Andreas Schamanek:
> I found a thread from 2014 by Wietse re. [Idea: multiple actions in
> access/header_checks/policy results][1]. It seems this is what I am
> looking for, but it hasn't been hacked into Postfix, or have I just
> missed the respective documentation?
>
> [1]:
> http://postfix.1071664.n5.nabble.com/Idea-multiple-actions-in-access-header-checks-policy-results-td71906.html
>
That design uses '{' or '}' to specify the boundaries of a command,
for example,
{ prepend X-Foo: foo }, permit
Such text is safe in Postfix configuration files which can be edited
only by a trusted user, but not when the text is produced on-the-fly
by a policy server, regexp table, or pcre table, based on untrusted
inputs from the Internet.
To make such text safe, Postfix policy/access lookups would have
to forbid inputs that contain '{' or '}', or use a format that does
not rely on delimiter characters, such as netstring which is not
compatible with current Postfix table formats.
Wietse
