-/* $Cambridge: exim/src/src/routers/dnslookup.c,v 1.1 2004/10/07 13:10:02 ph10 Exp $ */
+/* $Cambridge: exim/src/src/routers/dnslookup.c,v 1.6 2005/09/15 16:02:07 fanf2 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2004 */
+/* Copyright (c) University of Cambridge 1995 - 2005 */
/* See the file NOTICE for conditions of use and distribution. */
#include "../exim.h"
router_instance *rblock, /* data for this instantiation */
address_item *addr, /* address we are working on */
struct passwd *pw, /* passwd entry after check_local_user */
- BOOL verify, /* TRUE when verifying */
+ int verify, /* v_none/v_recipient/v_sender/v_expn */
address_item **addr_local, /* add it to this if it's local */
address_item **addr_remote, /* add it to this if it's remote */
address_item **addr_new, /* put new addresses on here */
be something in the "ch" toplevel domain, but it also might be xxx.ch.xyz.com.
The choice of pre- or post-widening affects which takes precedence. If ever
somebody comes up with some kind of requirement for pre-widening, presumably
-with some conditions under which it is done, it can be selected here. */
-
-if (ob->widen_domains != NULL)
+with some conditions under which it is done, it can be selected here.
+
+The rewrite_headers option works only when routing an address at transport
+time, because the alterations to the headers are not persistent so must be
+worked out immediately before they are used. Sender addresses are routed for
+verification purposes, but never at transport time, so any header changes that
+you might expect as a result of sender domain widening do not occur. Therefore
+we do not perform widening when verifying sender addresses; however, widening
+sender addresses is OK if we do not have to rewrite the headers. A corollary
+of this is that if the current address is not the original address, then it
+does not appear in the message header so it is also OK to widen. The
+suppression of widening for sender addresses is silent because it is the
+normal desirable behaviour. */
+
+if (ob->widen_domains != NULL &&
+ (verify != v_sender || !ob->rewrite_headers || addr->parent != NULL))
{
listptr = ob->widen_domains;
widen = string_nextinlist(&listptr, &widen_sep, widen_buffer,
if (h.mx >= 0 && h.address == NULL)
{
+ setflag(addr, af_pass_message); /* This is not a security risk */
if (h.name[0] == 0)
addr->message = US"an SRV record indicated no SMTP service";
else
{
addr->message = US"all relevant MX records point to non-existent hosts";
- if (!allow_mx_to_ip && string_is_ip_address(h.name, NULL))
+ if (!allow_mx_to_ip && string_is_ip_address(h.name, NULL) > 0)
{
addr->user_message =
string_sprintf("It appears that the DNS operator for %s\n"
git://git.exim.org / exim.git / blobdiff