127.0.0.1])
It reveals you personal IP, the OS you use and what tools are used to scan and filter the email. This gives potential dangerous information away that you might want to keep private.
Anyone has experience with this on how to achieve this?
In the email headers there is some sensitive information. Where the connection originated from, which client is used.
Can this be stripped so that the received does not gain information about you and keep it down to only the essential parts?
Example:
Should remove these items:
It reveals you personal IP, the OS you use and what tools are used to scan and filter the email. This gives potential dangerous information away that you might want to keep private.
Anyone has experience with this on how to achieve this?