10-04-2023 05:52 AM
I have noticed that when sending emails to external organizations, our internal private IP addresses are being exposed to everyone.
how this occurs and provide me guidance on the necessary ESA configurations to prevent this?
Please find the below URL for reference.
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118235-technote-esa-00.html
Also i need to know is there any production impact if i make changes
10-04-2023 11:50 PM
Any help please
10-05-2023 12:55 AM
Hello,
The "Received" header in an email message provides a chronological record of the message's journey as it travels from the sender to the recipient. Each "Received" header represents a step in the email's delivery process, showing the mail servers or relays that handled the message and adding information about the sender, receiver, and timestamps. Each new "Received" header is prepended to the existing list, creating a trace of the email's path.
And for your question: Yes, you can remove Received headers on outgoing mails as you shared the document above or you can use content filter to strip them.
if you have particular ip addresses to be hidden then you can use content filter action Add/Edit header to replace that ip address.
However, I would like to reiterate that removing the Received header from outgoing emails is not recommended. The Received header can be useful for troubleshooting email delivery problems. For example, if an email message is not delivered to its recipient, the Received header can be used to trace the path that the message took and identify the mail server that was responsible for failing to deliver the message.
Here are some additional things to keep in mind:
I recommend that you carefully consider the risks and benefits before removing the Received header from outgoing emails.
10-10-2023 04:35 AM
Would it any traffic impact doing this changes
11-28-2024 12:46 AM
hi again, no it won't impact any traffic.
10-05-2023 12:56 AM
there are mixed opinions about the removal of received headers, but this may as well be a different discussion.
if you want to remove them you can do it with a message filter like this
MF_STRIP_RECEIVED_HEADER: if sendergroup == "ALLOWSPOOF|RELAYLIST|SMA" {
strip-header("Received");
}
please note: the sendergroup list defines all messages that are routed from your internal system to anything external, please change this to your needs.
regards
daniel
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide