X-Git-Url: https://git.distorted.org.uk/~mdw/exim-config/blobdiff_plain/163774f065a38bfef6e9523770caca664f644966..8c55c5f23219896ff4531a6b5d63731e62da1b8a:/base.m4

diff --git a/base.m4 b/base.m4
index 73c454b..807c57a 100644
--- a/base.m4
+++ b/base.m4
@@ -161,11 +161,8 @@ mail:
 	## Always allow the empty sender, so that we can receive bounces.
 	accept	 senders = :
 
-	## Ensure that the sender is routable.  This is important to prevent
-	## undeliverable bounces.
-	require	 message = Invalid sender; \
-			($sender_verify_failure; $acl_verify_message)
-		 verify = sender
+	## Ensure that the sender looks valid.
+	require	 acl = mail_check_sender
 
 	## If this is directly from a client then hack on it for a while.
 	warn	 condition = ${if eq{$acl_c_mode}{submission}}
@@ -184,6 +181,23 @@ SECTION(acl, mail-tail)m4_dnl
 	## And we're done.
 	accept
 
+SECTION(acl, misc)m4_dnl
+mail_check_sender:
+
+	## See whether there's a special exception for this sender domain.
+	accept	 senders = ${LOOKUP_DOMAIN($sender_address_domain,
+			     {KV(senders, {$value}{})},
+			     {})}
+
+	## Ensure that the sender is routable.  This is important to prevent
+	## undeliverable bounces.
+	require	 message = Invalid sender; \
+			($sender_verify_failure; $acl_verify_message)
+		 verify = sender
+
+	## We're good, then.
+	accept
+
 SECTION(global, acl)m4_dnl
 acl_smtp_connect = connect
 SECTION(acl, connect)m4_dnl
@@ -258,7 +272,7 @@ SECTION(acl, data-tail)m4_dnl
 SECTION(global, acl)m4_dnl
 acl_smtp_expn = expn_vrfy
 acl_smtp_vrfy = expn_vrfy
-SECTION(acl)m4_dnl
+SECTION(acl, misc)m4_dnl
 expn_vrfy:
 	accept	 hosts = +trusted
 	deny	 message = Suck it and see