[exim] Taint mismatch, string_nextinlist: expand_getlistele …

Hi,

I've recently upgraded to Exim 4.94 on a machine with a custom
spamfiltering configuration. I had some work dealing with tainted
strings, but solving that was mostly straightforward (and I very much
appreciate the intention of adding the taint-checking). Now I'm just
left with this warning:

Taint mismatch, string_nextinlist: expand_getlistele 1309

It doesn't seem correlated to any other log message. In fact it seems to
be triggering between logged SMTP sessions completely. Perhaps it's
caused by connections that are dropped before completion, but I have
very little to go on. For instance, some of the errors with a little
context:

2020-12-21 13:33:55 1krKNu-00045z-T7 Completed QT=0s
2020-12-21 13:33:59 Taint mismatch, string_nextinlist: expand_getlistele
1309
2020-12-21 13:34:42 1krKOg-00048M-CM <= ...snipped...

and

2020-12-21 04:15:41 H=(vps17593.com) [106.110.164.237]
F=<gupydlmov@???> rejected RCPT <***>: Rejected [B1/zen]
2020-12-21 04:16:04 Taint mismatch, string_nextinlist: expand_getlistele
1309
2020-12-21 04:19:59 Taint mismatch, string_nextinlist: expand_getlistele
1309
2020-12-21 04:21:24 1krBlD-0007XU-I2 <= ...snipped...

I'm running the exim4-daemon-heavy package from Debian Buster backports
(debian versioni 4.94-9~bpo10+1, from -bV: Exim version 4.94 #2 built
21-Nov-2020 07:25:01). I'm willing to help debug the issue, but it's a
production server so the possibilities are limited.

I'm not subscribed to this list, so please include me in your reply.

Regards,

Bart Noordervliet