Hide "Authenticated Sender" / actual login information in outgoing headers

[KEANO89]

Classification

• [X] Question
• [X] Feature/Enhancement

Reproducibility

• [X] Always

Description

I'm trying to eliminate the actual mail login in outgoing headers: smtp.mailfrom / smtp.auth and Authenticated sender. I already got rid of the private data in smtp.mailfrom and smtp.auth by mounting /etc/rspamd/local.d to a host directory and changing milter_headers.conf. But the actual login information remains in the Received header as "Authenticated sender". What's the trick to hide the login completely? Would it be possible to change the mailserver containers default configuration to this? I think this would be a reasonable change since EU-GDPR wants you to protect private data as much as possible.

Steps to reproduce

1. Send E-Mail
2. Check mail headers

Expected results

Received: [...] (Authenticated sender: identity@example.org) by example.org

Actual results

Received: [...] (Authenticated sender: actual-login@example.org) by example.org

Configuration (docker-compose.yml, traefik.toml...etc)

docker-compose.yml

[...]
services:
  mailserver:
[...]
    volumes:
      - "/var/docker/traefik:/etc/letsencrypt/acme"
      - ${VOLUMES_ROOT_PATH}/mail:/var/mail
      - ${VOLUMES_ROOT_PATH}/rspamd-conf:/etc/rspamd/local.d
[...]

milter_headers.conf

[...]
 authentication-results {
    header = "Authentication-Results";
    remove = 1;
    add_smtp_user = false;
[...]

[hardware]

I misunderstood what you meant, I thought you wanted to completely delete the first Received header.

I added add_smtp_user = false in milter_headers.conf and smtpd_sasl_authenticated_header = no in main.cf. Thanks for the heads up.

[KEANO89]

Awesome! Much appreciated. Going to update right away