skip to Main Content

Remove message header in Exchange Server

When you sent a message, a header will apply to the message. Most don’t know that the message header will tell the recipient more information than you think. For security reasons, you can remove Exchange internal hostnames and IP addresses from message header. In this article, you will learn how to configure a header firewall to remove internal hostnames and IP address from email header.

Send message to external recipient

Send an email from an Outlook client or Outlook Web Access (OWA) to an external recipient. In our example, we sent a message from Christopher’s mailbox to a Gmail email address.

Analyze message headers

Go to the Gmail inbox and open the message. Copy the message header and paste it in Message Header Analyzer by Microsoft. Click Analyze headers button.

We can see in the received headers that:

  • Message is sent from internal hostname EX01-2016.exoip.local
  • Internal IP address of EX01-2016
  • Message is received by Google

Remove message header in Exchange Server analyze headers before

Read more: Test outbound mail flow in Exchange Server »

For security reasons, you don’t want to give that much information. That’s why you want to remove Exchange internal hostnames and remove IP address from email header.

Get send connector name with PowerShell

Run Exchange Management Shell as administrator. Make use of the Get-SendConnector cmdlet. In our example, the name of the send connector to send internet mail is named Internet email.

Is it possible to find the send connector in Exchange Admin Center (EAC)? Yes, it is. Learn more in the next step.

Keep reading: Create send connector Exchange 2016 »

Get send connector name in Exchange Admin Center

Click in the feature pane on mail flow. Click send connectors in the tabs. Find the connector in the list view.

Remove message header in Exchange Server send connector EAC

In the next step, we will edit the send connector to remove internal hostnames and IP addresses from email header.

Remove internal hostnames and IP addresses from message headers

Check the send connector permissions that are assigned to the security principals. Find the security principal NT AUTHORITY\ANONYMOUS LOGON. Note that the name can vary a little bit if you have a different language than English.

We have to remove the Ms-Exch-Send-Headers-Routing permission from the security principal NT AUTHORITY\ANONYMOUS LOGON. Again, if you have a different language, copy the correct security principal from the above output.

Verify that the security principal NT AUTHORITY\ANONYMOUS LOGON is not showing in the output.

Analyze message headers after adjustment

Send an email to an external recipient. After that, analyze the received headers in the message.

The Exchange Server internal names and IP addresses from message headers are not showing. But, the internal hostname EX01-2016.exoip.local is still available. Why is that happening?

Remove message header in Exchange Server analyze headers after

It’s showing the Exchange internal hostname if you did not set an FQDN on the send connector.

Add FDQN to send connector

We recommend setting an FQDN on the send connector. You can do that in Exchange Admin Center or with PowerShell.

Specify send connector FQDN with PowerShell

Check the send connector FDQN. We can see that the FDQN is empty.

Set the send connector FDQN and verify that it’s configured with the second cmdlet.

Do you want to add the FDQN in Exchange Admin Center? See the next step.

Specify send connector FQDN in Exchange Admin Center

Double-click the send connector in the list view. Click scoping in the left menu and add the FDQN. Click the button Save.

Remove message header in Exchange Server add FDQN send connector EAC

Analyze message headers after FDQN adjustment

Send an email to an external recipient and analyze the received message header. This time it’s showing the submitting host as mail.exoip.com.

Remove message header in Exchange Server analyze headers after fqdn

We did successfully remove internal IP addresses and hostnames from message header.

Keep on reading: Migrate Exchange mailboxes with CSV file »

Conclusion

In this article, you learned how to remove message header in Exchange Server. Remove msExchSendHeadersRouting permission from default Exchange security principal Anonymous User Account. Make sure to add an FQDN to the send connector. After that, send an email and analyze the received headers with Message Header Analyzer. Confirm that both internal IP and internal hostnames are not showing anymore.

Did you enjoy this article? You may also like List all SMTP addresses with PowerShell. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

This Post Has 3 Comments

  1. Hello,

    Thanks for the information, what could be the reason why the information is still standing even though I have done all the actions? Send connector redirects on mail gateway. Maybe I need to do something there too?

    Regards

    1. Hi Again, Additional information: when I checked it after 8 hours, I saw that the server name information was gone, it has improved. But internal ip information stays.

      1. Hi Onur,

        You’re welcome.

        If you use a mail gateway, you should see that header instead. Most of the vendors will let you remove the headers. Consult the vendor if you don’t see that option in the documentation.

        You can send me more information about your setup and a screenshot of the header to my email. We can discuss it over there.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top