LOCAL_CONFIG
#########################################################
# Insist on valid "from" via check_mail
#########################################################

Scheck_mail

### Applicable exit statuses
# Extended status codes (RFC 1893): 
#   4.1.8  transient, addressing status, bad sender's system address
#   5.1.8  permanent, addressing status, bad sender's system address
#   5.7.0  permanent, security/policy, other or undefined security status
# Status codes (RFC 821):
#   451 Requested action aborted: local error in processing
#   550 Access denied
###

# Must accept errors from daemon
R<>				$@ ok

# Before we focus, make sure we are not tricked by trailing dot.
R$*<$*.>$*			$#error $@ 5.1.8 $: 550 trailing dot on domain disallowed
R$*.				$#error $@ 5.1.8 $: 550 trailing dot on domain disallowed
# Check for valid domain name, focussing host via ruleset 3.
R$*     			$: <passed3> $>3 $1
# Trailing dot means DNS found host, or otherwise OK.
R<passed3> $* <@$+.> $*		$@ ok
# *No* trailing dot on hostname: invalid hostname.
R<passed3> $* <@$+> $*		$#error $@ 4.1.8 $: 451 invalid sender hostname

# No domain part: was it submitted directly (no client_name)?
R<passed3> $*			$: <unqual $&{client_name} > $1
# Yes, it was: OK.
R<unqual> $*			$@ ok
# We'll allow "localhost" submissions as well, for MH.
R<unqual localhost> $*		$@ ok
R<unqual $=w> $*		$@ ok
# No, it was remote: unqualified remote sender not allowed.
R<unqual $+> $*			$#error $@ 5.1.8 $: 550 sender domain name required

# Still here?  Heaven only knows why...
R$*				$#error $@ 5.7.0 $: 550 unknown check_mail error


#########################################################
# Anti-relay provisions via check_rcpt
#########################################################

# Will relay submissions from localhost (by IP)
C{LocalIP} 127.0.0.1
# Will relay submissions from our domain (by IP)
C{LocalIP} 132.205.
# Will relay to our domain
C{RelayTo} concordia.ca
# Will relay to our domain by IP, too
C{RelayIP} 132.205.

Scheck_rcpt

### Applicable exit statuses
# Extended status code (RFC 1893):
#   5.1.2  permanent, addressing status, bad destination system address
#   5.7.1  permanent, security/policy, delivery not authorized, message refused
# Status code (RFC 821):
#   551 User not local
###

# Find out client address; we'll have  "client_addr $| recipient"
R$+				$: $(dequote "" $&{client_addr} $) $| $1
# Directly invoked (no client addr) is OK
R0 $| $*			$@ ok
# If client_addr is in {LocalIP}, also OK
R$={LocalIP}$* $| $*		$@ ok

# Still here?  Client was not local.  Get rid of "client_addr $|",
# and start checking the recipient, passing it first through 
# ruleset 3 to focus the host.
R$* $| $*			$: $>3 $2
# Recipient is on local machine, which is OK.
R$* <@$=w.> $*			$@ ok
# Recipient is in a domain for which we relay, which is also OK.
R$* <@$*$={RelayTo}.> $*	$@ ok
# Same, but by IP address; yucch.
R$* <@[$={RelayIP}$*]> $*	$@ ok
# Username part only; dubious, but we'll be nice.
# No we won't, since this can sneak through: <"user@rem.ote">
R$-				$#error $@ 5.1.2 $: 551 recipient domain name required

# Still here?  Anything else is a relay attempt!
R$*				$#error $@ 5.7.1 $: 551 Relaying denied