we use exim on a VPS. We host multiple domains on WP and Magento.
Recentyl I was reviewing some e-mails when I saw the following in the Received headers: my linux username, servername (not the sending domain name) and the actual version of Exim sending the email.
Received: from **USERNAME** by **VPS_SERVERNAME** with local (**EXIM VERSION**)
(envelope-from <user@domain.com>)
id 1a34DM-0003fW-xx
for recipient@gmail.com; Sun, 29 Nov 2015 16:48:36 +0100
I made a little jump. Why is it necessary to send the username under wich the process runs. And also why is the server name not the sending domain name. And why expose the Exim version or even expose Exim? All seems like quite a security risk by giving TMI
My question: How can I change USERNAME in the Received header to the sending E-MAIL NAME (prefix or whole email) and change the VPS_SERVERNAME to the sending DOMAINNAME. Or at least change the whole to something within all E-mails RFC's a rules ... but a little more anonymous.
Received: from user by domain.com with local (Mailserver)
(envelope-from <user@domain.com>)
Where user is taken from email, just like domein.com.
You can configure the format of the Received: header appended by Exim through the received_header_text key in the Exim configuration. This allows you to remove the user name. The default format string also suggests that Exim uses the primary_hostname variable for your VPS_SERVERNAME field, which defaults to uname() (that is, your host name), but this can also be overridden in the configuration to your FQDN of choice.
As for whether the default format is TMI, Exim's format is not unusual. Received: headers are for diagnostic purposes and they generally reveal a lot about the sending network and MTA software. Details can be hidden if security through obscurity is preferred over diagnostics, but consider that it only makes attacking the network harder and it is not an active security measure.