On 01/10/2021 18:34, Matthew Daubenspeck via Exim-users wrote:
> local_aliases:
> driver = redirect
> allow_defer
> allow_fail
> domains = lsearch;/etc/exim/config/local.domains
> data = ${lookup{$local_part}lsearch{/etc/exim/config/$domain/local.aliases}}
$domain contains tainted data and may not be used to specify
a file.
However, the "domains" precondition on the router will have
populated $domain_data with what is likely a suitable value
to use. The value is not tainted.
> file_transport = address_file
> pipe_transport = address_pipe
> retry_use_local_part
> cannot_route_message = Unknown user
> no_more
>
>
> transports:
>
> local_delivery:
> driver = appendfile
> directory =/home/$local_part/.maildir
$local_part contains tainted data and may not be used to specify
a file.
If this is a delivery to a "real" user, existing in /etc/password
with a real home directory, and the router calling this
transport used a "check_local_user" option, then $local_part_data
will have been set to a suitable untainted value.
Otherwise, your router should be doing an explicit lookup to
check that the local_part is legitimate. Doing this using a
"local_parts" precondition will result in $local_part_data
being populated.
> maildir_format
> delivery_date_add
> envelope_to_add
> return_path_add
--
Cheers,
Jeremy
