While I work on rsylsog modularization, I also re-visit a lot of code. Please remember that rsyslog is rooted in the sysklogd package (and we always tried to keep it quite compatible with it). When I finished moving out references to the selector_t (struct filed) entries in the modules, I came across a place in the forwarding driver where the message element is accessed. You can look up that code in cvs (omfwd.c, line 597 and below).
This code implements the -h option, which stops forwarding messages when they did not originate from the local host. The intention of that option probably is to avoid a death spiral, which could be caused by two systems sending syslog messages back and forth (this scenario is actually even covered in RFC 3164, so it seems to happen from time to time...).
However, the code in sysklogd relies on hostnames to prevent that behaviour. If the hostname is different from the current hostname, then we have a remotely received message. I question if that check is always reliable (besides, it is not working right at the moment ;)). If that functionality is actually needed, it would be way better to check the messages target IP address against the local addresses (probably a lot of work, but definitely doable).
The question is, if such a feature is actually needed - and if it is needed in the output driver. To me, it sounds like a natural filter condition ("selector does not apply if host == non-localhost"). If that feature is required, it would probably be best suited to build it into filtering than into a (single) output module.
But again, the question is: do we really need to provide this functionality? Or is it an artifact long gone away?
Feedback is appreciated (you may also use the rsyslog forum, if you like).