Zitat von Ralf Hildebrandt <ralf.hildebra...@charite.de>:
Today I've come across a Sophos PureMesssage server that puts "ignore_policy_error" as restriction option: smtpd_client_restrictions = ignore_policy_error, check_policy_service inet:localhost:4466 I've looked up the postconf man page, but couldn't find that option. Sophos OTOH has been quoted by my customer that they don't run a patched Postfix. So what is it? Given all of Wietses efforts to create great documentation I tend to believe Sophos does provide a patched Postfix.Well, the naming gives a hint: Sophos patched Postfix to have some sort of "soft_fail the next restriction" to secure against "check_policy_service inet:localhost:4466" failing somehow. This is just speculation. But I wonder why they would do that: If the policy service FAILS, no mail goes through and the admins will have a look. With ignore_policy_error I would thing that Postfix will silently ignore the error and just deliver the mail.
Maybe it is a hint how reliable their content filters are ;-) Regards Andreas
smime.p7s
Description: S/MIME Cryptographic Signature
