All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Bitcoin SMTP
Example: https://luxsci.com/extranet/info/email-smtp-anon.html
Anyone know of other providers like the one above? Please don't suggest Amazon SES.
Where can I find an SMTP service that scrubs all email headers including origin IP? This is to prevent DDOS. Currently, the backend server IP is shown in email headers when users get welcome mail or forgot password mail. This is no good as hackers can therefore bypass my DDOS protection I have in place. I also need provider to accept Bitcoin or cryptocurrency. This will NOT be used for spam, that I can guarantee. It will be solely used for transactional emails for a privacy conscious community.
I'd say only a couple hundred emails per day will likely to be sent. Like I said, I'm NOT in the spam game, user generated emails only!
Comments
SES and Mailchimp both do not send origin IP along.
I remove a received header on remote delivery. So if you're sending to someone remote (ie. not from a@domaina to b@domaina) the original received header showing the system that sent it to my server should be absent. I also accept crypto. Don't get me blacklisted and we're best friends.
(me = MXroute)
It is impossible to hide ip from ddos, just two cents, so no sense to care about ip in headers.
SES is the best, very easy to setup and monitor any issues like health of account and billing.
backend server > frontend server > client
Client sees frontend server. Client attacks frontend, backend protected. But if backend sends email, instead of the frontend sending it, backend IP gets written in a received header and exposed.
^ jar has perfectly described our problem :-)
It is impossible to hide backend server from attack, to hide ip in the email and think that you are safe hm...
I have backend servers that aren't even globally routable other than to/from Akamai...
Firewall off all access on the back end so that it can only communicate with the frontend. How would you intend to find the back end IP in this average, totally normal setup?
Have no ideas but it cost from 7$ per hour just google it. Just edit - of course i am talking about web servers or anything online.
That an IP exists isn't hidden of course, but how many people hit 0.0.0.0/0 when trying to bring down one website? Not even state actors go that far. If the content is on 1.1.1.1 and the frontend is at 1.1.1.2, and 1.1.1.1 only communicates with 1.1.1.2, you'll never be able to confirm that the data is hosted on 1.1.1.1 unless the server leaks it's IP, because the clients are all hitting 1.1.1.2. This is something you can protect against.
But in above case the problem that 1.1.1.2 is sending emails and NOT 1.1.1.1 that is what I can't understand )) it's like ABC for me
Damn i give up ))
Let's say the client hits port 80 on 1.1.1.2. It uses reverse proxy to pull the data from 1.1.1.1 and serve it to the client, over their connection with 1.1.1.2. But the software is on 1.1.1.1, so when the software initiates an email send the address making the outbound connection is actually 1.1.1.1. If that makes sense
This is typical of a load balanced setup or a GRE tunnel used for DDOS protection.
Is there an easy way to setup my own SMTP server/relay that strips out email headers and origin IP? Like is there a script or software you suggest that can do this? Maybe I can run my own SMTP server/relay on a DDOS protected spare VM I have laying around? I have heard of things like https://mailcow.email but it seems like way more features than what I need.
Isn't this pretty easy to do with postfix header checks?
This is for outbound, if your same server is taking inbound, then switch it on in master.cf.
Gsuite & Gmail don't send the source IP address.