Reducing data leakage when sending outbound emails from RT

Reaching out the brain trust once again!

We’ve recently started collaborating outside our organization (RT 4.4.3) and want to reduce data leakage as much as possible. We’ve been monitoring outbound communications sent through RT as comments / CC’s and noticed ‘X-RT-Originator’ in the header includes our RT user email.

Found this old old topic - RT-Originator

In SendEmail.pm"
Can we comment out this section without causing any issues? The goal is to make sure that tech-savvy recipients do not look through the headers and identify who sent the email from the generic mail account.
{
$self->SetHeader( ‘X-RT-Originator’, $email );
}

I think this config should work for you!
https://docs.bestpractical.com/rt/5.0.0/RT_Config.html#UseOriginatorHeader

Awesome! Thank you, we were able to remove the X-RT-Originator header.

I’m going to press my luck here and ask a follow up (I don’t know what to call this feature / setting).

When we reply or comment on a comment and send a one time CC externally (Which we like to do because it threads the quoted text), RT adds a line to the comment such as “On Wed Feb 17 18:24:46 2021, internalemailaddress@x.com wrote:”

This aligns with our internal RT user accounts, but would unfortunately leak information for outbound emails.

Any recommendations or pointers to mitigate this one and is it possible to restrict to a per queue basis? Otherwise, we are thinking about standing another RT instance just for external collaboration.