Re: [exim] Unable to read domainkey file

Top Page
Delete this message
Reply to this message
Author: Andreas Metzler
Date:  
To: exim-users
Subject: Re: [exim] Unable to read domainkey file
On 2021-03-20 Luca Bertoncello via Exim-users <exim-users@???> wrote:
> Am 20.03.2021 um 09:43 schrieb Andrew C Aitchison via Exim-users:
> > The message says "Tainted filename"
> > recent versions of exim refuse to open files with names derived from the
> > incoming message unless they have been "sanitised" eg by a database
> > lookup.

[...]
> dkim_domain = $sender_address_domain
> dkim_selector = ${substr{0}{4}{$tod_zulu}}
> dkim_private_key = /etc/exim/domainKeys/$dkim_domain/$dkim_selector.priv

[...]
> Could you explain it?


Hello,

Like Andrew said: "exim refuse to open files with names derived from the
incoming message". $sender_address_domain is derived directly from the
incoming message. You need to use the result of a lookup
(${lookup{$sender_address_domain}...}, perhaps with ret=key) instead.

cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'