On Wed, Nov 16, 2011 at 09:36:21AM -0600, Noel Jones wrote: > On 11/16/2011 8:32 AM, Solar Designer wrote: > > I'd like to have an ACCEPT action for *header_checks and body_checks. > > This was requested before: > > > > http://archives.neohapsis.com/archives/postfix/2005-02/1116.html > > > > I've read the replies in that thread, and I continue to think that > > adding an ACCEPT action for *header_checks and body_checks is a good > > This is unlikely to happen. header_checks are intended for > site-safe filtering.
I think that whitelisting of certain messages is site-safe. It does not imply that all other messages are rejected (although that is a possible configuration too and is a reasonable one for some sites/machines/VMs). > If you need more fine-grained control, use eg. SpamAssassin. I don't feel that whitelisting of PGP-encrypted messages is more fine-grained than the kind of blacklisting currently supported in header_checks and body_checks. SpamAssassin in particular is too heavy for this trivial task and machine (256 MB RAM, which is enough for this machine's purpose). I simply want to define a fairly trivial policy on what's accepted and what's rejected. The enhancements that I proposed would be sufficient. > State, including what message the line belongs to, is not saved > between lines. > > Adding any kind of whole-message action would require major changes > to the way cleanup works, and is unlikely to happen anytime soon. I admit I'm not familiar with the code and I haven't tried to implement ACCEPT yet, but aren't DISCARD and REJECT also whole-message actions? Is ACCEPT somehow very different? Thank you for your comments! Alexander
