The most common solution is to use the /etc/postfix/header_checks but this is a big problem.

Why is header_checks a problem?  Because it does it to all mail whether incoming or outgoing and whether authenticated or not.  We of course want as much header information for incoming as we can get for many reasons but many organizations want to secure and make their mail clients as secure as possible.

I adapted this solution to the client's custom config, they are configured to only send through smtps so editing master.cf is different than most others.

So here's the solution to remove private details from authenticated outgoing mail with Postfix:

1.) Add the following to /etc/postfix/auth_header_checks.pcre

/^\s*(Received: from)[^\n]*(.*for <.*@(?!yourdomain.com).*)/ REPLACE $1 [127.0.0.1] (localhost [127.0.0.1])$2
/^\s*Mime-Version: 1.0.*/ REPLACE Mime-Version: 1.0
/^\s*User-Agent/ IGNORE
/^\s*X-Enigmail/ IGNORE
/^\s*X-Mailer/ IGNORE
/^\s*X-Originating-IP/ IGNORE

2.) Now comes the tricky part, for this be sure to backup your /etc/postfix/master.cf before messing around.  Even not having the right white space or anything will completely break postfix and make it refuse to start (this means you won't be receiving e-mail at the time).

Find your "submission" service or in many cases it may just be called "smtps":

Leave it all the same but add the part in bold below it (make sure two spaces are in front or your master.cf will be broken/notwork).

smtps     inet  n       -       n       -       -       smtpd -o content_filter=spamassassin
  -o smtpd_enforce_tls=yes
  -o smtpd_tls_wrappermode=yes
  -o cleanup_service_name=auth-cleanup

Now anywhere else in master.cf add the following:

auth-cleanup unix n - - - 0 cleanup
  -o header_checks=pcre:/etc/postfix/auth_header_checks.pcre
 

Restart postfix now and make sure it is working and if not check /var/log/maillog and it will tell you what's wrong ( a common issue when copying and pasting is that the white space in the -o sections may be lost and that will cause errors and sometimes the dashes will turn into the long kind and these are not valid and need to be changed/fixed).

postfix, outgoing, authenticated, mails, ip, mailer, thingsthe, etc, header_checks, incoming, header, organizations, adapted, custom, config, configured, smtps, editing, cf, auth_header_checks, pcre, yourdomain, localhost, mime, user, enigmail, originating, tricky, receiving, quot, submission, bold, spaces, notwork, inet, smtpd, content_filter, spamassassin, smtpd_enforce_tls, smtpd_tls_wrappermode, cleanup_service_name, auth, cleanup, unix, restart, var, maillog, copying, pasting, sections, errors, dashes, valid,

Latest Articles