lutz.niede...@gmx.net:
> Hi Wietse,
>
> about 7 years before you wrote:
>
> > As implemented, there is one PREPEND action per rule, so you would
> > need multiple rules.
> > ...
> > I have an unfinished implementation for multiple actions in access
> > maps or header/body_checks. Instead of "prepend foo" you would say
> > "{prepend foo} {prepend bar}". This may be completed in the Postfix
> > 3.1 development cycle.
>
> Multiple prepended headers in one rule would still be great.
>
> Can you tell me if this will be finished in future or did you stop that?
This is unlikely to be implemented, because it would be vulnerable
to abuse where an attacker can choose what commands to execute.
Currently we have that problem when someone has a rule like this:
/(.+)/ $1
With the current implementation, an attacker cannot choose the
command name, but they can still manipulate a command argument.
If Postfix were to support {command} {command}, it would have to
disallow the '{' and '}' in header and body text, or it would have
to disallow $number on the right-hand side of a header/body_checks
rule, or there would have to be radical changes in the way that
Postfix lookup tables work.
Wietse
