Home » Exchange Server » Remove Internal Exchange Server Names and IP Addresses from Message Headers

Remove Internal Exchange Server Names and IP Addresses from Message Headers

When you send an email message, the recipient can view the headers of the message and see all of the “hops” that the message went through on its journey from one mailbox to another.

message-headers-01

The header info is very useful in troubleshooting situations, because you can copy/paste it into tools like the message analyzer in the Microsoft Remote Connectivity Analyzer and look at things like delays in message transfer between servers along the route the message took.

message-headers-02

However, some organizations don’t want their internal Exchange server names and IP addresses exposed in the message headers of emails sent outside of their organization. To remove them, you can use a feature called the header firewall, which is explained in detail on TechNet.

The first step is to determine the name of your outbound send connector for internet email. In my environment an Edge Transport server is used for outbound mail, so the outbound send connector is named “EdgeSync – Datacenter1 to Internet” (Datacenter1 is the name of the Active Directory site the Edge server is subscribed to). I want to remove the message headers for outbound mail sent over that connnector only, and not impact the messages sent over other connectors to Office 365 or the Globomantics partner organization.

The command to remove the message headers is as follows:

After running that command, I needed to wait for EdgeSync to run (or run it manually) before the change would take effect. After the change has taken effect, outbound messages no longer contain the internal server names and IP addresses in the headers. Only the Edge Transport server name and IP address are shown.

message-headers-03

message-headers-04

If you need to reverse the change, use Add-AdPermission instead of Remove-AdPermission.

Paul is a Microsoft MVP for Office Servers and Services. He works as a consultant, writer, and trainer specializing in Office 365 and Exchange Server. Paul is a co-author of Office 365 for IT Pros and several other books, and is also a Pluralsight author.
Category: Exchange Server

19 comments

    • Yes, but be cautious as I’ve seen that cause Gmail to start rejecting email due to IPv6 requirements. If for some reason you can’t meet the IPv6 requirements they’re looking for, setting the SourceIPAddress on send connector (for Edge Transport scenarios) to the public IPv4 address of the server seems to fix it up.

  1. Noel says:

    Paul, you mentioned at the beginning of the article that you the header firewall feature, but it seems to be you only need to run the command you ran. I am not clear about how to apply that feature.

    What am I missing?

  2. Mark says:

    I was doing this previously using transport rules in Exchange 2007, which I replicated on the 2013 Edge servers. This method looks much simpler and cleaner, though.

  3. Alexey says:

    Thanks, Paul for your posts! Is there a way to customize or rewrite Message-ID header to eliminate internal server name as well?

  4. asmaaa515687 says:

    Hello,

    I am trying to remove Received Headers from outbound emails. I try the cmd Get-SendConnector “My send connector” | Add-ADPermission -User “NT AUTHORITYANONYMOUS LOGON” -ExtendedRights ms-Exch-Send-Headers-Routing
    And i have run the edgesync service using the cmd Start-EdgeSynchronization -Server Mailbox01
    But my send connector still show Received Headers.
    Could u help me please to find solution to this problem

  5. asmaaa515687 says:

    I’ve used Get-SendConnector “My send connector” | Add-ADPermission -User “NT AUTHORITYANONYMOUS LOGON” -ExtendedRights ms-Exch-Send-Headers-Routing but still see the received headers in outgoing emails.

    • asmaaa515687 says:

      Sorry i meant I’ve used Get-SendConnector “My send connector” | REMOVE-ADPermission -User “NT AUTHORITYANONYMOUS LOGON” -ExtendedRights ms-Exch-Send-Headers-Routing but still see the received headers in outgoing emails.

Leave a Reply

Your email address will not be published. Required fields are marked *