Author: Jeremy Harris Date: To: exim-users Subject: Re: [exim] Another strange log about tainting
On 10/12/2019 20:35, Ian Zimmerman via Exim-users wrote: > Dec 10 12:30:38 ahiker exim: 2019-12-10 12:30:38 1iem9U-00049d-TP attempt to expand tainted string '${exim_version}'
>
> The thing is ${exim_version} doesn't even occur in my configfile ...
but given the correlation with DKIM fails, I wonder if someone's trying
a sneaky trick to return (via a DNS lookup?) the exim version number to
them? If so, well, we just defeated the attempt.
--
Cheers,
Jeremy