From fb862a2894f01c5fb6144ec781f188445c13c7f1 Mon Sep 17 00:00:00 2001
From: Wilfried Goesgens <dothebart@citadel.org>
Date: Thu, 19 Jul 2012 23:19:23 +0200
Subject: [PATCH] SMTP-Server: check whether the user is allowed to use the
 email address; if not fail (550) completely. and syslog.

---
 citadel/modules/smtp/serv_smtp.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/citadel/modules/smtp/serv_smtp.c b/citadel/modules/smtp/serv_smtp.c
index cc026916d..e5e066328 100644
--- a/citadel/modules/smtp/serv_smtp.c
+++ b/citadel/modules/smtp/serv_smtp.c
@@ -691,6 +691,30 @@ void smtp_data(void) {
 	 * is read with a Citadel client.
 	 */
 	if ( (CC->logged_in) && (config.c_rfc822_strict_from == 0) ) {
+		int validemail = 0;
+
+		if (!IsEmptyStr(CC->cs_inet_email) && 
+		    !IsEmptyStr(msg->cm_fields['F']))
+			validemail = strcmp(CC->cs_inet_email, msg->cm_fields['F']) == 0;
+		if ((!validemail) && 
+		    (!IsEmptyStr(CC->cs_inet_other_emails)))
+		{
+			int num_secondary_emails = 0;
+			int i;
+			num_secondary_emails = num_tokens(CC->cs_inet_other_emails, '|');
+			for (i=0; i<num_secondary_emails && !validemail; ++i) {
+				char buf[256];
+				extract_token(buf, CC->cs_inet_other_emails,i,'|',sizeof CC->cs_inet_other_emails);
+				validemail = strcmp(buf, msg->cm_fields['F']) == 0;
+			}
+		}
+		if (!validemail) {
+			syslog(LOG_ERR, "rejecting email because of invalid sender: %s\n", msg->cm_fields['F']);
+			cprintf("550 fix your mail client config; this is not you!.\r\n");
+			return;
+
+		}
+
 		if (msg->cm_fields['A'] != NULL) free(msg->cm_fields['A']);
 		if (msg->cm_fields['N'] != NULL) free(msg->cm_fields['N']);
 		if (msg->cm_fields['H'] != NULL) free(msg->cm_fields['H']);
-- 
2.30.2