I found a workaround for this, and it's apparently a bug in Courier. Standard policy for mail accounts here is to have the account's
.mailfilters/rcptfilter exit with an EXITCODE of 99, which causes my virus
filter to look at the message as well as .mailfilters/smtpfilter. If I exit
rcptfilter with EXITCODE = 0, then the problem doesn't occur. I can safely
do this if I make it conditional on TCPREMOTEIP being the server's IP, or
the localhost IP, or some other trusted IP.
The localmailfilter man page:
rcptfilter
The mail filter is invoked initially when the remote mail server specifies this address as a recipient. FILTER should terminate with one of the following exit codes: 0 - this sender is acceptable; 99 - this sender is acceptable, but I want to run the content filter for this the message; any other non-zero exit code - the sender is not acceptable, reject the message.
The issue here is that with content filtering, it is possible for one recipient's mail filter to reject a message, and another recipient's give it a clean bill of health. In SMTP, the final DATA command has one error code, and the DATA command rejects the message, the sender will consider that all recipients are undeliverable, and bounce the message accordingly, even though some recipients did receive the message.
So, if things are left as they are, if we're both on the same mailing list, and I start bouncing its traffic with my filter, both of us will get bounced off the list.
As such, mail filtering is done on an opt-in basis. What happens is that the message's first recipient determines whether Courier will accept the message only for the filtering recipients' this time, or not, and everyone else gets a 4xx message, so the sender will simply re-deliver them a little later. Essentially, the multiple recipients of a given message are split into two groups: those that will content-filter this message, and those that won't. Presumably, if you opt-in into mail filtering you accept the risk of getting bounced off some places. If you don't opt-in into mail filtering you will not be affected by anything the filtering recipients do. If you're on a mailing list, you're expected to whitelist the mailing list sender, by return a 0 exit code, and not filtering it.
As such, forwarding is treated as a whitelisted address, not subject to content filtering.
pgp00000.pgp
Description: PGP signature
