On 2011-05-07 at 09:08 +1000, Ted Cooper wrote:
> On 07/05/11 08:51, Tony Meyer wrote:
> >> condition = ${if eqi{$sender_address_domain}{$dkim_cur_signer}}
> >
> > Unfortunately, this didn't fix the problem. I get the paniclog entry
> > even using this ACL:
>
> Is this at all related?
> https://lists.exim.org/lurker/message/20110506.112357.e99a8db1.en.html
>
> [exim] Exim 4.76 RC1 uploaded - SECURITY
>
> CVE-2011-1764: a format string attack in logging DKIM
> information from an inbound mail may permit anyone who can send you
> email to cause code to be executed as the Exim run-time user.
No, I very much doubt it.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
