From acc1c133b022c6759686b0258cb4ff4cde7df522 Mon Sep 17 00:00:00 2001
From: Mechiel Lukkien <mechiel@ueber.net>
Date: Thu, 23 Jan 2025 18:11:00 +0100
Subject: [PATCH] admin check: do not raise error when forward-confirmed
 reverse dns does not match hostname

this should be relatively common with setups involving NAT.
so we do warn about it when NAT isn't active since it could highlight potential
misconfiguration.

for issue #239 by exander77
---
 webadmin/admin.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/webadmin/admin.go b/webadmin/admin.go
index 1e1ddc2..9cb5276 100644
--- a/webadmin/admin.go
+++ b/webadmin/admin.go
@@ -665,7 +665,7 @@ EOF
 				continue
 			}
 			if len(addrs) != 1 {
-				addf(&r.IPRev.Errors, "Expected exactly 1 name for %s of %s, got %d (%v)", ip, host, len(addrs), addrs)
+				addf(&r.IPRev.Warnings, "Expected exactly 1 name for %s of %s, got %d (%v)", ip, host, len(addrs), addrs)
 			}
 			var match bool
 			for i, a := range addrs {
@@ -679,8 +679,8 @@ EOF
 					match = true
 				}
 			}
-			if !match {
-				addf(&r.IPRev.Errors, "Reverse name(s) %s for ip %s do not match hostname %s, which will cause other mail servers to reject incoming messages from this IP.", strings.Join(addrs, ","), ip, host)
+			if !match && !isNAT && host == mox.Conf.Static.HostnameDomain {
+				addf(&r.IPRev.Warnings, "IP %s with name(s) %s is forward confirmed, but does not match hostname %s.", ip, strings.Join(addrs, ","), host)
 			}
 			r.IPRev.IPNames[ip] = addrs
 		}