After upgrading to debian bookworm I can't send any longer messages, as my ACLs are broken.
I receive the error message: "Tainted filename for search", when doing a check, if a given Sender address is allowed to be used from an authenticated sender.
I have several virtual domains, with users, who have also aliases, they are allowed to use as Sender addresses.
The condition in the ACL looks like:
>condition = ${lookup {$sender_address} nwildlsearch {VIRT_ROOT${domain:$authenticated_id}/conf/SendPermissions/$authenticated_id}{yes}{no}}
Now I found, that I am no longer allowed, to use $domain in such constructs, so I replaced it with
>condition = ${lookup {$sender_address} nwildlsearch {VIRT_ROOT${domain_data:$authenticated_id}/conf/SendPermissions/$authenticated_id}{yes}{no}}
But that makes no difference.
The lookup database is a hierarchical directory structure and looks like:
/var/virtualmailaccounts/DOMAIN/conf/SendPermissions/LOGINACCOUNT@DOMAIN <
http://wkraft.org/conf/SendPermissions/workstation@wkraft.org>
so the last directory looks like the mail-address used for login authentication to exim and contains a list with valid aliases.
What can I do, that I can get this again working?
--
Sent with Tuta; enjoy secure & ad-free emails:
https://tuta.com
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
