Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: [SOLVED] Outgoing Header Address Masquerading

  1. #1
    Join Date
    Aug 2007
    Posts
    6
    Rep Power
    8

    Default [SOLVED] Outgoing Header Address Masquerading

    I have 5.0.4 running on Fedora 7 and I need to hide all internal host names and IP's in all outgoing mail messages for security reasons.

    Traditionally in postfix to do Address masquerading you would use the following entry in main.cf :
    masquerade_domains = example.com
    This would strip foo.example.com to example.com.

    How do we do it in Zimbra 5?

    Thanks.

  2. #2
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Welcome to the forums

    If you wish to change the settings without performing a full ZCS restart then you can do :-
    Code:
    su - zimbra
    postconf -e masquerade_domains="example.domain.com domain.com"
    zmmtactl reload
    this will not be persistent across restarts so for that you will need
    Code:
    su - zimbra
    zmlocalconfig -e postfix_masquerade_domains="example.domain.com domain.com"

  3. #3
    Join Date
    Aug 2007
    Posts
    6
    Rep Power
    8

    Default

    Quote Originally Posted by uxbod View Post
    Welcome to the forums

    If you wish to change the settings without performing a full ZCS restart then you can do :-
    Code:
    su - zimbra
    postconf -e masquerade_domains="example.domain.com domain.com"
    zmmtactl reload
    this will not be persistent across restarts so for that you will need
    Code:
    su - zimbra
    zmlocalconfig -e postfix_masquerade_domains="example.domain.com domain.com"
    I had previously tried editing /opt/zimbra/postfix/conf/main.cf and added
    Code:
    masquerade_domains="domain.com"
    Neither what I did or your suggestion works as I am still seeing this in the outgoing message header:

    Received: from host.zone.domain.com (host.zone.domain.com [192.168.20.2]) by zimbra.domain.com (Postfix) with ESMTP id 5870116BD472 for <user@yahoo.com>; Sun, 13 Apr 2008 09:04:22 -0400 (EDT)

    I don't want the header to show the host, zone or IP information. The header should look like this:

    Received: by zimbra.domain.com (Postfix) with ESMTP id 5870116BD472 for <user@yahoo.com>; Sun, 13 Apr 2008 09:04:22 -0400 (EDT)

    Any other ideas.

  4. #4
    Join Date
    Aug 2007
    Posts
    6
    Rep Power
    8

    Default

    Quote Originally Posted by mlpw View Post
    I had previously tried editing /opt/zimbra/postfix/conf/main.cf and added
    Code:
    masquerade_domains="domain.com"
    Neither what I did or your suggestion works as I am still seeing this in the outgoing message header:

    Received: from host.zone.domain.com (host.zone.domain.com [192.168.20.2]) by zimbra.domain.com (Postfix) with ESMTP id 5870116BD472 for <user@yahoo.com>; Sun, 13 Apr 2008 09:04:22 -0400 (EDT)

    I don't want the header to show the host, zone or IP information. The header should look like this:

    Received: by zimbra.domain.com (Postfix) with ESMTP id 5870116BD472 for <user@yahoo.com>; Sun, 13 Apr 2008 09:04:22 -0400 (EDT)

    Any other ideas.
    While further researching this it seems that Address Masquerading might not do what I want.

    I found an alternative solution would be to create a Header Check to rewrite the "Received:" header. It would strip out all of the from host information and leave the rest of the header.

    Here is what the original header would look like:

    HTML Code:
    Received: from host.zone.domain.com (host.zone.domain.com [192.168.20.2]) by zimbra.domain.com (Postfix) with ESMTP id 5870116BD472 for <user@yahoo.com>; Sun, 13 Apr 2008 09:04:22 -0400 (EDT)
    and here is what I want it look like:

    HTML Code:
    Received: by zimbra.domain.com (Postfix) with ESMTP id 5870116BD472 for <user@yahoo.com>; Sun, 13 Apr 2008 09:04:22 -0400 (EDT)
    The problem is I am not that good with writing regular expressions.

    I know "/opt/zimbra/conf/postfix_header_checks.in" should look something like this:

    /^Received: from "something1"/ REPLACE Received: "something2"

    Can someone help me with what the "somethings" should be?

    Thanks.

  5. #5
    Join Date
    Sep 2006
    Location
    477 Congress Street | Portland, ME 04101
    Posts
    1,374
    Rep Power
    11

    Default

    What you want to do has more to do really with Postfix than with Zimbra.

    No Starch Press's The Book of Postfix is a good resource with a lot of info on regular expressions.

    The Postfix website also has links to lots of documentation regarding what you want to do. There is also a Postfix mailing list where the Postfix developers hang out on a daily basis.

    Hope that helps get you started...

    All the best,
    Mark

  6. #6
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Quote Originally Posted by mlpw View Post
    /^Received: from "something1"/ REPLACE Received: "something2"[/CODE]
    Unfortunately I do not believe you can do that with the header checks. You can do things like :-

    /^Received:/ ignore <- this would skip the header from being written on the SMTP pipe
    /^Received:/ hold <- this would drop the email in the hold queue where it could then be pre-processed before being injected back into the queue

    Postfix Address Rewriting
    Postfix manual - header_checks(5)
    Last edited by phoenix; 04-16-2008 at 12:17 AM.

  7. #7
    Join Date
    Aug 2007
    Posts
    6
    Rep Power
    8

    Default

    Quote Originally Posted by uxbod View Post
    Unfortunately I do not believe you can do that with the header checks. You can do things like :-

    /^Received:/ ignore <- this would skip the header from being written on the SMTP pipe
    /^Received:/ hold <- this would drop the email in the hold queue where it could then be pre-processed before being injected back into the queue

    Postfix Address Rewriting
    Postfix manual - header_checks(5)
    No, REPLACE is a valid action, as I found examples of REPLACE in action where people had rewritten the "Received:" string with just the parts they wanted. I just wasn't able to write the correct REGEX to parse the original string and output just the parts I want.

    I'm surprised that no one else has asked this before. The way the "Received:" header is written by default, it exposes your internal network information to the outside world and creates a potential privacy breach.

    So, if someone could help me that would be great. Otherwise, I will continuing to research this elsewhere and if I find the answer I will post it here.

  8. #8
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Indeed you are correct Will have a look at your regex.

  9. #9
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Something like this should work
    Code:
    /^Received: from .* (by zimbra\.domain\.com .*)/ REPLACE /Received: $1/
    sorry but unable to test it until later. In theory that should grab everything from zimbra.domain.com onwards and then replace it in the new header.

  10. #10
    Join Date
    Aug 2007
    Posts
    6
    Rep Power
    8

    Default [SOLVED] Outgoing Header Address Masquerading

    Quote Originally Posted by uxbod View Post
    Something like this should work
    Code:
    /^Received: from .* (by zimbra\.domain\.com .*)/ REPLACE /Received: $1/
    sorry but unable to test it until later. In theory that should grab everything from zimbra.domain.com onwards and then replace it in the new header.
    After some trial and error I figured out the correct regular expression for what I wanted.

    In "/opt/zimbra/conf/postfix_header_checks.in" I added:

    Code:
    /^Received: from .+\..+\.domain\.com .+(by zimbra\.domain\.com .+) / REPLACE Received: $1
    Now when ZCS sees a header like this:

    HTML Code:
    Received: from host.zone.domain.com (host.zone.domain.com [192.168.20.2]) by zimbra.domain.com (Postfix) with ESMTP id 5870116BD472 for <user@yahoo.com>; Sun, 13 Apr 2008 09:04:22 -0400 (EDT)
    It will rewrite it as:

    HTML Code:
    Received: by zimbra.domain.com (Postfix) with ESMTP id 5870116BD472 for <user@yahoo.com>; Sun, 13 Apr 2008 09:04:22 -0400 (EDT)
    So you can eliminate a potential privacy breach by stripping host name, zone and IP's from internal mail clients outgoing messages by using postfix header_checks.

Similar Threads

  1. Email header containing internal IP address ?
    By msentissi in forum Administrators
    Replies: 2
    Last Post: 07-09-2009, 09:38 AM
  2. Can't change outgoing email address
    By albanach in forum Zimbra Connector for Outlook
    Replies: 3
    Last Post: 02-06-2008, 11:09 AM
  3. [SOLVED] Zimbra not syncing properly with Address Book and iCal
    By Colin Day in forum CalDAV / CardDAV / iSync
    Replies: 4
    Last Post: 07-13-2007, 08:52 AM
  4. Internal server address visible on header.
    By Splat in forum Administrators
    Replies: 5
    Last Post: 09-14-2006, 11:39 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •