Remove internal hosts in postfix

April 15, 2013   

A proper way to setup your network is to have a postfix relay server sitting somewhere on your network that every other server has access to via port 25. Now your relay server(s) are the only ones that should have outside access to port 25. All other servers should be firewalled off! 

So for example say your email chain looks like this for a new signup -> -> internet -> user's mailbox

If the user views the email source they will see that the email started at and it will include your internal IP address. So you are exposing internal IP addresses which isn’t very good at all.

So we can fix this in postfix very easily on the config. For example say your internal network is

So lets remove them everything in that subnet along with So edit the following file


Then add the following line

header_checks = regexp:/etc/postfix/header_checks

Now create a new file


Then add the following in place

/^Received:.*\[127\.0\.0\.1/ IGNORE
/^Received:.*\[10\.114\..*/ IGNORE`

Then restart postfix and you are good to go.

comments powered by Disqus