exchange.m4: Rename X-Distorted-... headers in messages from outside.

They're quite possibly misleading.  I don't think there's much harm
which can be done by adding extra X-Distorted-Warning headers, but
certainly we don't want anyone confusing things by adding their own
X-Distorted-SpamAssassin-... headers.  (That won't affect the server's
assessment of spamminess in any obvious way, but the purpose of the
header is to give user filters something to act on, so it's important
that they use the true header rather than the wrong one.)

diff --git a/exchange.m4 b/exchange.m4
index 9f8324a..fe79ce3 100644 (file)
--- a/exchange.m4
+++ b/exchange.m4
@@ -64,6 +64,27 @@ mail_client_addr:
 
 DIVERT(null)
 ###--------------------------------------------------------------------------
+### Rename locally-meaningful headers in mail from outside.
+
+m4_define(<:DISTORTED_HEADERS:>,
+<:X-CONF_header_token-Warning,
+X-CONF_header_token-SpamAssassin-Score,
+X-CONF_header_token-SpamAssassin-Status:>)
+
+SECTION(acl, data)m4_dnl
+       ## If this message is coming from outside then rename headers which
+       ## look like the ones we're likely to add.  This is most relevant for
+       ## our spam-report headers, because I'm not sure I understand why
+       ## someone would want to fake an X-Distorted-Warning header.
+       warn    !condition = ${if eq{$acl_c_mode}{submission}}
+               !hosts = +allnets
+                set acl_m_hdradd = ${if def:acl_m_hdradd{$acl_m_hdradd}}\
+                       RENAME_HEADERS_ADD(<:DISTORTED_HEADERS:>)
+                set acl_m_hdrrm = ${if def:acl_m_hdrrm{$acl_m_hdrrm:}}\
+                       RENAME_HEADERS_REMOVE(<:DISTORTED_HEADERS:>)
+
+DIVERT(null)
+###--------------------------------------------------------------------------
 ### The obvious trivial router.
 
 SECTION(routers, remote)m4_dnl