SMTP-Server: check whether the user is allowed to use the email address; if not fail...

diff --git a/citadel/modules/smtp/serv_smtp.c b/citadel/modules/smtp/serv_smtp.c
index cc026916d6258a32f6ca833a89e6e86a8cb08f38..e5e066328e56c4b6abc6a2193fab6e856fbbc2a9 100644 (file)
--- a/citadel/modules/smtp/serv_smtp.c
+++ b/citadel/modules/smtp/serv_smtp.c
@@ -691,6 +691,30 @@ void smtp_data(void) {
         * is read with a Citadel client.
         */
        if ( (CC->logged_in) && (config.c_rfc822_strict_from == 0) ) {
+               int validemail = 0;
+
+               if (!IsEmptyStr(CC->cs_inet_email) && 
+                   !IsEmptyStr(msg->cm_fields['F']))
+                       validemail = strcmp(CC->cs_inet_email, msg->cm_fields['F']) == 0;
+               if ((!validemail) && 
+                   (!IsEmptyStr(CC->cs_inet_other_emails)))
+               {
+                       int num_secondary_emails = 0;
+                       int i;
+                       num_secondary_emails = num_tokens(CC->cs_inet_other_emails, '|');
+                       for (i=0; i<num_secondary_emails && !validemail; ++i) {
+                               char buf[256];
+                               extract_token(buf, CC->cs_inet_other_emails,i,'|',sizeof CC->cs_inet_other_emails);
+                               validemail = strcmp(buf, msg->cm_fields['F']) == 0;
+                       }
+               }
+               if (!validemail) {
+                       syslog(LOG_ERR, "rejecting email because of invalid sender: %s\n", msg->cm_fields['F']);
+                       cprintf("550 fix your mail client config; this is not you!.\r\n");
+                       return;
+
+               }
+
                if (msg->cm_fields['A'] != NULL) free(msg->cm_fields['A']);
                if (msg->cm_fields['N'] != NULL) free(msg->cm_fields['N']);
                if (msg->cm_fields['H'] != NULL) free(msg->cm_fields['H']);