SMTP Header Rewriting

svensol · Sep 10, 2013, 3:27 PM

Hi All,

Coming from a watchguard background, I have been trying to find if there is a way of sanitising SMTP headers and removing internal network information.

On the firebox configurations, it was/is known as an SMTP Proxy (or similar, I can't remember fully - it's been a couple of years) and you can search for specific entries within the headers and remove them on the fly.

Is there anyway of doing this on pfSense?

Thanks,

Sven.

firewalluser · Sep 17, 2013, 7:36 AM

Have you checked out mailscanner in the pfsense packages?
Maybe this might do some or all of what you want to do?

svensol · Sep 18, 2013, 4:05 PM

It doesn't seem to do that, which is a shame.

Thanks for pointing that one out though.

Cheers,

Sven.

firewalluser · Sep 18, 2013, 4:13 PM

Some header info is essential, other header info is not, maybe you could look at the mail server itself to see if can output essential info only.

For example MS Exchange server 2000/2003 did not used to put in the workstation ip address in the email header, but from 2007 onwards, it adds the workstation IP address to the email which is not essential info imo.

svensol · Sep 20, 2013, 2:23 PM

Yes, I've seen that too. We have several mail servers around the perimeter, I was hoping that there could have been a way on the firewall but I'll have to see if there is a way of configuring exim4 or postfix to see if it's possible.

Thanks anyway.

Sven.