From a93c792a9ade18e0c3182c13639399e612fd349e Mon Sep 17 00:00:00 2001
From: mdecimus <mauro@stalw.art>
Date: Sun, 28 Apr 2024 17:07:39 +0200
Subject: [PATCH] Allow catch-all addresses when validating must match sender

---
 crates/smtp/src/inbound/mail.rs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crates/smtp/src/inbound/mail.rs b/crates/smtp/src/inbound/mail.rs
index 7f8ca864..6858cd38 100644
--- a/crates/smtp/src/inbound/mail.rs
+++ b/crates/smtp/src/inbound/mail.rs
@@ -109,7 +109,9 @@ impl<T: SessionStream> Session<T> {
         if !self.data.authenticated_as.is_empty()
             && self.params.auth_match_sender
             && (self.data.authenticated_as != address_lcase
-                && !self.data.authenticated_emails.contains(&address_lcase))
+                && !self.data.authenticated_emails.iter().any(|e| {
+                    e == &address_lcase || (e.starts_with('@') && address_lcase.ends_with(e))
+                }))
         {
             return self
                 .write(b"501 5.5.4 You are not allowed to send from this address.\r\n")