Also another thing is that there should be some way to "quote" a local part so its detainted, WITHOUT having to know beforehand which local parts is valid.
One example is this: sms_transmit: driver = accept domains = +local_domains local_parts = ^\\d\\d+\$ transport = sms_transport no_more sms_transport: debug_print = "T: Sending SMS to $local_part" driver = pipe command = /usr/sbin/smsbot $local_part return_output = true user = asterisk this calls a script, that are run as the "asterisk" user, which initiates a SMS sending via Asterisk SIP Server. And here the prequistes are pretty clear - ONLY local parts, which only contain digits, that contain 2 or more digits are valid. Theres no way an attacker can use this to "break free" and inject commands into the smsbot delivery agent. -----Ursprungligt meddelande----- Från: Alexander Hoff via Exim-users <exim-users@exim.org> Skickat: den 18 juli 2020 14:18 Till: Exim-users <Exim-users@exim.org> Ämne: Re: [exim] Exim 4.94 Taint issues On 2020-07-18 05:22, Andreas Metzler wrote: > On 2020-07-18 The Doctor via freebsd-ports <freebsd-ports@???> wrote: > > Trying Exim 4.94 and I am getting > > > > 2020-07-17 19:28:04.818 [8344] 1jwbdQ-00023D-Cx == doctor@??? R=localuser T=local_delivery defer (-1) DT=0.001s: Tainted '/var/mail/doctor' (file or directory name for local_delivery transport) not permitted > > Exim specification, concept index, de-tainting. > This answer has been posted several times here and it's not so useful IMHO. I think you're referring to this information: https://www.exim.org/exim-html-current/doc/html/spec_html/ch-string_expansio ns.html Please put yourself in the position of the administrator. He may have been using exim with his configuration for years - in my case it was over four years - and suddenly the configuration is broken in several ways. Just because of a minor version update. Now you can find information like https://git.exim.org/exim.git/blob/HEAD:/src/README.UPDATING and this is incomplete. The change doesn't only break transports, routers are also affected. This tainted thing affects many parts of the configuration and to my option there is only a very rough explanation of the concept of de-tainting. Most administrators would just need a few (!) practical examples of how de-tainting works, i.e. a before / after version of the configuration. I would write it if I could, but I don't have the knowledge. I've posted three examples here that work with exim < 4.94, but not with exim >= 4.94 anymore. Unfortunately there were problems with the copy & paste, so the configuration was broken. Here is a corrected version: Routers ======== local_delivery: driver = appendfile directory = /home/${local_part}/.maildir virtual_aliases: driver = redirect domains = lsearch; /etc/exim/virtual_domains data = ${lookup{$local_part}lsearch{/etc/exim/$domain/aliases}} no_more Transport ========= procmail: driver = pipe command = "/usr/bin/procmail -d $local_part" return_path_add delivery_date_add envelope_to_add user = $local_part initgroups return_output Or take this example: https://lists.exim.org/lurker/message/20200626.075008.113d07ad.en.html I strongly believe it would be very helpful, if the developers would rewrite some of these configurations and publish it in the documentation. I think a lot of people are currently faced to problems because of this change and I guess a lot of them just downgraded exim (for example: https://forum.vestacp.com/viewtopic.php?f=12&t=19994) because this is nothing you can repair in a hour or so. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/