From 5e3d14d4092f4e1ccbeba69ece8c76b399a41c66 Mon Sep 17 00:00:00 2001
From: System administrator
Date: Sat, 28 Sep 2019 23:22:00 +0200
Subject: acl: add header names and syntax check for MTA and MUA lanes

---
 conf.d/020_acl.conf | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/conf.d/020_acl.conf b/conf.d/020_acl.conf
index 1014dd1..5ed0fa7 100644
--- a/conf.d/020_acl.conf
+++ b/conf.d/020_acl.conf
@@ -66,6 +66,12 @@ acl_mua_rcpt:
 
 
 acl_mua_data:
+  require  verify        = header_names_ascii
+           message       = Invalid character in header name.
+
+  require  verify        = header_syntax
+           message       = Syntax error in header.
+
   require  acl           = acl_check_alias ${address:$h_from:} $authenticated_id
            message       = Header address mismatch: $authenticated_id is not authorized to use ${address:$h_from:}.
 
@@ -146,6 +152,9 @@ acl_mta_data:
   deny     condition     = ${if > {$max_received_linelength}{998}}
            set acl_m_msg = Maximum allowed line length is 998 octets, got $max_received_linelength.
 
+  require  verify        = header_syntax
+           message       = Syntax error in header.
+
   warn     condition     = SCAN_SPAM
            spam          = nobody:true/defer_ok
            remove_header = x-spam-bar : x-spam-score : x-spam-report : x-spam-status
-- 
cgit v1.2.3