Merge branch 'master' of git.distorted.org.uk:~mdw/publish/public-git/exim-config

* 'master' of git.distorted.org.uk:~mdw/publish/public-git/exim-config:
  base.m4: New `senders' entry in `domains.conf'.
  base.m4: Missing subsection name.
  spam.m4: No, we can't check domains in the DATA ACL.
  spam.m4: Allow virtual domains to opt out of spam checking.

diff --git a/base.m4 b/base.m4
index 73c454b..807c57a 100644 (file)
--- a/base.m4
+++ b/base.m4
@@ -161,11 +161,8 @@ mail:
        ## Always allow the empty sender, so that we can receive bounces.
        accept   senders = :
 
-       ## Ensure that the sender is routable.  This is important to prevent
-       ## undeliverable bounces.
-       require  message = Invalid sender; \
-                       ($sender_verify_failure; $acl_verify_message)
-                verify = sender
+       ## Ensure that the sender looks valid.
+       require  acl = mail_check_sender
 
        ## If this is directly from a client then hack on it for a while.
        warn     condition = ${if eq{$acl_c_mode}{submission}}
@@ -184,6 +181,23 @@ SECTION(acl, mail-tail)m4_dnl
        ## And we're done.
        accept
 
+SECTION(acl, misc)m4_dnl
+mail_check_sender:
+
+       ## See whether there's a special exception for this sender domain.
+       accept   senders = ${LOOKUP_DOMAIN($sender_address_domain,
+                            {KV(senders, {$value}{})},
+                            {})}
+
+       ## Ensure that the sender is routable.  This is important to prevent
+       ## undeliverable bounces.
+       require  message = Invalid sender; \
+                       ($sender_verify_failure; $acl_verify_message)
+                verify = sender
+
+       ## We're good, then.
+       accept
+
 SECTION(global, acl)m4_dnl
 acl_smtp_connect = connect
 SECTION(acl, connect)m4_dnl
@@ -258,7 +272,7 @@ SECTION(acl, data-tail)m4_dnl
 SECTION(global, acl)m4_dnl
 acl_smtp_expn = expn_vrfy
 acl_smtp_vrfy = expn_vrfy
-SECTION(acl)m4_dnl
+SECTION(acl, misc)m4_dnl
 expn_vrfy:
        accept   hosts = +trusted
        deny     message = Suck it and see

diff --git a/spam.m4 b/spam.m4
index ce9c8e3..9b7fe0d 100644 (file)
--- a/spam.m4
+++ b/spam.m4
@@ -103,11 +103,26 @@ skip_spam_check:
        accept   hosts = +trusted
        accept   condition = ${if eq{$acl_c_mode}{submission}}
 
+       ## If all domains have disabled spam checking then don't check.
+       accept  !condition = $acl_c_spam_check_domain
+
        ## Otherwise we should check.
        deny
 
 rcpt_spam:
 
+       ## If this is a virtual domain, and it says `spam-check=no', then we
+       ## shouldn't check spam.  But we can't check domains at DATA time, so
+       ## instead we must track whether all recipients have disabled
+       ## checking.
+       warn    !domains = ${if exists{CONF_sysconf_dir/domains.conf} \
+                        {partial0-lsearch; CONF_sysconf_dir/domains.conf} \
+                        {}}
+                set acl_c_spam_check_domain = true
+       warn    !condition = $acl_c_spam_check_domain
+                condition = DOMKV(spam-check, {${expand:$value}}{true})
+                set acl_c_spam_check_domain = true
+
        ## See if we should do this check.
        accept   acl = skip_spam_check