Re: [exim] Taint mismatch in spam checking

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: James
Data:  
Para: exim-users
Asunto: Re: [exim] Taint mismatch in spam checking
On 03/06/2020 18:03, Jeremy Harris via Exim-users wrote:
> It's a "spam=" ACL condition, and you're feeding it a tainted
> string on the right of the =.


It is however it is authenticated before use so surely can't be rouge
else "authenticated = *" is not true. I can untaint it by doing:

     ${lookup pgsql{SELECT domain FROM domains WHERE domain = 
'${lc:$sender_address_domain}'}}



Thank you.