Re: [exim] Ip whitelist per domain

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Jeremy Harris
Ημερομηνία:  
Προς: exim-users
Αντικείμενο: Re: [exim] Ip whitelist per domain
On 09/04/2020 14:58, Pascal Rolle via Exim-users wrote:
>   warn    hosts         = <; ${expand:${if exists {PATH/ip_wl/$domain} \
>                              {PATH/ip_wl/$domain}{}}}
>           add_header    = X-wh_IP_: Yes


You didn't say which ACL you're doing this in. I hope it is
the smtp rcpt ACL, because $domain isn't useful to you in
most others.

Secondly, trusting $domain in constructing a filename is unwise,
it being under the control of a potential attacker. Validate it
first, and use the validated version (from a different variable).
This becomes an enforced requirement in more recent Exim versions
(you didn't say what you are running).


--
Cheers,
Jeremy