The problem with content filters like the one above is that
they are not very robust. The reason is that the software does not
talk a well-defined protocol with Postfix. If the filter shell
script aborts because the shell runs into some memory allocation
problem, the script will not produce a nice exit status as defined
in the file /usr/include/sysexits.h. Instead of going to the
deferred queue, mail will bounce. The same lack of robustness can
happen when the content filtering software itself runs into a
resource problem.
The simple content filter method is not suitable for content
filter actions that are invoked via
header_checks or
body_checks
patterns. These patterns will be applied again after mail is
re-injected with the Postfix sendmail command, resulting in a mail
filtering loop. The advanced content filtering method (see below)
makes it possible to turn off
header_checks or
body_checks patterns
for filtered mail.