Privacy (IP) issue with sent emails...

E-mails
1

Hello,

I've noticed, while testing a newly created email address, that my public IP address appears in the headers of the emails I send. Whether via OVH, Orange, or Free…
Sometimes even my private IP (192.168.X.X) shows up, but that's less serious.

However, if I send an email via Proton or Gmail, my IP addresses (public and private) do not appear in the headers.

I find it abnormal and very risky that OVH (as well as Orange, Free, etc.) lets the sender's IP address appear clearly in the headers. Especially if you have remote cameras, a NAS, etc.

On THUNDERBIRD (Windows), TypApp (Android) and RoundCube (OVH and Free webmail), there doesn't seem to be an option to hide your IP in the headers of sent emails.

So I'm looking for a solution.

Aside from using a VPN (which has drawbacks such as the risk of your emails ending up in the recipient's spam folder), is there another way to hide my IP addresses (public and private) in the headers of the emails I send?

A solution that, if possible, doesn't force me to change provider (here OVH).

I look forward to your answers.

Thank you.

2

Hello @ALT-92,

@fritz2cat @TTY @Sich, I don’t have any information or documentation to share on this topic. Do you have any ideas?

^FabL

3

@fritz2cat is clearly our email specialist :slight_smile:

But Pierre-Edouard Caron (Product Owner Collaboration Team) said about this:

This field still allows some receiving services to filter our traffic more finely by blocking the originating source IP rather than the OVH outbound IP (affecting all customers…). It is also useful to us internally to perform antispam filtering before sending.
I recall having done an analysis a few years ago on this subject with a decision to maintain it.
The world of email filtering having evolved, I will add an analysis to our backlog.

4

Hum, how is the mail client configured?
Because normally if you send your emails via SMTPS (465/SSL) or submission (587/STARTTLS) the client’s IP is not visible, only the original server’s IP.
Since it’s the server that sends the mail and not the client, unless the client has an esoteric configuration.

I know that clients like Outlook can have dubious behavior, but still, what’s the point of using them as well?

We should look at the client in detail, its configuration, and also test a send to mail‑tester.com.

After that, as @TTY says, there may be a specific configuration on OVH relays that injects a specific header with the client’s original IP. But since I don’t use OVH mail services I have no experience with that.

5

Hello everyone,

If I have been silent lately, it’s because I have been away for 2 weeks at a time during the past three weeks…

To answer @ALT-92’s question

SMTP is designed that way "by design". The IP address of the machine that connects is indicated in the chain of "Received‑by" headers, at the top of the stack at each hop.

If @ALT‑92 even sees his private address 192.168.X.X it’s because his own mail client supplied that information during the HELO phase of the SMTP dialogue (or he has a home mail relay).

Google once decided to change the game by hiding the end‑user’s IP address. This is only possible through a webmail where the first address visible in the SMTP path is that of the webmail server.

And now people want to treat that as a standard. Who makes the rule? Google or the IETF?

In the case of OVH, you need to know that there are specifics at the smtp server ssl0.ovh.net. There is a "home‑grown" proxy mechanism that makes this proxy – not your real IP – appear as the first SMTP hop.

Here is a real, barely anonymized trace:

Received: from 11.mo584.mail-out.ovh.net (11.mo584.mail-out.ovh.net [46.105.34.195])
	by [recipient server] (Postfix) with ESMTPS id ED8E7FF695
	for <f@d.n>; Tue, 19 May 2026 09:09:15 +0000 (UTC)
Received: from director1.ghost.mail-out.ovh.net (unknown [10.110.0.231])
	by mo584.mail-out.ovh.net (Postfix) with ESMTP id 4gKTPk62W8z8HKM
	for <f@d.n>; Tue, 19 May 2026 09:09:14 +0000 (UTC)
Received: from ghost-submission-7d8d68f679-nzxnd (unknown [10.110.164.235])
	by director1.ghost.mail-out.ovh.net (Postfix) with ESMTPS id B7AA0C14B4
	for <f@d.n>; Tue, 19 May 2026 09:09:14 +0000 (UTC)
Received: from XXX1 ([37.59.142.103])
	by ghost-submission-7d8d58f679-nzxnd with ESMTPSA
	id B/mkH7ooDGq6YgQAuzhN7w
	(envelope-from <f@d.n>)
	for <f@d.n>; Tue, 19 May 2026 09:09:14 +0000
Authentication-Results:garm.ovh; auth=pass (GARM-103G006ef98eaf1-aa22-45d8-b161-ee6232b78d0a,
                    1BB0C11CAB58D43B1E5B321705E48F617F7B0D0D) smtp.auth=f@d.n
X-OVh-ClientIp:XXX2
MIME-Version: 1.0
Date: Tue, 19 May 2026 11:09:14 +0200

Comments: XXX1 is the hostname my mail client presented during the HELO phase.
37.59.142.103 is the IP address of the OVH proxy I mentioned earlier.
XXX2 is the IP address of my mail client, which OVH deliberately logged – otherwise the ssl0.ovh.net proxy becomes responsible for anything you might send as illegal mail, scams, etc. I completely understand OVH’s position of not wanting to assume that responsibility.
Conversely, when you receive a phishing email from an address hosted at Gmail, have you ever asked yourself how to trace the scammer if Google does not cooperate?

6

That's why, in France, we as hosts are required to retain these logs for one year, and we are required to hand them over to the justice system upon a judicial request, which precisely allows the original sender to be identified while maintaining a minimum of confidentiality for the end user.

Even if, to be honest, nobody really cares about your IP :slight_smile:

7

Hello everyone,

Thanks for your feedback.

@Sich

I use THUNDERBIRD (Windows) and TypApp (Android), with an outgoing SMTP server (SSL/TLS, port 465) and yet my public IP (the one provided by my ISP) appears in every email I send.

So this isn’t an Outlook‑specific issue.

By the way, I was told that the Mail app on iOS can hide your public IP when sending emails.

I don’t know if that’s true because I don’t have an iOS smartphone or PC.

I’m surprised that other apps don’t allow this.

@fritz2cat

Speaking of the “tracing” of your email sending, you say:

"XXX2 is the IP address of my mail client"

So you can see your public IP address on that line?

...

So, apart from using a VPN, it isn’t possible to hide your public IP in the headers of emails sent from an OVH email address?

8

If it's the OVH relay server that adds the sender's IP in custom mode, there's nothing the client can do to hide it (except a VPN).
But honestly, nobody really cares about your IP (no ill will from me).

9

@Sich

I can imagine that many people don’t pay attention to this.

But personally, I find it annoying to have my public IP displayed in my emails.

Besides, by the way, when sending an email from an Orange or Free address, the problem seems to be the same (public IP visible in the headers).

Only Gmail hides its public IP (I tested only from the webmail).

10

It’s a standard SMTP feature.
I just tested with an Infomaniak address I have in the @ik.me domain and I found that Infomaniak has either hacked or configured its Postfix servers to mask the IP address (replaced by "unknown" below).

Received: from unknown by smtp-4-0001.mail.infomaniak.ch (Postfix) with ESMTPA id 4gKYGK1Tn1zTQ5
	for <f@d.n>; Tue, 19 May 2026 14:03:05 +0200 (CEST)
Message-ID: <9100ac20-942a-4ceb-93a7-b9832bdb7281@ik.me>
Date: Tue, 19 May 2026 14:03:08 +0200
11

@fritz2cat

So you also notice your public IP being displayed on emails sent from an OVH address?

12

yes, and it doesn't worry me.

13

@fritz2cat

On your Infomaniak email address, is the IP hidden only in the webmail or also in an email client (THUNDERBIRD, etc)?

14

@alt-92 It's good, Thunderbird.