On 12/09/2023 07:43, Niels Kobschätzki via Exim-users wrote:
> I have no idea how to de-taint this part because I guess ".${tr{${substr_1:$local_part_suffix}}" is the tainted part in the router.
You're using a wildcard in local_part_suffix. That isn't sufficiently restrictive
to de-taint the data supplied by a potential attacker. Consider using an explicit
list of permitted suffixes.
--
Cheers,
Jeremy
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/