|
Runbox Forum Everything related to Runbox should go here: suggestions, comments, complaints, questions, technical issues, etc. |
|
Thread Tools |
25 Jul 2018, 02:26 AM | #1 |
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
Removing Customer IP Addresses
From the Runbox Blog:
https://blog.runbox.com/2018/07/remo...-ip-addresses/ We are pleased to announce that we no longer include customer IP (Internet Protocol) addresses in outgoing mail headers when you are using our SMTP service. The SMTP service is what you use if you are using an email program like Outlook, Apple Mail, Thunderbird or other similar programs on a laptop, desktop or mobile device. This brings our SMTP service in line with our webmail service where we haven’t included the customer IP address for a few years now. Removing the IP address of your Internet connection can help improve your privacy as IP addresses can sometimes be used to identify your geographical location, and might be accurate to a particular town or city (though often they are much less accurate that this). If you have any further questions about this please contact Runbox Support. |
26 Jul 2018, 07:46 PM | #2 |
Essential Contributor
Join Date: Jun 2009
Posts: 395
|
Thank you for the heads-up, FredOnline.
Depending on what the sender's local address is substituted with, this could be great if it is just truncated or dumb if it is substituted with something like "localhost." Also, for business E-Mail you may not want it truncated or substituted. If your domain name is part of your so-called "brand identity," you'd probably want it to show in the first "Received" header. I suppose that if your business is big enough, you'd probably run your own mail server. Just my two shekels. -- Jacinto |
27 Jul 2018, 04:03 PM | #3 |
Cornerstone of the Community
Join Date: Nov 2008
Location: UK
Posts: 549
Representative of:
Runbox.com |
Hi Jacinto. It's the IP address that is being removed and nothing to do with domains.
All Runbox customers use the same mail server settings, so there is no "brand identity" as such in the headers for businesses |
27 Jul 2018, 05:50 PM | #4 |
Essential Contributor
Join Date: Jun 2009
Posts: 395
|
Hello, dbowdley.
Most SMTP servers perform reverse DNS (RDNS) checks and include the domain name in the "HELO" as well as the domain name disclosed by the RDNS check in the "Received" header. Here is a redacted example of a Fastmail Received header with RDNS check: Code:
Received: from mail.dovecot.fi (wursti.dovecot.fi [94.237.32.243]) by mx5.messagingengine.com (Postfix) with ESMTP for <[USERNAME]@fastmail.fm>; Sun, 22 Jul 2018 10:36:09 -0400 (EDT) Code:
Received: from mail-it0-f44.google.com ([209.85.214.44]) by mailfront10.runbox.com with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.82) id 1fhcDx-0001Ah-VX for [USERNAME]@runbox.eu; Mon, 23 Jul 2018 16:54:10 +0200 -- Jacinto |
27 Jul 2018, 07:03 PM | #5 |
Cornerstone of the Community
Join Date: Nov 2008
Location: UK
Posts: 549
Representative of:
Runbox.com |
It is the IP address of the customer's ISP connection that we are removing from headers. For example, previously the header would read:
Received: from [CUSTOMER IP] (REDACTED) by mailfront10.runbox.com and now it would read: Received: by mailfront10.runbox.com I hope that helps explain the change. |
28 Jul 2018, 12:18 AM | #6 |
Essential Contributor
Join Date: Jun 2009
Posts: 395
|
I, see, thank you.
Would that have any effect on the sender's DKIM headers? -- Jacinto |
28 Jul 2018, 12:57 AM | #7 |
Cornerstone of the Community
Join Date: Nov 2008
Location: UK
Posts: 549
Representative of:
Runbox.com |
It doesn't affect the validity of the DKIM signature of messages.That should still work as expected, and tests show that the messages we do sign with DKIM still get a dkim=pass result.
|
28 Jul 2018, 05:39 PM | #8 |
Essential Contributor
Join Date: Jun 2009
Posts: 395
|
Good day and thank you, dbowdley.
To make sure that I didn't get it wrong, are you saying that ffor both, [1] a message that has a DKIM signature before it hits Runbox SMTP servers and [2] a message that is signed by Runbox servers, their DKIM signature will not be affected by the new Received header? Thank you. -- Jacinto |
28 Jul 2018, 06:04 PM | #9 |
Cornerstone of the Community
Join Date: Nov 2008
Location: UK
Posts: 549
Representative of:
Runbox.com |
The change we have made only affects messages that are sent from an email program (like Thunderbird, Outlook or Apple Mail etc.) to us for onward transmission via our outgoing mail servers.
That it says "Received: by" is because we received it from your email client, it isn't referring to incoming mail to your account. We are not changing anything in the headers of incoming email received from other email providers that may already have a DKIM signature. |
28 Jul 2018, 07:21 PM | #10 |
Essential Contributor
Join Date: Jun 2009
Posts: 395
|
I understand what you are saying, but it is not an answer to my question. Perhaps, my question wasn't specific enough.
Let's try again. I have a local exim server that Thunderbird uses for outgoing mail. The exim server adds a DKIM signature to outgoing mail from one domain before it relays the message to Fastmail (first logging-in with proper credentials) for delivery to the recipient's SMTP server. I have not yet used Runbox in this way. If I were to, would the exim DKIM signature remain valid? Thank you. -- Jacinto |
28 Jul 2018, 09:11 PM | #11 |
Cornerstone of the Community
Join Date: Nov 2008
Location: UK
Posts: 549
Representative of:
Runbox.com |
I see what you mean now; thanks for the additional information.
I don't see why what we are doing would affect the DKIM signature. The signature your server adds would be based on certain headers that your server added when you sent the message. Anything that Runbox adds after that (and what we may or may not choose to add) doesn't affect the signature your server has added as we are not modifying the existing headers the signature was based on. That said, it's an interesting question and if you want to try it out with us then drop us a line at Support and I'll set something up so we can confirm that the signature is still valid. Last edited by dbowdley : 28 Jul 2018 at 09:13 PM. Reason: Clarity |