Matti, with your today's change, senderokwithdns check in pt_mailfrom is the very last, and it is not done if the sender is "authorized". Is it what was your intention? I think that if one wants to disallow unroutable "mail from", he wants to do that for all, authorized and non-authorized senders. And therefore the check should be done very early, maybe even before "if (state->full_trust) return 0;" around the line 1704. Am I missing something? Eugene
This is a digitally signed message part