We want to re-write addresses and recognise rewritten addresses.
There are two situations where we want to re-write addresses.
- If we trust the source of a return address, we want to re-write it when sending the mail to be signed and
to look like it comes from us.
If it really comes from a local domain that we aren't the only MX for, then rewriting isn't appropriate. I probably need to refine 'local domain' into those that we control completely and those that we spool and forward mail for.
- When we are forwarding mail through the virus checker, we want to re-write the sender and recipient addresses. This rewriting should be different from the other rewriting and should be transparent to the rest of the mail system.
Recognising re-written address needs to happen for all incoming mail - the to address can always be encapsulated.
Also, we want to recognise special recipient address that are coming from forwarders. e.g. if the localpart contains an equals sign, then we check if the domain which follows that equals is a reliable source of the mail.
The rewriting of return-path should keep the original domain for local domains, and use cse.unsw.edu.au for all others.
In the first case we can use SES= to flag the address.
For others, SRS= seems better.
For virus re-writing, VRF and VRT for the virus from and to addresses.
If we get mail from a VRF and to a VRT, we accept it. If it is to a VRF and from <>, then it has to go to postmaster. Otherwise we reject it.