From a7d33265b2aa39f2ea8559b1bfffbe060ef9dc65 Mon Sep 17 00:00:00 2001
From: System administrator
Date: Mon, 10 Aug 2020 23:02:51 +0200
Subject: acl: add trusted_relay_hosts_ip list

For trusted hosts for which no reverse host lookup should be made.
---
 conf.d/000_local.conf.example | 1 +
 conf.d/020_acl.conf           | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/conf.d/000_local.conf.example b/conf.d/000_local.conf.example
index edb41fa..7726655 100644
--- a/conf.d/000_local.conf.example
+++ b/conf.d/000_local.conf.example
@@ -18,6 +18,7 @@ primary_hostname =
 domainlist local_domains = @
 domainlist relay_to_domains =
 hostlist   relay_from_hosts = localhost
+hostlist   trusted_relay_hosts_ip =
 hostlist   trusted_relay_hosts =
 # (We rely upon hostname resolution working for localhost, because the default
 # uncommented configuration needs to work in IPv4-only environments.)
diff --git a/conf.d/020_acl.conf b/conf.d/020_acl.conf
index 04a5e0a..6d3addf 100644
--- a/conf.d/020_acl.conf
+++ b/conf.d/020_acl.conf
@@ -96,6 +96,8 @@ acl_mta_mail:
   require  acl           = acl_check_mail_introduction
            message       = Courtesy protocol violation: $acl_m_msg
 
+  accept   hosts         = +trusted_relay_hosts_ip
+
   require  verify        = reverse_host_lookup/defer_ok
            message       = HELO/EHLO mismatch.
 
-- 
cgit v1.2.3