[exim] Tainted search query is not properly quoted

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Odhiambo Washington
Dátum:  
Címzett: exim users
Tárgy: [exim] Tainted search query is not properly quoted
I am missing a little something in my config for greylisting.
Exim-4.96 here.

2023-03-19 13:53:21 1pdqf6-000LgR-0z tainted search query is not properly
quoted (ACL warn, /etc/exim/exim-greylist.conf.inc 124): INSERT INTO
greylist VALUES ( 'ecpeUlXRs7cHPrkaiW5j', '1679223501', '74.6.132.40', '
sonic306-1.consmr.mail.bf2.yahoo.com' );

The relevant config causing this:

 warn  condition                = ${if eq {$acl_m_greyexpiry}{} {1}}
        set acl_m_dontcare = ${lookup sqlite {INSERT INTO greylist \
                                          VALUES ( '$acl_m_greyident', \


'${eval10:$tod_epoch+300}', \

'${quote_sqlite:$sender_host_address}', \

'${quote_sqlite:$sender_helo_name}' );}}


It's not obvious to me what I haven't quoted properly.


--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)