X-Git-Url: https://git.distorted.org.uk/~mdw/exim-config/blobdiff_plain/1e5ccd7c52be79d1de45691a0bb46cbb1a686bf0..10c331d72ffa289e765f937cc9288986aaf0f59a:/exchange.m4

diff --git a/exchange.m4 b/exchange.m4
index 9f8324a..b4cb02b 100644
--- a/exchange.m4
+++ b/exchange.m4
@@ -52,18 +52,37 @@ mail_client_addr:
 			   {${if match_domain {$sender_address_domain} \
 					      {+public} \
 				 {+allnets}{! +allnets}}})}
-		 ADD_HEADER(<:X-CONF_header_token-Warning: \
-			RCLNTLSNDR \
-			Apparently local sender, but received from remote \
-			server.\n\t\
-			sender=$sender_address \
-			host=$sender_host_address:>)
+		  WARNING_HEADER(RCLNTLSNDR,
+				 <:Apparently local sender, but received from remote \
+				   server.\n\t\
+				   sender=$sender_address \
+				   host=$sender_host_address:>)
 
 	## OK.
 	accept
 
 DIVERT(null)
 ###--------------------------------------------------------------------------
+### Rename locally-meaningful headers in mail from outside.
+
+m4_define(<:DISTORTED_HEADERS:>,
+<:X-CONF_header_token-SpamAssassin-Score,
+X-CONF_header_token-SpamAssassin-Status:>)
+
+SECTION(acl, data)m4_dnl
+	## If this message is coming from outside then rename headers which
+	## look like the ones we're likely to add.  This is most relevant for
+	## our spam-report headers, because I'm not sure I understand why
+	## someone would want to fake an X-Distorted-Warning header.
+	warn	!condition = ${if eq{$acl_c_mode}{submission}}
+		!hosts = +allnets
+		 set acl_m_hdradd = ${if def:acl_m_hdradd{$acl_m_hdradd}}\
+			RENAME_HEADERS_ADD(<:DISTORTED_HEADERS:>)
+		 set acl_m_hdrrm = ${if def:acl_m_hdrrm{$acl_m_hdrrm:}}\
+			RENAME_HEADERS_REMOVE(<:DISTORTED_HEADERS:>)
+
+DIVERT(null)
+###--------------------------------------------------------------------------
 ### The obvious trivial router.
 
 SECTION(routers, remote)m4_dnl