Re: [exim] Tainted search query is not properly quoted

Top Pagina
Delete this message
Reply to this message
Auteur: Jeremy Harris
Datum:  
Aan: exim-users
Onderwerp: Re: [exim] Tainted search query is not properly quoted
On 19/03/2023 10:58, Odhiambo Washington via Exim-users wrote:
>   warn  condition                = ${if eq {$acl_m_greyexpiry}{} {1}}
>          set acl_m_dontcare = ${lookup sqlite {INSERT INTO greylist \
>                                            VALUES ( '$acl_m_greyident', \

>
> '${eval10:$tod_epoch+300}', \
>
> '${quote_sqlite:$sender_host_address}', \
>
> '${quote_sqlite:$sender_helo_name}' );}}
>
>
> It's not obvious to me what I haven't quoted properly.


The only obvious element is your $acl_m_greyindent, since $tod_epoch
shouldn't be derived from wire information. The debug "expand" channel
would show you for definite.
--
Cheers,
Jeremy