Autor: Jeremy Harris Fecha: A: exim-users Asunto: Re: [exim] Staying in the queue taints data ?
On 09/03/2022 13:49, Jeremy Harris via Exim-users wrote: > I agree that queued and non-queued should behave the same.
In my tests, the non-queued operation also traps if the
pipe command line is supplied by a router. Since your
router uses $domain for that, I'm not seeing how it can
possibly work. The debug output would help in explaining.
I realise I didn't say what to do to fix the bad coding
of your config. It's the same answer as for all discoveries
of inappropriate of tainted data: validate the data, using
a method that supplies exim with an untainted value to use,
then use that untainted value instead.
The docs do try to explain this.
For your router, the dommains= test will have set up $domain_data.
Use it.
You'd need to do a similar job for $local_part, but it's unclear
to me how or if that that is being used.
