diff --git a/README.md b/README.md
index fcd9285..496a3dc 100644
--- a/README.md
+++ b/README.md
@@ -67,6 +67,11 @@ mydestination: []
 
 # Check quota with dovecot at 127.0.0.1:12340
 check_dovecot_quota: false
+
+# Header checks (only header_checks and mime_header_checks supported), see http://www.postfix.org/header_checks.5.html
+# privacy related headers are removed in any case, you can add more like this:
+add_header_checks:
+    - { regexp: "^Mime:", action: "IGNORE" }
 ```
 
 **postfixmaps**
diff --git a/defaults/main.yml b/defaults/main.yml
index 10c0022..d9c51c1 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -37,3 +37,4 @@ postfix:
       mailboxes: mailMessageStore
   check_dovecot_quota: false
   postfixmaps: []
+  add_header_checks: []
diff --git a/files/header_checks b/files/header_checks
deleted file mode 100644
index d553c14..0000000
--- a/files/header_checks
+++ /dev/null
@@ -1,4 +0,0 @@
-/^Received:.*with ESMTPSA/      IGNORE
-/^X-Originating-IP:/            IGNORE
-/^X-Mailer:/                    IGNORE
-/^User-Agent:/                  IGNORE
diff --git a/tasks/main.yml b/tasks/main.yml
index 9d472ee..9a10acd 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -54,16 +54,10 @@
     - { src: "main.cf.j2", dest: "/etc/postfix/main.cf" }
     - { src: "master.cf.j2", dest: "/etc/postfix/master.cf" }
     - { src: "virtual-aliases.cf.j2", dest: "/etc/postfix/virtual-aliases.cf" }
+    - { src: "header_checks.j2", dest: "/etc/postfix/header_checks" }
   notify:
   - restart postfix
 
-- name: Copy header_checks
-  copy:
-    src: header_checks
-    dest: /etc/postfix/header_checks
-  notify:
-    - restart postfix
-
 - name: copy postfix maps
   template:
     src: maps.j2
diff --git a/templates/header_checks.j2 b/templates/header_checks.j2
new file mode 100644
index 0000000..51775ff
--- /dev/null
+++ b/templates/header_checks.j2
@@ -0,0 +1,11 @@
+/^Received:.*with ESMTPSA/      IGNORE
+/^X-Originating-IP:/            IGNORE
+/^X-Mailer:/                    IGNORE
+/^User-Agent:/                  IGNORE
+
+{% if postfix.add_header_checks|length %}
+# {{ ansible_managed }}
+{% for item in postfix.add_header_checks %}
+/{{ item.regexp }}/	{{ item.action }}
+{% endfor %}
+{% endif %}
\ No newline at end of file