[exim] Taint mismatch in spam checking

Top Page
Delete this message
Reply to this message
Author: Ken Olum
Date:  
To: exim-users
Subject: [exim] Taint mismatch in spam checking
I have a spam checking system which until recently worked as follows:

In my RCPT acl, I first verify the recipient. If this succeeds, I put
$address_data in a list of local users who want this message checked for
being spam, in an ACL variable. Then in my DATA acl, I go through this
list and use the spam condition for each user (so each recipient gets
their own spam setup).

This now fails:

>>>  check spam = $acl_m2/defer_ok
>>>            = kdo/defer_ok

LOG: 198 [5883] 1jgCzR-0001Wt-U4 Taint mismatch, string_nextinlist: acl_check_condition 3675

Is the problem that $address_data is tainted and so can't be used in
this way? If so, what can I do instead?

Thanks for your help.

                                        Ken