Remove userid from Recieved header

I think you can try something like:

/etc/postfix/main.cf

header_checks = pcre:/etc/postfix/header_checks.pcre

/etc/postfix/header_checks.pcre

/^Received: by(.*) \(Postfix, from userid(.*)$/ REPLACE Received: by ${1}

You shall not edit the received lines in any case.

Mainly they are required by RFC 5321 and are not allowed to manipulate. Secondly they are a valuable source for tracking abuse.

Assume you only send mails with PHP via Apache (userid 48), what does it tell you if you see messages coming from userid 5000? You are right: A malicious user or script is running mad. Are you able to track this problem with userid removed?


Now you can change only first line. My solution is with regexp

/etc/postfix/main.cf

header_checks = regexp:/etc/postfix/header_checks

/etc/postfix/header_checks

/^Received: by (.*) .*Postfix, from userid [0-9]+\)\s*id ([A-F[:digit:]]+)(.*) (.*)/ REPLACE Received: by $1 (some text) id $2$3 (EEST)

You can check rezult (http://rubular.com/r/JH14xFTWL9)

or

postmap -q "Received: by mail.xxxx.lt (Postfix, from userid 48) id 5F7CD1E148A Thu, 23 Oct 2014 15:55:08 +0300 (EEST)" regexp:/etc/postfix/header_checks