Re: [exim] DKIM signature where the identity field has a lea…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Phil Pennock
Datum:  
To: Tony Meyer
CC: exim users
Betreff: Re: [exim] DKIM signature where the identity field has a leading slash attempts to touch the filesystem
On 2011-05-03 at 21:25 +1200, Tony Meyer wrote:
> If a message contains a DKIM signature header where the identity field
> begins with a slash, like
> "/free_electronic_cigarette@???", then entries like
> the following appear in the paniclog:
>
> """
> 2011-04-25 13:41:50 1QEL6r-0007jM-VV failed to open
> /free_electronic_cigarette@??? when checking
> "dogg.testcredit.net:/free_electronic_cigarette@???":
> No such file or directory
> """
>
> Example headers (the identity field was added to an otherwise valid
> signature produced by Exim, but the identify is one I'm seeing
> regularly in practice):


> Is this a problem?


With your configuration, I suspect yes.

The ACL assigned to acl_smtp_dkim will have been called with
dkim_cur_signer set to the identify field. What your ACL does with that
is the question.

How about posting the ACL configuration, so we can see what you're
trying to do there? I suspect that you have an addresslist or
domainlist which you're constructing using $dkim_cur_signer as an item
and not accounting for "10.3 File names in lists".

Post the ACL and we can try to help.
Regards,
-Phil