Removing or Assigning Alias To Email Header Information
Hi, i sent a plain text email to myself so i could check the header. I did this using the php native mail command. I understand that this is not SMTP but i have to test both SMTP and non-SMTP processes.
Is there a way to hide (or assign a alias) the following from the email header.
[SERVER NAME]
[USERNAME] this is my cpanel username and i dont know why this has to be a part of the email, its just dumb security wise.
[HOST DOMAIN]
Its so frustrating sometimes, i spent so much time security my server only to have the information posted in the email header. :(
Here are the lines from the header in reference
helo=[SERVER NAME].com; pr=C
Received: from [SERVER NAME].com
Received: from [USERNAME] by [SERVER NAME].com with local (Exim 4.98.1)
Message-Id: <E1tsFs5-009WG4-G3M@[SERVER NAME].com>
X-AntiAbuse: Primary Hostname - [SERVER NAME].com
X-Get-Message-Sender-Via: [SERVER NAME].com: authenticated_id: [USERNAME]/from_h
X-Authenticated-Sender: [SERVER NAME].com: noreply@example.com
X-Source-Dir: [HOST DOMAIN].com:/example.com/location/file
I did find another old thread here on this subject but the links provided in the fix are all broken.
Thanks :)
-
Hey there! Could this be an issue with the way you're testing? If I send a normal message from webmail I don't see "username" at all in the headers on the recipient end.
0 -
Hi cPRex,
Here is how i am sending them for non SMTP
$headers = "MIME-Version: 1.0\n";
$headers .= "Content-type: text/".$ctype."; charset=utf-8\n";
$headers .= "X-Priority: 3\n";
$headers .= "X-MSmail-Priority: Normal\n";
$headers .= "X-mailer: php/".phpversion()."\n";
$headers .= "From: $from\n"; //this sends it from the same server to avoid relaying error by host
$headers .= "Reply-To: $from_email\n"; // this is who sent you the email
$extraparam ="-f $from";
//this is to help prevent a timing hack
$sec_rand = rand(200000,990000);// 1/5 sec to 1 full sec in MSec
usleep($sec_rand); //milliseconds
$mail_sent = mail($to,$subject,$message,$headers,$extraparam);in WHM EXIM Config under basic tab then mail tab, it has this
EXPERIMENTAL: Rewrite From: header to match actual sender [?]If you enabled this option, the From: header will be rewritten to be the email address of the actual message sender. If you choose the "remote" option, only messages that are being sent to remote destinations will be affected.it is set to disabled, i tried the ALL setting, still the same username is in the header.The part of the header with the USERNAME is right after the DKIM-signature section.Received: from [username] by [hostname.com] with local (Exim 4.98.1)Here is what AI provided but i cant find the filters it suggests in WHM or CpanelTo remove a username from email header information within cPanel, you can use the Exim system filter to modify the headers, specifically using the directiveheaders remove <string>, where<string>is the header you want to remove.Here's a breakdown:-
Exim System Filter:cPanel uses Exim as its email delivery system, and the system filter allows you to modify emails before they are delivered.
-
How to Remove a Header:
-
Log into cPanel.
-
Navigate to the Exim system filter settings.
-
Add a new rule with the following directive:
headers remove <string>.-
Replace
<string>with the specific header you want to remove (e.g.,Received: from $username).
-
Replace
-
Log into cPanel.
-
Example:To remove the
Received: from $usernameheader, you would use the directiveheaders remove Received: from $username. -
Important Note:Headers added at delivery time, such as
Envelope-To:andReturn-Path:, cannot be removed using this method.
Thanks :)
0 -
-
Hi, so does anyone know where this "Exim system filter" is located that AI talks about in my previous post that will accept a command?
All the EXIM filters i have found have specific drop down options and there is no place to enter any code like that.
Maybe this is what i need to do, i dont know.
https://docs.cpanel.net/knowledge-base/email/how-to-customize-the-exim-system-filter-file/
I created a custom rule file per the docs and inside that file i put
headers remove Received: from [my actual username] (no brackets)
then i also tried
headers remove Received: from $username
Its still there... really not sure what to do here.
As a reminder what i am referring to here is the actual header line in full, names removed for security.
Received: from username by server.example.com with local (Exim 4.98.1) (envelope-from <noreply@example.com>) id 1tsvww-00000000OKq-2hdG for example@example.com; Fri, 14 Mar 2025 03:23:28 +0000
I need to remove the username.
0 -
I found more resources
https://stackoverflow.com/questions/33984833/exim-trying-to-change-received-headers-in-email
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-main_configuration.html
the key received_header_text is in item 15 on that list.
And here is what AI has to say about it.
To modify the "Received:" header in Exim, you can use the received_header_text key in the Exim configuration to control the format of the header.
Here's a breakdown of how to do it:
1. Locate the Configuration File:
The main Exim configuration file is typically located at /etc/exim/exim.conf.
2. Find the received_header_text Key:
Search for the received_header_text key within the configuration file.
3. Modify the Header Format:
The received_header_text key controls the format of the "Received:" header. You can modify it to:
Remove the username: The default format string might include the username, which you can remove by adjusting the format string.
Change the hostname: The default hostname might be uname(), but you can override it to your FQDN of choice.
Add or remove other information: You can customize the header to include or exclude specific information.
Example:
Original Format.
Codereceived_header_text = Received: by %{primary_hostname} [%{client_ip}]
Modified Format (removing username).
Codereceived_header_text = Received: by %{primary_hostname} [%{client_ip}]
Modified Format (changing hostname).
Codereceived_header_text = Received: by yourfqdn.com [%{client_ip}]
4. Save the Configuration File:
Save the changes to the Exim configuration file.
5. Restart Exim:
Restart the Exim service to apply the changes.
Important Notes:
Received Headers are for Diagnostic Purposes:
The "Received:" headers are primarily for diagnostic purposes and reveal information about the sending network and MTA software.
Carefully Review Changes:
Ensure that any modifications to the received_header_text key do not negatively impact Exim's functionality or email delivery.
Consider Security Implications:
Be mindful of any security implications when modifying the "Received:" header, especially if you are removing or changing information that could be used for malicious purposes.
centos - exim trying to change Received: headers in email - Stack Overflow
Nov 29, 2015Stack Overflow
How to configure Exim to set the Sender header. – cPanel
Oct 14, 2020
cPanel Support
Generative AI is experimental.I cant find received_header_text anywhere. So cPanel where are you hiding the EXIM key "received_header_text" ?
Thanks :)
Also maybe this needs to be in a future update to remove the username by default, cpanel can just change the config to show the item without the username. Just a thought.
0 -
Well all those instructions above must have been for an old version of cpanel. I did a grep recursive search on the server in the usr local cpanel and it did not find the text received_header_text, then i did a cpanel doc search for the same and it also did not find it. So i am back to square one here, i guess everything suggested in prior posts is no longer valid.
So now what do i do?
0
Please sign in to leave a comment.
Comments
5 comments