|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: removing Receiced: headers
From: brian moore (bem
rom.org)Date: Wed Aug 23 2000 - 21:11:32 CDT
- Next message: Jason Jeremias: "Name service error, host not found."
- Previous message: fredwiley.gsm.ucdavis.edu: "RE: Masquerading, Canonical or virtual??"
- In reply to: Michael Tokarev: "Re: removing Receiced: headers"
- Reply: brian moore: "Re: removing Receiced: headers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, Aug 23, 2000 at 11:29:27PM +0400, Michael Tokarev wrote:
> This exact question popped up again and again.
> Postfix will not remove Received:. You're free to
> modify it so it will do that to you, but this is
> not a Good Thing to do. Search the archives for
> more information on this.
I pointed him at my header-(de)munging trick, which allows discarding
arbitrary headers. I didn't realize it at the time, but Wietse did...
it does provide a simple mechanism for dropping Receieved headers to
hide an internal network.
I must have missed prior threads on it, but if done wisely, it can be
useful (some corporations have truly bizarre internal networks that add
a stack of useless RFC-1918 machines ... there's really no reason to
send anything but the bastion machine to the real world).
Since there is existing code to fondle headers from a table, the
complexity of this one is pretty low, so should have no impact on
security (basically a strcmp and a return... :)) unless, of course
you do '/Received: .*/ DROP' and discard -all- received lines... but if
you do that, you're silly. :)
- Next message: Jason Jeremias: "Name service error, host not found."
- Previous message: fredwiley.gsm.ucdavis.edu: "RE: Masquerading, Canonical or virtual??"
- In reply to: Michael Tokarev: "Re: removing Receiced: headers"
- Reply: brian moore: "Re: removing Receiced: headers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]