cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

MEG 7.5 strip mail headers

Jump to solution

Hi, We need to srtip outbound mail headers for security reasons, deleting the headers containig inside network IP and external too. In IronMail 6.7.x was easy but in the new MEG 7.5 ... no.

Thanks Herman.-

PD by the way this does not work... stripnotwork.PNG

1 Solution

Accepted Solutions
Highlighted

Re: MEG 7.5 strip mail headers

Jump to solution

Hi Herman,

I run in the same issue. I have contacted McAfee Support, and this is the answer from support:

     The header stripping option "Remove any Received-From headers to obscure network information" works as designed on McAfee Email Gateway 7.5.1.

See also the Help content on the gateway when you edit this option.

It says: "Select this to obscure any network information displayed in the Received headers. The Last Received header, added by your appliance, is not removed."

So the conclusion is: the last "From" header from your internal e-mail server to the McAfee Email Gateway will not be removed.

But....

McAfee does have another option to remove those headers.

See https://kc.mcafee.com/corporate/index?page=content&id=KB79418

This will have impact on your Outbound mail reporting, because all the outbound mail will be triggered as "monitored".

I have solved this with the following configuration: (i would suggest you test this first with a test policy rule!)

1)   Create an Outbound email policy rule, which will trigger when you send e-mail from inside to outside

2)   Under "Spam", open "Spam: Score >= ...."

3)  Tab "Basic Options"

4)  Under "Additional score-based actions" configure:

     - When the score is at least:      -50

    - Allow through (Monitor)

    - Aother Actions -> Modify headers and click on "Manage templates"

            - Click Add -> use the header name      "Received"

            - Select the option "Remove existing headers with the same name"

            - Save and close the window

    - Be sure that the options "Modify headers" and "Received" are selected

6) Add your other organization needs to this outbound policy rule.

7) Save and apply your configuration and test the effect

  

And the internal headers are gone...

anti-spam-settings-1.JPG

anti-spam-settings-2.JPG

on 2/21/14 9:35:53 AM CST

View solution in original post

6 Replies
Highlighted

Re: MEG 7.5 strip mail headers

Jump to solution

That setting should take care of it.  Have you contacted support on this?  They would probably file a bug on it after confirming the issue.  (There is also a newer version available in controlled release to test).

I would test it myself, but dont have my lab set up for it at the moment.

Highlighted

Re: MEG 7.5 strip mail headers

Jump to solution

I don t contact support because I have no time, If you test and works let me know please.

thanks for your reply!

HS.-

Highlighted

Re: MEG 7.5 strip mail headers

Jump to solution

Hi Herman,

I run in the same issue. I have contacted McAfee Support, and this is the answer from support:

     The header stripping option "Remove any Received-From headers to obscure network information" works as designed on McAfee Email Gateway 7.5.1.

See also the Help content on the gateway when you edit this option.

It says: "Select this to obscure any network information displayed in the Received headers. The Last Received header, added by your appliance, is not removed."

So the conclusion is: the last "From" header from your internal e-mail server to the McAfee Email Gateway will not be removed.

But....

McAfee does have another option to remove those headers.

See https://kc.mcafee.com/corporate/index?page=content&id=KB79418

This will have impact on your Outbound mail reporting, because all the outbound mail will be triggered as "monitored".

I have solved this with the following configuration: (i would suggest you test this first with a test policy rule!)

1)   Create an Outbound email policy rule, which will trigger when you send e-mail from inside to outside

2)   Under "Spam", open "Spam: Score >= ...."

3)  Tab "Basic Options"

4)  Under "Additional score-based actions" configure:

     - When the score is at least:      -50

    - Allow through (Monitor)

    - Aother Actions -> Modify headers and click on "Manage templates"

            - Click Add -> use the header name      "Received"

            - Select the option "Remove existing headers with the same name"

            - Save and close the window

    - Be sure that the options "Modify headers" and "Received" are selected

6) Add your other organization needs to this outbound policy rule.

7) Save and apply your configuration and test the effect

  

And the internal headers are gone...

anti-spam-settings-1.JPG

anti-spam-settings-2.JPG

on 2/21/14 9:35:53 AM CST

View solution in original post

Highlighted

Re: MEG 7.5 strip mail headers

Jump to solution

Thanks man, it s works!!!

Highlighted

Re: MEG 7.5 strip mail headers

Jump to solution

With the release of 7.6, there are now policy-based actions available.  With this the same actions are available, but instead of specifying an action based on some other rule as above, all mail passing though a policy (ie, your outbound policy) can have the action applied.  There is no way for a message to have criteria in the policy that the action would not work on.

policy_1.png

policy_action.png

This is not available on 7.5, but something to keep in mind for when you upgrade to 7.6.

Highlighted

Re: MEG 7.5 strip mail headers

Jump to solution

Hi Andy, thank you for your reply!

That's a really good consideration to adjust your policies when you upgrade from 7.5 to 7.6 to include your settings to use the "Policy based actions"

This is way the action is more reliable.

Btw, last week I also created a Product Enhancement Request (PER)  #25674, which is "Under Review" at this moment.

In the PER I have requested to add an option for removing the last internal "From:" header during the header stripping proces.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community