SECTION(global, priv)m4_dnl
admin_groups = CONF_admin_groups
+trusted_groups = CONF_trusted_groups
prod_requires_admin = false
SECTION(global, logging)m4_dnl
SECTION(global, daemon)m4_dnl
local_interfaces = <; CONF_interfaces
-extra_local_interfaces = <; 0.0.0.0 ; ::
+extra_local_interfaces = <; 0.0.0.0 ; ::0
SECTION(global, resource)m4_dnl
deliver_queue_load_max = 8
## Always allow the empty sender, so that we can receive bounces.
accept senders = :
- ## Ensure that the sender is routable. This is important to prevent
- ## undeliverable bounces.
- require message = Invalid sender; \
- ($sender_verify_failure; $acl_verify_message)
- verify = sender
+ ## Ensure that the sender looks valid.
+ require acl = mail_check_sender
## If this is directly from a client then hack on it for a while.
warn condition = ${if eq{$acl_c_mode}{submission}}
## And we're done.
accept
+SECTION(acl, misc)m4_dnl
+mail_check_sender:
+
+ ## See whether there's a special exception for this sender domain.
+ accept senders = ${LOOKUP_DOMAIN($sender_address_domain,
+ {KV(senders, {$value}{})},
+ {})}
+
+ ## Ensure that the sender is routable. This is important to prevent
+ ## undeliverable bounces.
+ require message = Invalid sender; \
+ ($sender_verify_failure; $acl_verify_message)
+ verify = sender
+
+ ## We're good, then.
+ accept
+
SECTION(global, acl)m4_dnl
acl_smtp_connect = connect
SECTION(acl, connect)m4_dnl
SECTION(global, acl)m4_dnl
acl_smtp_expn = expn_vrfy
acl_smtp_vrfy = expn_vrfy
-SECTION(acl)m4_dnl
+SECTION(acl, misc)m4_dnl
expn_vrfy:
accept hosts = +trusted
deny message = Suck it and see