eximconf: reject mails with clearly faked Received: headers

Currently this is defined as claiming to have passed through
example.com

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>

diff --git a/modules/exim/templates/eximconf.erb b/modules/exim/templates/eximconf.erb
index b40926d..6398331 100644 (file)
--- a/modules/exim/templates/eximconf.erb
+++ b/modules/exim/templates/eximconf.erb
@@ -1072,6 +1072,10 @@ check_message:
           condition       = ${if !eq {$acl_m_prf}{PopconMail}}
          message         = Your mailer is not RFC 2047 compliant: message rejected
 
+  deny    condition       = ${if match {$rh_Received:}{\N from [^ ]+\.example\.com \N}}
+          log_message     = Implausible Received header
+          message         = Header problem: message rejected
+
   warn    condition      = ${if bool_lax{$acl_m_defopt}}
           condition      = ${if or {\
                                     {match {$message_body}{Wenn Sie zuk&uuml;nftig keine weiteren Informationen erhalten m&ouml;chten, <br />unwissentlich oder unbeabsichtigt in den Verteiler aufgenommen wurden,}} \