spam.m4: Rename X-SpamAssassin-* headers to X-Distorted-SpamAssassin-*.

[exim-config] / base.m4

diff --git a/base.m4 b/base.m4
index 22f6852b65c64f11e530bf470d3c172b70341d75..8f962bb4462f44f7bbe6d39ab24426938a65ed77 100644 (file)
--- a/base.m4
+++ b/base.m4
@@ -85,6 +85,7 @@ SECTION(global, process)m4_dnl
 extract_addresses_remove_arguments = false
 headers_charset = utf-8
 qualify_domain = CONF_master_domain
+untrusted_set_sender = *
 
 SECTION(global, bounce)m4_dnl
 delay_warning = 1h : 24h : 2d
@@ -151,8 +152,14 @@ SECTION(acl, mail)m4_dnl
 mail:
 
        ## If we stashed a warning header about HELO from earlier, we should
-       ## add it now.
+       ## add it now.  Only don't bother if the client has authenticated
+       ## successfully for submission (because we can't expect mobile
+       ## clients to be properly set up knowing their names), or it's one of
+       ## our own satellites (because they're either properly set up anyway,
+       ## or satellites using us as a smarthost).
        warn     condition = $acl_c_helo_warning
+               !condition = ${if eq{$acl_c_mode}{submission}}
+               !hosts = +allnets
                 add_header = :after_received:X-Distorted-Warning: \
                        BADHELO \
                        Client's HELO doesn't match its IP address.\n\t\
@@ -167,7 +174,7 @@ mail:
 
        ## If this is directly from a client then hack on it for a while.
        warn     condition = ${if eq{$acl_c_mode}{submission}}
-                control = submission
+                control = submission/sender_retain
 
        ## Insist that a local client connect through TLS.
        deny     message = Hosts within CONF_master_domain must use TLS