2xC170's on 7.6.1-022 in a cluste and LDAP integrated to Active Directory. All authentication is working as expected, I've seen now issues.
After a user clicks "Release" on a line item in their spam quarantine notification e-mail, the e-mail is released properly. IF they then click the "Add Sender to Safelist" button, they are prompted to login to modify Safelist/Blocklist. After entering their credentials, they are taken to the modify Safelist screen, but the address of the sender for which they clickedd Release is not added.
I looked at th source code ont he web page when you click release and the associated link for "Add Sender to Safelist" has unique key's in it, so I suspect clickign this buttom should NOT even require login in the first place, as none of the links in a spam quarantine notification email require login otherwise.
Is this a bug? Does something need to be set somewhere? Can anyone else replicate?
