Change SMTP Header Information

Every message that is sent (over the Internet) has header information. This header contains all kinds of information regarding the message, where it comes from, sent to, time, message identifier etc. All mail servers use this information to process the messages.

But when you take a closer look you’ll see information in the header of a message about your internal network. For example, I’ve sent a message from my Hub Transport Server, throught my Edge Transport Server to an external recipient and this is what I seen in the header information:

Return-Path: jaap@wesselius.info
Received: from edge.wesselius.info (edge.wesselius.info [178.251.192.3])
by mxdrop233.xs4all.nl (8.13.8/8.13.8) with ESMTP id p0PBIJjK000259
for <jaapwess@xs4all.nl>; Tue, 25 Jan 2011 12:18:20 +0100 (CET)
(envelope-from
jaap@wesselius.info)
Received: from EXCH01.wesselius.local (192.168.0.32) by
EDGE.wesselius.info
(192.168.0.33) with Microsoft SMTP Server (TLS) id 14.1.270.1; Tue, 25 Jan
2011 12:18:48 +0100
Received: from EXCH01.wesselius.local ([192.168.0.32]) by
EXCH01.wesselius.local ([192.168.0.32]) with mapi id 14.01.0270.001; Tue, 25
Jan 2011 12:17:55 +0100
From: Jaap Wesselius
jaap@wesselius.info
To: “jaapwess@xs4all.nl” jaapwess@xs4all.nl
Subject: FW: Autodiscover is not showing the OAB
Thread-Topic: Autodiscover is not showing the OAB

As you can see (in red) there’s quite some internal information in the header information. If you want to hide this information you have to makes changes to the header firewall.

Message are sent to the Internet via the “EdgeSync – Default-First-Site-Name to Internet” Send connector. So, to achieve this we have to remove the “ms-Exch-Send-Headers-Routing” extended rights from the Send Connector by executing the following command on the Hub Transport Server:

Get-SendConnector “EdgeSync – Default-First-Site-Name to Internet” | Remove-ADPermission -AccessRight ExtendedRight -ExtendedRights “ms-Exch-Send-Headers-Routing” -user “NT AUTHORITY\Anonymous Logon”

image

After restarting the SMTP Transport Service and sending another e-mail message to an external recipient we see this in the message’s header:

Return-Path: jaap@wesselius.info
Received: from edge.wesselius.info (edge.wesselius.info [178.251.192.3])
by mxdrop111.xs4all.nl (8.13.8/8.13.8) with ESMTP id p0PBeSAi085908
for <jaapwess@xs4all.nl>; Tue, 25 Jan 2011 12:40:30 +0100 (CET)
(envelope-from
jaap@wesselius.info)
From: Jaap Wesselius
jaap@wesselius.info
To: “jaapwess@xs4all.nl” jaapwess@xs4all.nl
Subject: FW: SuspendWhenReadyToComplete
Thread-Topic: SuspendWhenReadyToComplete

Only the IP address of the Edge Transport Server is visible and all internal information is removed.

Important note: according to RFC 2821 you’re not allowed to change the header information of e-mail messages. What actually happens here is creating non RFC compliant messages. This won’t cause any issues, but you run into trouble people (i.e. vendors) can point you in this direction.

More information on the Header Firewall in Exchange Server 2010 can be found on the Microsoft Technet site: http://technet.microsoft.com/en-us/library/bb232136.aspx

One thought on “Change SMTP Header Information”

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s