Re: [exim] Ip whitelist per domain

Inizio della pagina
Delete this message
Reply to this message
Autore: Jeremy Harris
Data:  
To: exim-users
Oggetto: Re: [exim] Ip whitelist per domain
On 09/04/2020 14:58, Pascal Rolle via Exim-users wrote:
>   warn    hosts         = <; ${expand:${if exists {PATH/ip_wl/$domain} \
>                              {PATH/ip_wl/$domain}{}}}
>           add_header    = X-wh_IP_: Yes


You didn't say which ACL you're doing this in. I hope it is
the smtp rcpt ACL, because $domain isn't useful to you in
most others.

Secondly, trusting $domain in constructing a filename is unwise,
it being under the control of a potential attacker. Validate it
first, and use the validated version (from a different variable).
This becomes an enforced requirement in more recent Exim versions
(you didn't say what you are running).


--
Cheers,
Jeremy