Hi,
I have a user filter which has been (as far as I know!) working fine for many
years, which I'm revisiting now that it trips the taint checks after an
upgrade, as it involves `lsearch` lookups in files named after
$original_domain.
I receive e-mails to several domains to this user, and have one or more files
for each domain with the local part as key.
For example, I have an optional file $home/.mail/alias/$domain-bounce file
which lists local parts which should be bounced immediately, with a
$home/.mail/alias/default-bounce fallback, and the current test for that is:
if
"${lookup{$original_local_part}lsearch{${if exists{$home/.mail/alias/$original_domain
-bounce}{$home/.mail/alias/$original_domain-bounce}{$home/.mail/alias/default-bounce}}}{
$value} {}}"
matches "^(..*)\\$"
then
pipe "$home/.mail/scripts/bounce-mail"
finish
endif
My best effort at making it taint-safe (and a bit more readable) is:
"${lookup {$original_local_part} \
lsearch{\
${if exists{$home/.mail/alias/$original_domain-bounce} \
{${lookup {$original_domain-bounce} dsearch,ret=full {$home/.mail/alias}}} \
{$home/.mail/alias/default-bounce}}} \
{$value} {}}"
It's annoyingly repetitive (and with several similar lookups I'm likely to make
a copy-paste error somewhere!), and wrapping the dsearch lookup with `if
exists` seems wrong, but seems necessary to avoid having the lsearch fail the
whole filter if this file doesn't exist. A "dsearch with default on fail"
would help.
Am I missing some better way to do this? I can change the way the lookup files
are organised if I have to, but I'd rather not to avoid accidentally breaking
anything!
Thanks,
Chris
