Hey, I'm running exim in this configuration:
17:28:39 64561 Exim version 4.93.0.3 uid=0 gid=0 pid=64561 D=fff9ffff Support for: crypteq iconv() IPv6 PAM Perl TCPwrappers OpenSSL Content_Scanning DANE DKIM DNSSEC Event I18N OCSP PRDR TCP_Fast_Open Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch passwd Authenticators: cram_md5 cyrus_sasl plaintext spa Routers: accept dnslookup ipliteral manualroute queryprogram redirect Transports: appendfile/maildir/mailstore autoreply pipe smtp Malware: f-protd f-prot6d drweb fsecure sophie clamd avast sock cmdline Fixed never_users: 0 Configure owner: 0:0 Size of off_t: 8 Compiler: GCC [9.2.0] Library version: Glibc: Compile: 2.30 Runtime: 2.30 Library version: BDB: Compile: Berkeley DB 5.3.28: (September 9, 2013) Runtime: Berkeley DB 5.3.28: (September 9, 2013) Library version: OpenSSL: Compile: OpenSSL 1.1.1d 10 Sep 2019 Runtime: OpenSSL 1.1.1d 10 Sep 2019 : built on: Tue Dec 3 18:07:39 2019 UTC Library version: IDN2: Compile: 2.3.0 Runtime: 2.3.0 Library version: Stringprep: Compile: 1.35 Runtime: 1.35 Library version: Cyrus SASL: Compile: 2.1.27 Runtime: 2.1.27 [Cyrus SASL] Library version: PCRE: Compile: 8.43 Runtime: 8.43 2019-02-23 I have a special user router setup: extension_user_delivery_f: driver = redirect local_part_suffix = -* require_files = /home/$local_part/.mail-extensions:/home/$local_part/.forward condition = ${lookup{$local_part_suffix}lsearch{/home/$local_part/.mail-extensions}{yes}{no}} user=$local_part check_ancestor file = /home/$local_part/.forward allow_filter allow_fail verify=false file_transport = address_file pipe_transport = address_pipe reply_transport = address_reply And the top of my .forward looks like this: # Sieve filter require ["fileinto", "envelope"]; if header :contains ["From"] ["@someblacklisteddomain"] { discard; stop; } if header :contains ["From"] ["@antoher junkmailer"] { discard; stop; } and a .mail-extensions file with this: -foobar # an extension that is ok, so klausman-foo...@schwarzvogel.de is a valid destination This setup has worked well for over a decade. It broke with exim 4.93, with mail being rejected/not deleivered if an extension address is used. My mainlong is full of: 2020-01-07 17:28:09 1iorSJ-000C9a-83 == klaus...@schwarzvogel.de <klausman-gen...@schwarzvogel.de> R=extension_user_delivery_f defer (-1): internal problem in extension_user_delivery_f router (recipient is klausman-gen...@schwarzvogel.de): failure to transfer data from subprocess: status=0100 readerror='Success' (very helpful error, that) During debugging I found this: # exim -bt klausman-gen...@schwarzvogel.de LOG: MAIN PANIC attempt to expand tainted string '$rheader_From' LOG: MAIN PANIC attempt to expand tainted string '${if def:header_From {true}{false}}' Sieve error: header string expansion failed in line 3 klausman-gen...@schwarzvogel.de -> inbox transport = address_file I presume "tainted" strings can not be used in Sieve filters anymore? That would make Sieve entirely pointless, from my POV. So clearly, I am missing something. What is going on? Best, Tobias -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/