Email Headers and Security

metallica1973 · 01-28-2008, 07:08 AM

What is the best way to scrub your email headers so that the outside world cannot see what you natted internal ip address is and is there a way to also hide the public originating ip address as well?

Matir · 01-28-2008, 07:28 AM

There is no way to hide your public IP unless you use an anonymizing e-mail proxy. This is added to the email headers by the first SMTP server your email reaches. These headers are, IMO, important in the fight against SPAM and other online malicious activity.

metallica1973 · 01-28-2008, 08:31 AM

Thanks Matir

but what about scrubbing the headers so that my natted address in not appearing?

Matir · 01-28-2008, 08:42 AM

To the best of my knowledge, your NAT address should not be appearing unless you are running an email server on the gateway. Otherwise those headers are being manually added by your MUA and removal would be MUA-specific.

metallica1973 · 01-28-2008, 08:46 AM

It is hosted by GoDaddy so I have no control over it do I?

Matir · 01-28-2008, 08:54 AM

No, you would not be able to use your MTA to strip headers. Additionally, GoDaddy would have no way of knowing of your NAT situation, so the internal IP should not be in the headers.

metallica1973 · 01-28-2008, 08:58 AM

So what does one do to cover up natted ip address from within you MTA? If I send you an e-mail from my MTA right now you will know my public ip as well as my natted ip address. That not cool. So what does one do?