Serverseitig wird im Mailheader: Received: from IP, Mime-Version, User-Agent, X-Enigmail, X-Mailer, X-Originating-IP verändert ohne dabei RFC5321 oder RFC2045 zu verletzen:
Punkt 1 header_checks_auth.pcre erstellen
$ vi /etc/postfix/header_checks_auth.pcre /^\s*(Received: from)[^\n]*(.*for <.*@.*)/ REPLACE $1 [127.0.0.1] (localhost [127.0.0.1])$2 /^\s*Mime-Version: 1.0.*/ REPLACE Mime-Version: 1.0 /^\s*User-Agent/ IGNORE /^\s*X-Enigmail/ IGNORE /^\s*X-Mailer/ IGNORE /^\s*X-Originating-IP/ IGNORE $
Punkt 2 master.cf bearbeiten
$ vi /etc/postfix/master.cf ### ### ### submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject ### // -o milter_macro_daemon_name=ORIGINATING -o cleanup_service_name=auth-cleanup auth-cleanup unix n - - - 0 cleanup -o header_checks=pcre:/etc/postfix/header_checks_auth.pcre ### ### ### $
Punkt 3 postfix neustarten
$ clear; postfix check; service postfix restart $
header_checks_auth bezieht sich nur auf den submission 587 port, DKIM signing sollte weiterhin funktionieren