Henk van Oers:
>
> Quote from header_checks (5):
> ""
> DUNNO Pretend that the input line did not match any pat-
> tern, and inspect the next input line. This action
> can be used to shorten the table search.
>
> For backwards compatibility reasons, Postfix also
> accepts OK but it is (and always has been) treated
> as DUNNO.
> ""
>
> I was trying to use action OK to jump out of header checks.
> That is: not only skip the next patterns, but also the next
> input lines.
According to the above documentation, Postfix does not work that
way.
Whitelisting based on a single header line is unsafe. Doing a proper
job requires an external content filter.
Wietse
