On 21/07/2023 07:47, Niels Kobschätzki via Exim-users wrote:
> In exim 4.96 I have now the problem that this seems to be considered tainted in filter-files (or in ldap-queries; I am not sure tbh).
> I get this error in the log: tainted search query is not properly quoted (router virtual_userfilter
> , /usr/local/etc/exim/conf/routers.conf 274): LDAPAUTH LDAPDN?mailBlackList?sub?(&(mail=test-receiver%40domain.tld)(mailBlackList=test-blacklist@???))
Note that the error is "it's not properly quoted". The intended hint
is that if it (an argument to a lookup) is tainted, then it must be quoted.
Not that it must be untainted (though obviously that would suffice too).
So look again at you query args, and remember who is supplying them:
> LDAPAUTH LDAPDN?mailBlackList?sub?(&(mail=${quote_ldap:$local_part@$domain})(mailBlackList=${lc:${address:$h_From:}}))
Is that From: - derived string quoted, for ldap?
> And I get this in a debug session: (tainted, quoted:ldap)
Since you didn't actually show us, we can only speculate...
that was the quoted l@d string.
--
Cheers,
Jeremy
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
