Re: [exim] Another strange log about tainting

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Jeremy Harris
Data:  
Para: exim-users
Asunto: Re: [exim] Another strange log about tainting
On 10/12/2019 20:35, Ian Zimmerman via Exim-users wrote:
> Dec 10 12:30:38 ahiker exim: 2019-12-10 12:30:38 1iem9U-00049d-TP attempt to expand tainted string '${exim_version}'
>
> The thing is ${exim_version} doesn't even occur in my configfile ...


Doublecheck with:
$ exim -bP config_file
$ exim -bP config | grep version

but given the correlation with DKIM fails, I wonder if someone's trying
a sneaky trick to return (via a DNS lookup?) the exim version number to
them? If so, well, we just defeated the attempt.
--
Cheers,
Jeremy