I'm still using sa-exim in my servers:
https://sourceforge.net/projects/sa-exim/
https://packages.debian.org/search?keywords=sa-exim
recently i've upgraded spamassassin with the fix to CVE-2018-11805, and
suddenly i've started to receive:
Dec 16 10:04:53 vdmpp1 spamd[15196]: rules: failed to run GREYLIST_ISWHITE test, skipping:
Dec 16 10:04:53 vdmpp1 spamd[15196]: (Insecure dependency in eval while running with -T switch at /usr/share/perl5/Mail/SpamAssassin/Plugin/Greylisting.pm line 76.
Dec 16 10:04:53 vdmpp1 spamd[15196]: )
Currently in local.cf i use sa-exim with:
ifplugin Greylisting
header GREYLIST_ISWHITE eval:greylisting("( 'dir' => '/var/spool/sa-exim/tuplets'; 'method' => 'dir'; 'greylistsecs' => '1800'; 'dontgreylistthreshold' => 10; 'connectiphdr' => 'X-SA-Exim-Connect-IP'; 'envfromhdr' => 'X-SA-Exim-Mail-From'; 'rcpttohdr' => 'X-SA-Exim-Rcpt-To'; 'greylistnullfrom' => 1; 'greylistfourthbyte' => 0 )")
describe GREYLIST_ISWHITE The incoming server has been whitelisted for this recipient and sender
score GREYLIST_ISWHITE -1.5
priority GREYLIST_ISWHITE 99999
endif # Greylisting
Looking at the plugin code, the culprit come from:
$optionhash =~ s/;/,/g;
# This is safe, right? (users shouldn't be able to set it in their config)
%option=eval $optionhash;
So seems to me that the CVE fix 'broke' the options handling of the
plugin ('eval' is not permitted anymore?!). If i substitute the former with:
#$optionhash =~ s/;/,/g;
# This is safe, right? (users shouldn't be able to set it in their config)
#%option=eval $optionhash;
%option = ('dir' => '/var/spool/sa-exim/tuplets',
'method' => 'dir',
'greylistsecs' => '1800',
'dontgreylistthreshold' => 10,
'connectiphdr' => 'X-SA-Exim-Connect-IP',
'envfromhdr' => 'X-SA-Exim-Mail-From',
'rcpttohdr' => 'X-SA-Exim-Rcpt-To',
'greylistnullfrom' => 1,
'greylistfourthbyte' => 0 );
$self->{'rangreylisting'}=1;
the plugin works as expected.
Probably, in these years, SA changed a bit the way options are passed
to the plugin, and finally CVE-2018-11805 broke the old method.
I've tried to look at other plugin, to try to understand how options
works now, but iknow little perl and i get puzzled.
Someone can help me to fix the plugin? Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bont?, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
https://sourceforge.net/projects/sa-exim/
https://packages.debian.org/search?keywords=sa-exim
recently i've upgraded spamassassin with the fix to CVE-2018-11805, and
suddenly i've started to receive:
Dec 16 10:04:53 vdmpp1 spamd[15196]: rules: failed to run GREYLIST_ISWHITE test, skipping:
Dec 16 10:04:53 vdmpp1 spamd[15196]: (Insecure dependency in eval while running with -T switch at /usr/share/perl5/Mail/SpamAssassin/Plugin/Greylisting.pm line 76.
Dec 16 10:04:53 vdmpp1 spamd[15196]: )
Currently in local.cf i use sa-exim with:
ifplugin Greylisting
header GREYLIST_ISWHITE eval:greylisting("( 'dir' => '/var/spool/sa-exim/tuplets'; 'method' => 'dir'; 'greylistsecs' => '1800'; 'dontgreylistthreshold' => 10; 'connectiphdr' => 'X-SA-Exim-Connect-IP'; 'envfromhdr' => 'X-SA-Exim-Mail-From'; 'rcpttohdr' => 'X-SA-Exim-Rcpt-To'; 'greylistnullfrom' => 1; 'greylistfourthbyte' => 0 )")
describe GREYLIST_ISWHITE The incoming server has been whitelisted for this recipient and sender
score GREYLIST_ISWHITE -1.5
priority GREYLIST_ISWHITE 99999
endif # Greylisting
Looking at the plugin code, the culprit come from:
$optionhash =~ s/;/,/g;
# This is safe, right? (users shouldn't be able to set it in their config)
%option=eval $optionhash;
So seems to me that the CVE fix 'broke' the options handling of the
plugin ('eval' is not permitted anymore?!). If i substitute the former with:
#$optionhash =~ s/;/,/g;
# This is safe, right? (users shouldn't be able to set it in their config)
#%option=eval $optionhash;
%option = ('dir' => '/var/spool/sa-exim/tuplets',
'method' => 'dir',
'greylistsecs' => '1800',
'dontgreylistthreshold' => 10,
'connectiphdr' => 'X-SA-Exim-Connect-IP',
'envfromhdr' => 'X-SA-Exim-Mail-From',
'rcpttohdr' => 'X-SA-Exim-Rcpt-To',
'greylistnullfrom' => 1,
'greylistfourthbyte' => 0 );
$self->{'rangreylisting'}=1;
the plugin works as expected.
Probably, in these years, SA changed a bit the way options are passed
to the plugin, and finally CVE-2018-11805 broke the old method.
I've tried to look at other plugin, to try to understand how options
works now, but iknow little perl and i get puzzled.
Someone can help me to fix the plugin? Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bont?, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)