From: Mark Wooding <mdw@distorted.org.uk>
Date: Fri, 10 Jan 2014 11:28:46 +0000 (+0000)
Subject: exchange.m4: Reluctantly accept local senders from remote clients.
X-Git-Url: https://git.distorted.org.uk/~mdw/exim-config/commitdiff_plain/fd37fad572562acd3fd1ee3c06a429633f29616c

exchange.m4: Reluctantly accept local senders from remote clients.
---

diff --git a/exchange.m4 b/exchange.m4
index 08fe4a0..d38e137 100644
--- a/exchange.m4
+++ b/exchange.m4
@@ -56,13 +56,21 @@ mail_client_addr:
 	## If this is a message submission then that's handled elsewhere.
 	accept	 condition = ${if eq{$acl_c_mode}{submission}}
 
-	## Make sure that the sender matches the client address.
-	require	 message = Client host invalid for sender domain
-		 hosts = ${LOOKUP_DOMAIN($sender_address_domain,
+	## Make sure that the sender matches the client address.  I feel like
+	## I want to reject these, but that will break stuff.  For example,
+	## if I send mail to an externally hosted address which is really a
+	## distribution list containing some local address, then we'll
+	## (approximately legitimately) receive mail with an apparently-local
+	## sender from a remote host.
+	warn	!hosts = ${LOOKUP_DOMAIN($sender_address_domain,
 			   {KV(hosts, {$value}{+allnets})},
 			   {${if match_domain {$sender_address_domain} \
 					      {+public} \
 				 {+allnets}{! +allnets}}})}
+		 add_header = :after_received:X-Distorted-Warning: \
+			RCLNTLSNDR \
+			Apparently local sender, but received from remote \
+			server.
 
 	## OK.
 	accept