For some reason, the folks in at Microsoft decided to change the way they handled sending email from your internal network to the outside world when it comes to Received Headers in the SMTP header.
What used to happen in Exchange 2003 is that an Outlook client sends an email to the Exchange Server to be sent out to the external recipient(s) and the Exchange Server sent the email out. There was no internal server information in the Receive headers that was sent to the outside world - in other words, the recipient didn't know that the email was sent from my Outlook to internalservername.domain.local and didn't need to know this. This is pretty much what should happen now and what happens with all other mail systems - internal Received headers are dropped when sending outside.
What's happened in Exchange 2007, however, is that when you send an email from your Outlook mail client to an external recipient, the Received headers include your internalservername.domain.local information that is not only superfluous, but possibly also creates a security concern by giving external recipients a view into your local network configuration that they have no right nor need to know.
Now, this is easy to fix - in Exchange Management Console, Organization Configuration, Hub Transport, Hub Transport Rules you need to create a new rule called "Strip Local Headers" that is configured to work on email from Inside to Outside, then Remove Header and enter "Received" when asked for the header to remove.
Once that's done, pull up an email sent to an outside user befoe this rule was created and another from after it was created and look at the headers of both emails - you'll notice your internal network information missing from the later email, just as it should be.
Regards,
The Outspoken Wookie
1 comment:
Nice. Just added it to my growing list of Transport rules.
That makes the only leakage the Message-ID header containing the internal server name.
Post a Comment