On Sun, 9 Jul 2023 at 15:22, Jeremy Harris via Exim-users
<exim-users@???> wrote:
>
> On 06/07/2023 15:44, Pierre Filippone via Exim-users wrote:
> > 2023-07-05 14:47:36 tainted search query is not properly quoted (ACL
> > accept, /etc/exim/exim.conf 461): user="uid=xyz,dc=example,dc=co
m"
> > pass="cleartextpassword"
> > ldaps:///dc=example,dc=com?uid?sub?(&(uid=xyz)(mail=*))
>
> The clue is in the log line:
>
> "ACL accept, /etc/exim/exim.conf 461".
>
> It's not your authenticator, it's an expansion in an ACL.
OK. I understand now that this is caused by the smtp_connect ACL:
acl_smtp_connect=acl_connect
....
begin acl
acl_connect:
warn control = dkim_disable_verify
deny hosts = net-lsearch;REJECTFILE
message = "Connection rejected: $host_data"
accept hosts = :
hosts = 10.0.0.0/8
accept hosts = !net-lsearch;REJECTFILE
But this still leaves me pretty clueless.....
Does it mean that the authentication would be logged, even if the
query was not "tainted"?
Or could I prevent logging by somehow untainting it ?
Thanks,
Pierre
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/