Re: [exim] smtp authentication using default domain

Top Page
Delete this message
Reply to this message
Author: Jakob Hirsch
Date:  
To: alexis
CC: exim-users
Subject: Re: [exim] smtp authentication using default domain
alexis wrote:

> sounds dangerous.


What sounds dangerous? Please use proper quoting.

If you meant the sql injection stuff: Just use quote_mysql with every
externally provided string. In your query, it would be $auth1, which is
already quoted in my example for the domain part. Just do the same with
local_part:

... WHERE username='${quote_mysql:${local_part:$1}}' ...

> and what about to define a variable before (pseudo code) i cannot
> realize how to do this with exim yet, im new using it.


There's no such thing in exim. There's no real need for it, anyway.