[exim] 4.96 simplegreylist taint

Page principale
Supprimer ce message
Répondre à ce message
Auteur: jacob dahl pind
Date:  
À: exim-users
Sujet: [exim] 4.96 simplegreylist taint
using the example at https://github.com/Exim/exim/wiki/SimpleGreylisting

with 4.96 the following line throws an error

set acl_m_dontcare = ${lookup sqlite {INSERT INTO greylist \VALUES (
'$acl_m_greyident', \
'${eval10:$tod_epoch+300}', \
'$sender_host_address', \
'${quote_sqlite:$sender_helo_name}' );}}



2022-08-04 15:03:17 tainted search query is not properly quoted (ACL
warn, /etc/exim/configure_496 622): INSERT INTO greylist VALUES (
'gFhKiD0bZ8K21WkyYuCq', '1659618497',
'209.85.166.69', 'mail-io1-f69.google.com' )

but what is not being quoted right in that line ?

Thought the only change was this

JH/21 Remove the "allow_insecure_tainted_data" main config option and
the "taint" log_selector. These were previously deprecated.

but given I have not been using that , is there some other change I am
not aware of ?

Regards