Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. exim>
  3. dev
[Bug 2636] usage of local_part in virtual_localdelivery results in tainted
exim-dev at exim
Aug 26, 2020, 11:46 AM
Post #1 of 8 (482 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2636

--- Comment #1 from Jeremy Harris <jgh146exb@wizmail.org> ---
Alternatives have been given. You've not been specific enough to tell which
one is appropriate; we don't know what is in your "virtual_localdelivery".

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2636] usage of local_part in virtual_localdelivery results in tainted [ In reply to ]
exim-dev at exim
Aug 26, 2020, 12:18 PM
Post #2 of 8 (482 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2636

--- Comment #2 from Tony Feestneus <m@melv.nl> ---
Default virtual_localdelivery content, which does not work anymore.

What alternatives are given? Where can I see that?

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2636] usage of local_part in virtual_localdelivery results in tainted [ In reply to ]
exim-dev at exim
Aug 26, 2020, 12:35 PM
Post #3 of 8 (482 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2636

--- Comment #3 from Jeremy Harris <jgh146exb@wizmail.org> ---
The Exim project has no such content. Possibly this was provided by your OS
distributor (in which case they should have provided a suitable update to it).

For info on tainted data and on de-tainting methods, search in the docs
Concept Index, at
http://exim.org/exim-html-current/doc/html/spec_html/ch-concept_index.html

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2636] usage of local_part in virtual_localdelivery results in tainted [ In reply to ]
exim-dev at exim
Aug 27, 2020, 4:40 AM
Post #4 of 8 (481 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2636

--- Comment #4 from Tony Feestneus <m@melv.nl> ---
So you point at Directadmin or Spamassassin, to be precise?

Furthermore, it is very unclear on how to fix it even with your documents. Can
you be precise in how to fix it then?

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2636] usage of local_part in virtual_localdelivery results in tainted [ In reply to ]
exim-dev at exim
Aug 27, 2020, 5:04 AM
Post #5 of 8 (481 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2636

--- Comment #5 from Jeremy Harris <jgh146exb@wizmail.org> ---
Without details I cannot do either of those things.

This is probably the wrong forum. I suggest either the mailing-list
( https://lists.exim.org/mailman/listinfo/exim-users )
or the IRC channel (Freenode, #exim).

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2636] usage of local_part in virtual_localdelivery results in tainted [ In reply to ]
exim-dev at exim
Aug 27, 2020, 5:13 AM
Post #6 of 8 (481 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2636

--- Comment #6 from Tony Feestneus <m@melv.nl> ---
It's this default conf file:
https://files.directadmin.com/services/SpamBlocker/4.5.28/exim.conf-SpamBlockerTechnology-v4.5.28.txt

Only thing I have changed is the transport by virtual_user:
From:
transport = dovecot_lmtp_udp
To:
transport = virtual_localdelivery

I have that setup this way for years without issues, until now

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2636] usage of local_part in virtual_localdelivery results in tainted [ In reply to ]
exim-dev at exim
Aug 27, 2020, 6:18 AM
Post #7 of 8 (481 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2636

Graeme Fowler <graeme@graemef.net> changed:

What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |INVALID
Status|NEW |RESOLVED
CC| |graeme@graemef.net

--- Comment #7 from Graeme Fowler <graeme@graemef.net> ---
DirectAdmin appear to have made major changes to deal with tainted data in
version 4.5.24, according to this diff:

https://files.directadmin.com/services/SpamBlocker/4.5.24/exim.conf-SpamBlockerTechnology-v4.5.23-to-v4.5.24.diff

The transport you mention makes heavy use of local_part_data and domain_data
after a lookup.

If it's not working for you *and* you are certain you have the 4.5.28
configuration you should raise the issue with DirectAdmin as the bug, as such,
is in their configuration rather than Exim itself.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2636] usage of local_part in virtual_localdelivery results in tainted [ In reply to ]
exim-dev at exim
Aug 27, 2020, 8:14 AM
Post #8 of 8 (481 views)
Permalink
https://bugs.exim.org/show_bug.cgi?id=2636

--- Comment #8 from Tony Feestneus <m@melv.nl> ---
Will try there then, although I fear everyone will point at each other in this
issue. Hope you can think about a solution or quick fix maybe?

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal