Szerző: Cyborg Dátum: Címzett: exim-users Tárgy: Re: [exim] problem Tainted permission to file autoreply once
Hi,
Am 27.09.22 um 11:54 schrieb Sławomir Dworaczek via Exim-users: > heloo
> Yeah ! maybe not elegant, but it works!,
> once = /var/spool/db/autoreply_${lookup mysql{select localpart
> from users,domains where domain='${quote_mysql:$domain}' and
> localpart='${quote_mysql:$local_part}' and
> users.domain_id=domains.domain_id}}_${lookup mysql{select domain from
> users,domains where domain='${quote_mysql:$domain}' and
> localpart='${quote_mysql:$local_part}' and
> users.domain_id=domains.domain_id}}.db
>
> create file autoreply_username_domain.com.db
>
from variouse points of views, this suggestion is the worst one you can
have.
a) you have a shitload of files laying around if more than a handfull of
users is involved
b) it's unclear, what happens, if the file needed has not been created.
c) but worst of all: it's producing a filename to a filebased db file,
from a mysql database select, which could do all of this in a query and
an insert....
skip responder if true:
...
condition = check if respondertext exists at all for $header_to
condition = ${lockup mysql{select '1' from responsedb where ( rcpt
='${quote_mysql:$header_to)' and '
sender='${quote_mysql:$local_part}@${quote_mysql:$domain} and now() < (
lasttime + 7*86400 ) ) }}
< this part depends on how you implemented it. It could be i.e. filling
a variable to reuse its content in the responder router >
...
continue with
warn condition = check if respondertext exists at all for $header_to
condition = ${lockup mysql{insert into responsedb set rcpt
='${quote_mysql:$header_to)' , sender =
'${quote_mysql:$local_part}@${quote_mysql:$domain}' , lasttime = now();
select '1';}}
log_message = "adding .... to responder database"
This does not involve any further files and just needs the database, you
already have in use, which is way faster.