Remove sensitive information from email headers with postfix

I’m in the process of moving back to a postfix/dovecot setup for hosting my own mail and I wanted a way to remove the more sensitive email headers that are normally generated when I send mail. My goal is to hide the originating IP address of my mail as well as my mail client type and version. To get started, make a small file with regular expressions in /etc/postfix/header_checks: /^Received:.*with ESMTPSA/ IGNORE /^X-Originating-IP:/ IGNORE /^X-Mailer:/ IGNORE /^Mime-Version:/ IGNORE The “ESMTPSA” match works for me because I only send email via port 465.
Read more →

SELinux and .forward files

If you want to forward e-mail from root to another user, you can usually place a .forward file in root’s home directory and your mail server will take care of the rest: /root/.forward With SELinux, you’ll end up getting an AVC denial each time your mail server tries to read the contents of the .forward file: type=AVC msg=audit(1325543823.787:7416): avc: denied { open } for pid=9850 comm="local" name=".forward" dev=md0 ino=17694734 scontext=system_u:system_r:postfix_local_t:s0 tcontext=unconfined_u:object_r:admin_home_t:s0 tclass=file The reason is that your .
Read more →

Deleting all e-mail messages in your inbox with mutt

Occasionally, I’ll end up with a mailbox full of random data, alerts, or other useless things. If you have SSH access to the server, you can always clear out your mail spool, but if you connect to an IMAP server, you can use mutt to do the same thing. First, use mutt to connect to your server remotely (via IMAP over SSL in this example): mutt -f imaps://mail.yourdomain.com/ Once you’ve connected and logged in, press SHIFT-D (uppercase d).
Read more →

Plesk: Upgrade to 8.4 causes “no such user” error in maillog

If you have a Plesk server where short mail names are enabled, upgrading to Plesk 8.4 can cause some issues. Valid logins may be rejected, and they’ll appear in your /usr/local/psa/var/log/maillog as “no such user”. You can correct the issue by switching to long mail names (click Server -> Mail in Plesk), or you can run a shell script provided by Parallels. For further details, refer to the Plesk KB article “Mail users cannot get or send mail after upgrade to Plesk 8.
Read more →

Forcing qmail to process e-mail in the queue

Normally, qmail will be able to process the mail queue without any interaction from the system administrator, however, if you want to force it to process everything that is in the queue right now, you can do so: kill -ALRM pgrep qmail-send If for some peculiar reason you don’t have pgrep on your server, you can go about it a slightly different way: kill -ALRM ps ax | grep qmail-send | grep -v grep | awk '{print $1}' Your logs should begin filling up with data about e-mails rolling through the queue.
Read more →