On 01/10/2021 18:34, Matthew Daubenspeck via Exim-users wrote:
local_aliases:
driver = redirect
allow_defer
allow_fail
domains = lsearch;/etc/exim/config/local.domains
data = ${lookup{$local_part}lsearch{/etc/exim/config/$domain/local.aliases}}
$domain contains tainted data and may not be used to specify
a file.
However, the "domains" precondition on the router will have
populated $domain_data with what is likely a suitable value
to use. The value is not tainted.
file_transport = address_file
pipe_transport = address_pipe
retry_use_local_part
cannot_route_message = Unknown user
no_more
transports:
local_delivery:
driver = appendfile
directory =/home/$local_part/.maildir
$local_part contains tainted data and may not be used to specify
a file.
If this is a delivery to a "real" user, existing in /etc/password
with a real home directory, and the router calling this
transport used a "check_local_user" option, then $local_part_data
will have been set to a suitable untainted value.
Otherwise, your router should be doing an explicit lookup to
check that the local_part is legitimate. Doing this using a
"local_parts" precondition will result in $local_part_data
being populated.
maildir_format
delivery_date_add
envelope_to_add
return_path_add
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
