[exim-dev] [Bug 2609] exim dkim stopped signing emails

admin--- via Exim-dev Fri, 26 Jun 2020 08:13:40 -0700

https://bugs.exim.org/show_bug.cgi?id=2609


Jeremy Harris <jgh146...@wizmail.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |INVALID
             Status|NEW                         |RESOLVED

--- Comment #1 from Jeremy Harris <jgh146...@wizmail.org> ---
This is a configuration issue.  You may not use $sender_address_domain directly
as part of the filename because it is supplied by a potential attacker.
You need to validate and de-taint this value first.  Generally this means using
it as a key for lookup in some trusted information (database, file,
filesystem).

Search in the docs Concept Index for de-tainting.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

[exim-dev] [Bug 2609] exim dkim stopped signing emails

Reply via email to