Postfix Hide Client (MUA) System IP Address / Hostname

I‘ve central mail server gateway. All of our internal systems through this box. How do I remove or hide the hostnames and IP addresses of our internal systems from the messages headers before they go out to other users for security purpose?

Postfix MTA can filter headers using header_check (built-in content inspection) directive. Open file, enter:
# vi /etc/postfix/
Now, turn on local recipient checking in the SMTP server, specify the header_checks parameter specifies an optional table with patterns:

header_checks = regexp:/etc/postfix/header_checks

Save and close the file. Create /etc/postfix/header_checks file, enter:
# vi /etc/postfix/header_checks
Ignore, and 192.168.0.[0-9] IP address (regex) from the headers :

/^Received:.*\[127\.0\.0\.1/      IGNORE
/^Received:.*\[10\.24\.55\.1/ IGNORE
/^Received:.*\[192\.168\.0\.[0-9]/      IGNORE

# postmap /etc/postfix/header_check
# service postfix reload

# service postfix restart
See header_check(5) man page for further details.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 5 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
5 comments… add one
  • Ben Aug 20, 2009 @ 15:00

    Is the # postmap /etc/postfix/header_check necessary? I didn’t think you postmap a regexp file.

  • Qwerty Dec 10, 2010 @ 0:52

    Thanks, this page helped me a lot.

  • Simon Vo May 16, 2012 @ 7:51

    Hi Expert,
    In my case, i want to remove (Postfix) pattern to hide my mail system brand
    ===by (Postfix) with ESMTPSA id 7C24D5E37B===
    How can i change to:
    ===by with ESMTPSA id 7C24D5E37B===

    Received: from Simon-Vs-MBCuiPap.local (unknown [])
    (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
    (No client certificate requested)
    (Authenticated sender:
    by (Postfix) with ESMTPSA id 7C24D5E37B
    for ; Wed, 16 May 2012 15:40:33 +0800 (SGT)

    • Bryan May 2, 2016 @ 17:32

      Hi Simon

      Currently i am having same issues.if you do have fixed it please let me know.
      But as i check my log file it shows my relaymail server hostname and its ip address.
      or do you have idea how do i check my postfix config is working?

  • Ramu Nov 10, 2016 @ 2:53

    Is searching by the IP rage [0-9] working for anyone? I had it work once but can’t get it work after a while. For the life of me, I can’t figure out if the syntax is right or not.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum