ianeq
February 20, 2018, 3:15pm
1
Before the v0.26 there was this in the mail header:
_Received: from authenticated-user (box.domain.tld [XXX.XXX.XXX.XXX]) ..._
After update to v0.26c the mail header reveals the real end-user IP:
_Received: from [10.XXX.XXX.XXX] (XXX-XXX-XXX-XXX.user.address.tld [XXX.XXX.XXX.XXX])_
Also, in v0.26c the Mime-Version: 1.0 (Mac OS X Mail XX.X (XXXX.X.XX)) and the X-Mailer: Apple Mail (X.XXXX.X.XX) is visible in the headers. Before, the Mail-In-A-Box removed such information from the mail header automatically.
Many thanks.
alento
February 20, 2018, 3:39pm
2
I just tested my v0.26b install and it is not affected. Perhaps the change occurred in v0.26c specifically?
I hope that this is just a bug, and not a change as some of my users prefer their IP’s being private.
1 Like
can confirm that v0.26b seems not affected. @JoshData was this change in v0.26c intentional?
There haven’t been any changes related to this.
After Joshs input I upgraded to v0.26c and can confirm there is no change in the header section: it`s neither revealing the end-users IP nor the browser version.
murgero
February 22, 2018, 2:49pm
6
It’s possible that you may have made a config change OR Apple added that to their mail client.
ianeq
February 23, 2018, 8:31pm
7
I just re-run the install/upgrade script, force-updated the underlying Ubuntu box, rebooted and checked again, still getting this:
_Received: from [10.XXX.XXX.XXX] (XXX-XXX-XXX-XXX.user.address.tld [XXX.XXX.XXX.XXX])_
instead of the expected:
_Received: from authenticated-user_
No user modifications to the box whatsoever.
Thank you.
murgero
February 23, 2018, 8:42pm
8
Can you supply me with the following:
Version of Ubuntu
Specs of server
Who you bought the server or VPS from
How many users roughly you use
Version of Postfix you are running (postconf -d | grep mail_version
) in console to get version.
output of cat /etc/postfix/main.cf
PM me these details if you can.
ianeq
February 24, 2018, 7:58pm
9
I just created a fresh new box with MIAB v0.26c and I get the correct and expected
_Received: from authenticated-user (box.domain.tld [XXX.XXX.XXX.XXX]) ..._
So, it seems something went wrong with the (old) affected one, without any explicit operator-made change during the update process to v0.26c, to my best knowledge …