Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Removing FQDN from message header

78 views
Skip to first unread message

shawn

unread,
Jan 16, 2008, 10:37:25 AM1/16/08
to
All,

We a running XCHNG 2003 Enterprise...outbound emails still contain
information of internal domain structure in the message ID.

Would also like to remove "X-MimeOLE: Produced By Microsoft Exchange V6.5"
as well...

I have changed the "Fully-qualified domain name" within Advanced Delivery
tab of SMTP Virtual Server Properties...by doing this and NATting outbound
email, I have been able to hide internal server information
(name/IP)...however, still have FQDN info in message ID...

What is the best way to rectify this issue?
Anybody have a good solution for this scenario?

I have come acrossed only a few blips discussing this...
No it can't be done...or...possible 3rd party app

Thanks...

Shawn


Bharat Suneja [MVP]

unread,
Jan 16, 2008, 12:14:32 PM1/16/08
to
Masquerading SMTP Virtual Servers: Changing the fqdn and masquerade domain
http://exchangepedia.com/blog/2007/12/masquerading-smtp-virtual-servers.html

--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
exchangepedia.com/blog
----------------------------

"shawn" <shawnl....@rfirst.org> wrote in message
news:OZHc2WFW...@TK2MSFTNGP03.phx.gbl...

shawn

unread,
Jan 16, 2008, 1:01:35 PM1/16/08
to
Bharat,

This does not solve issue (as it states directly in excerpt from article):

---------

What it doesn't do:
- Doesn't change the fqdn used in the Message-ID, as seen in the above
headers.

[Act surprised... ]: Now why can't the SMTP VS change the Message-ID as
well?
Because RFC 2822 says so - a Message-ID is a globally unique identifier of a
message. Once created, the Message-ID for a particular instance of a message
should not be changed. It allows one to track messages, and correlate
multiple messages to the same thread (using additional header fields like
references and in-reply-to).

----

My thoughts on this is all that I should need to know if the Message ID
portion (i.e. prefix) prior to @ symbol...I know what my internal server
is...so I can track a message internally if I need to...nobody else needs to
know my internal server or AD domain structure...this is a security risk!!!

Once message leaves my network and hits the internet...I don't need to track
it anymore...if somebody calls...I can ask for message ID prefix and track
message through our gateway...

Did I miss something in this blog?

Thanks.

Shawn


Bharat Suneja [MVP]

unread,
Jan 16, 2008, 1:49:45 PM1/16/08
to
Shawn,

This is not an uncommon concern or question, but security by obscurity
doesn't really buy you much imo. Simply exposing the fqdn and even internl
ip address isn't really so much of a risk - again, imo. Look at headers in
emails from some fairly security concious organizations, and you'll find the
exact path a message takes - including IP addresses and fqdns - in the
Receivd headers.

Having said that, if you're on Exchange Server 2007, you can easily
mask/remove this information (the Received headers, i.e.) - but fairly
certain this doesn't impact the Message-ID. If the message already has a
Message-ID, RFC 2822 says it shouldn't be altered.

--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
exchangepedia.com/blog
----------------------------

"shawn" <shawnl....@rfirst.org> wrote in message

news:eQS0XnG...@TK2MSFTNGP04.phx.gbl...

0 new messages