Hello *,

as of today, our primary mail server, mail01.haj.ipfire.org, will redact IP address and HELO banner of messages received from authenticated clients (i.e. those who send via submissions.ipfire.org). Other mails remain unchanged.

Stripping out other sensitive metadata such as User-Agent headers was in place for several weeks now, and as far as I am concerned, there were no complaints about it.

Since the IP address reveals ISP, internal details and possibly the location of a sender, I consider removing it to be important in order to protect privacy of anyone using our mail infrastructure.

Redacted Received headers will look like this one:

Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 46rgZ44pV1z2MS for test@lists.ipfire.org; Sun, 13 Oct 2019 12:13:00 +0000 (UTC)

If necessary, we are still able to look up the sender's IP address in the mail server log files. For the rest of the world, it's just none of their business.

Please let me know if you experience any issues with this our our mail systems in general.

Thanks, and best regards, Peter Müller