Mark Goodge:
> I wouldn't call it a bug, since it's a feature that works as designed.
> It is, however, a design choice that makes the feature less useful than
> it otherwise could have been. [other good points omitted]
For SMTP submissions, header/body checks whitelisting could be done
by adding SMTPD access map support for "receive_override_options"
features (such as "no_header_body_checks"). Those features did
not exist until some four years after "header_checks" support was
added to Postfix, and therefore these features not part of the
"header_checks" design.
For non-SMTP submissions, there is no equivalent configuration, so
the ability to whitelist header/body checks would be partly broken.
Wietse