Also, factor out the `do we check this' logic into a separate ACL,
because I got confused during testing and only modified one copy.
require acl = rcpt_spam
SECTION(acl, misc)m4_dnl
require acl = rcpt_spam
SECTION(acl, misc)m4_dnl
- ## If the client is trusted, don't bother with any of this.
+ ## If the client is trusted, or this is a new submission, don't
+ ## bother with any of this. We will have verified the sender
+ ## fairly aggressively before granting this level of trust.
+ accept condition = ${if eq{$acl_c_mode}{submission}}
+
+ ## Otherwise we should check.
+ deny
+
+rcpt_spam:
+
+ ## See if we should do this check.
+ accept acl = skip_spam_check
## Always accept mail to `postmaster'. Currently this is not
## negotiable; maybe a tweak can be added to `domains.conf' if
## Always accept mail to `postmaster'. Currently this is not
## negotiable; maybe a tweak can be added to `domains.conf' if
SECTION(acl, misc)m4_dnl
data_spam:
SECTION(acl, misc)m4_dnl
data_spam:
- ## If the client is trusted, don't bother with any of this.
- accept hosts = +trusted
+ ## See if we should do this check.
+ accept acl = skip_spam_check
## Check header validity.
require verify = header_syntax
## Check header validity.
require verify = header_syntax