Re: [exim] Tainted search query is not properly quoted

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Jeremy Harris
Datum:  
To: exim-users
Betreff: Re: [exim] Tainted search query is not properly quoted
On 19/03/2023 10:58, Odhiambo Washington via Exim-users wrote:
>   warn  condition                = ${if eq {$acl_m_greyexpiry}{} {1}}
>          set acl_m_dontcare = ${lookup sqlite {INSERT INTO greylist \
>                                            VALUES ( '$acl_m_greyident', \

>
> '${eval10:$tod_epoch+300}', \
>
> '${quote_sqlite:$sender_host_address}', \
>
> '${quote_sqlite:$sender_helo_name}' );}}
>
>
> It's not obvious to me what I haven't quoted properly.


The only obvious element is your $acl_m_greyindent, since $tod_epoch
shouldn't be derived from wire information. The debug "expand" channel
would show you for definite.
--
Cheers,
Jeremy