X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/exim-config/blobdiff_plain/ad4e41911e909d146a3ae364f4de428785094277..3e7e168cf0a57fea364ad9a913574b383565d9be:/base.m4

diff --git a/base.m4 b/base.m4
index 1c9dacf..e78194a 100644
--- a/base.m4
+++ b/base.m4
@@ -73,7 +73,13 @@ received_header_text = Received: \
 	${if def:sender_address \
 	     {(envelope-from $sender_address\
 	      ${if def:authenticated_id \
-		   {; auth=$authenticated_id}})\n\t}}\
+		   {; auth=${quote_local_part:$authenticated_id}} \
+		   {${if and {{def:authenticated_sender} \
+			      {match_address{$authenticated_sender} \
+					    {*@CONF_master_domain}}} \
+			 {; auth=${quote_local_part:\
+				    ${local_part:\
+				      $authenticated_sender}}}}}})\n\t}}\
 	id $message_exim_id\
 	${if def:received_for {\n\tfor $received_for}}
 
@@ -81,10 +87,16 @@ SECTION(global, smtp)m4_dnl
 smtp_return_error_details = true
 accept_8bitmime = true
 
+SECTION(global, env)m4_dnl
+keep_environment =
+
 SECTION(global, process)m4_dnl
 extract_addresses_remove_arguments = false
 headers_charset = utf-8
 qualify_domain = CONF_master_domain
+untrusted_set_sender = *
+local_from_check = false
+local_sender_retain = true
 
 SECTION(global, bounce)m4_dnl
 delay_warning = 1h : 24h : 2d
@@ -141,6 +153,7 @@ SECTION(acl, misc)m4_dnl
 not_smtp_start:
 	## Record the user's name.
 	warn	 set acl_c_user = $sender_ident
+		 set acl_m_user = $sender_ident
 
 	## Done.
 	accept
@@ -151,13 +164,18 @@ SECTION(acl, mail)m4_dnl
 mail:
 
 	## If we stashed a warning header about HELO from earlier, we should
-	## add it now.
+	## add it now.  Only don't bother if the client has authenticated
+	## successfully for submission (because we can't expect mobile
+	## clients to be properly set up knowing their names), or it's one of
+	## our own satellites (because they're either properly set up anyway,
+	## or satellites using us as a smarthost).
 	warn	 condition = $acl_c_helo_warning
-		 add_header = :after_received:X-Distorted-Warning: \
-			BADHELO \
-			Client's HELO doesn't match its IP address.\n\t\
-			helo-name=$sender_helo_name \
-			address=$sender_host_address
+		!condition = ${if eq{$acl_c_mode}{submission}}
+		!hosts = +allnets
+		 WARNING_HEADER(BADHELO,
+				<:Client's HELO doesn't match its IP address.\n\t\
+				  helo-name=$sender_helo_name \
+				  address=$sender_host_address:>)
 
 	## Always allow the empty sender, so that we can receive bounces.
 	accept	 senders = :
@@ -167,7 +185,7 @@ mail:
 
 	## If this is directly from a client then hack on it for a while.
 	warn	 condition = ${if eq{$acl_c_mode}{submission}}
-		 control = submission
+		 control = submission/sender_retain
 
 	## Insist that a local client connect through TLS.
 	deny	 message = Hosts within CONF_master_domain must use TLS
@@ -301,33 +319,9 @@ mail_check_auth:
 	deny	 message = Sender not authenticated
 		 condition = ${if !def:acl_c_user}
 
-	## Make sure that the local part is one that the authenticated sender
-	## is allowed to claim.
-	deny	 message = Sender address forbidden to calling user
-		!condition = \
-			${if exists {CONF_sysconf_dir/auth-sender.conf} \
-			     {${lookup {$acl_c_user} \
-				       lsearch \
-				       {CONF_sysconf_dir/auth-sender.conf} \
-				       {${if match_address \
-					     {$sender_address} \
-					     {+value}}} \
-				       {false}}}}
-		!condition = ${LOOKUP_DOMAIN($sender_address_domain,
-			       {${if and {{match_local_part \
-					    {$acl_c_user} \
-					    {+dom_users}} \
-					  {match_local_part \
-					    {$sender_address_local_part} \
-					    {+dom_locals}}}}},
-			       {${if and {{match_local_part \
-					    {$sender_address_local_part} \
-					    {+user_extaddr}} \
-					  {or {{eq {$sender_address_domain} \
-						   {}} \
-					       {match_domain \
-						 {$sender_address_domain} \
-						 {+public}}}}}}})}
+	## Set the per-message authentication flag, since we now know that
+	## there's a sensible value.
+	warn	 set acl_m_user = $acl_c_user
 
 	## All done.
 	accept
@@ -378,6 +372,22 @@ $1:
 	verify = no
 	FILTER_TRANSPORTS<::>$4:>)
 
+DIVERT(null)
+###--------------------------------------------------------------------------
+### Common routers.
+
+SECTION(routers, alias)m4_dnl
+## Look up the local part in the address map.
+alias:
+	driver = redirect
+	allow_fail = true
+	allow_defer = true
+	user = CONF_filter_user
+	FILTER_TRANSPORTS
+	local_parts = nwildlsearch; CONF_alias_file
+	data = ${expand:$local_part_data}
+SECTION(routers, alias-opts)m4_dnl
+
 DIVERT(null)
 ###--------------------------------------------------------------------------
 ### Some standard transports.
@@ -387,6 +397,16 @@ m4_define(<:USER_DELIVERY:>,
 	envelope_to_add = true
 	return_path_add = true:>)
 
+m4_define(<:APPLY_HEADER_CHANGES:>,
+	<:headers_add = m4_ifelse(<:$1:>, <::>,
+		<:$acl_m_hdradd:>,
+		<:${if def:acl_m_hdradd{$acl_m_hdradd\n}}\
+		$1:>)
+	headers_remove = m4_ifelse(<:$2:>, <::>,
+		<:$acl_m_hdrrm:>,
+		<:${if def:acl_m_hdrrm{$acl_m_hdrrm:}}\
+		$2:>):>)
+
 SECTION(transports)m4_dnl
 ## A standard transport for remote delivery.  By default, try to do TLS, and
 ## don't worry too much if it's not very secure: the alternative is sending
@@ -396,12 +416,14 @@ SECTION(transports)m4_dnl
 ## it into the transport name.  This is very unpleasant, of course.
 smtp:
 	driver = smtp
+	APPLY_HEADER_CHANGES
 	tls_require_ciphers = CONF_acceptable_ciphers
-	tls_dh_min_bits = 1020
+	tls_dh_min_bits = 508
 	tls_tempfail_tryclear = true
 
 m4_define(<:SMTP_TRANS_DHBITS:>,
 	<:driver = smtp
+	APPLY_HEADER_CHANGES
 	hosts_try_auth = *
 	hosts_require_tls = DOMKV(tls-peer-ca, {*}{})
 	hosts_require_auth = \
@@ -419,15 +441,20 @@ m4_define(<:SMTP_TRANS_DHBITS:>,
 		      {CONF_acceptable_ciphers})
 	tls_dh_min_bits = $1
 	tls_tempfail_tryclear = true:>)m4_dnl
+smtp_dhbits_512:
+	SMTP_TRANS_DHBITS(508)
+smtp_dhbits_768:
+	SMTP_TRANS_DHBITS(764)
 smtp_dhbits_1024:
 	SMTP_TRANS_DHBITS(1020)
 smtp_dhbits_2048:
-	SMTP_TRANS_DHBITS(2046)
+	SMTP_TRANS_DHBITS(2044)
 
 ## Transport to a local SMTP server; use TLS and perform client
 ## authentication.
 smtp_local:
 	driver = smtp
+	APPLY_HEADER_CHANGES
 	hosts_require_tls = *
 	tls_certificate = CONF_sysconf_dir/client.certlist
 	tls_privatekey = CONF_sysconf_dir/client.key
@@ -435,13 +462,16 @@ smtp_local:
 	tls_require_ciphers = CONF_good_ciphers
 	tls_dh_min_bits = 2046
 	tls_tempfail_tryclear = false
-	authenticated_sender = ${if def:authenticated_id \
-				    {$authenticated_id@CONF_master_domain} \
-				    fail}
+	authenticated_sender_force = true
+	authenticated_sender = \
+		${if def:acl_m_user {$acl_m_user@CONF_master_domain} \
+		     {${if def:authenticated_sender {$authenticated_sender} \
+			   fail}}}
 
 ## A standard transport for local delivery.
 deliver:
 	driver = appendfile
+	APPLY_HEADER_CHANGES
 	file = /var/mail/$local_part
 	group = mail
 	mode = 0600
@@ -451,17 +481,20 @@ deliver:
 ## Transports for user filters.
 mailbox:
 	driver = appendfile
+	APPLY_HEADER_CHANGES
 	initgroups = true
 	USER_DELIVERY
 
 maildir:
 	driver = appendfile
+	APPLY_HEADER_CHANGES
 	maildir_format = true
 	initgroups = true
 	USER_DELIVERY
 
 pipe:
 	driver = pipe
+	APPLY_HEADER_CHANGES
 	path = ${if and {{def:home} {exists{$home/bin}}} {$home/bin:} {}}\
 		/usr/local/bin:/usr/local/sbin:\
 		/usr/bin:/usr/sbin:/bin:/sbin