X-Git-Url: https://git.distorted.org.uk/~mdw/exim-config/blobdiff_plain/945da4acd058761e3ecc640f3237a92cd90bf6f3..1df2595e16dd591d27c4089f19dac493f638d3ca:/exchange.m4

diff --git a/exchange.m4 b/exchange.m4
index 1dc58f0..fe79ce3 100644
--- a/exchange.m4
+++ b/exchange.m4
@@ -52,18 +52,39 @@ mail_client_addr:
 			   {${if match_domain {$sender_address_domain} \
 					      {+public} \
 				 {+allnets}{! +allnets}}})}
-		 add_header = :after_received:X-CONF_header_token-Warning: \
+		 ADD_HEADER(<:X-CONF_header_token-Warning: \
 			RCLNTLSNDR \
 			Apparently local sender, but received from remote \
 			server.\n\t\
 			sender=$sender_address \
-			host=$sender_host_address
+			host=$sender_host_address:>)
 
 	## OK.
 	accept
 
 DIVERT(null)
 ###--------------------------------------------------------------------------
+### Rename locally-meaningful headers in mail from outside.
+
+m4_define(<:DISTORTED_HEADERS:>,
+<:X-CONF_header_token-Warning,
+X-CONF_header_token-SpamAssassin-Score,
+X-CONF_header_token-SpamAssassin-Status:>)
+
+SECTION(acl, data)m4_dnl
+	## If this message is coming from outside then rename headers which
+	## look like the ones we're likely to add.  This is most relevant for
+	## our spam-report headers, because I'm not sure I understand why
+	## someone would want to fake an X-Distorted-Warning header.
+	warn	!condition = ${if eq{$acl_c_mode}{submission}}
+		!hosts = +allnets
+		 set acl_m_hdradd = ${if def:acl_m_hdradd{$acl_m_hdradd}}\
+			RENAME_HEADERS_ADD(<:DISTORTED_HEADERS:>)
+		 set acl_m_hdrrm = ${if def:acl_m_hdrrm{$acl_m_hdrrm:}}\
+			RENAME_HEADERS_REMOVE(<:DISTORTED_HEADERS:>)
+
+DIVERT(null)
+###--------------------------------------------------------------------------
 ### The obvious trivial router.
 
 SECTION(routers, remote)m4_dnl