[exim] Taint-problem with local delivery

[Niels Kobschätzki via Exim-users]

Hi,

we deliver locally mails to adresses like my_user/somefol...@ourdomain.com

In the past this would deliver the mail to the folder "somefolder" of the user 
"my_user" without using any filters.

We found out that this is broken nowadays because of taint.
The involved router is:

virtual_localuser_folder:
  driver = accept
  transport = local_virtualfolder_delivery
  # domains = dbm;VIRTUAL_DOMAINS_DBFILE
  domains = lsearch,ret=key;VIRTUAL_DOMAINS_FILE
  caseful_local_part = true
  local_part_suffix = /*
  require_files = pop:+${home}
  address_data = ${lookup ldap{LDAP_AUTH 
ldap:///LDAP_USER_DN?mail?sub?(mail=${quote_ldap:$local_part@$domain_data})}{$value}fail}
  transport_home_directory = 
LDAP_MAILBOX/.${tr{${substr_1:$local_part_suffix}}{.}{:}}
  router_home_directory = 
LDAP_MAILBOX/.${tr{${substr_1:$local_part_suffix}}{.}{:}}


And the transport is:

local_virtualfolder_delivery:
  driver = appendfile
  maildir_format
  delivery_date_add
  envelope_to_add
  return_path_add
  directory = ${home}
  quota = ${if exists {LDAP_TMAILBOX/.exim_quota} {${lookup {quotasize} lsearch 
{LDAP_TMAILBOX/.exim_quota} {$value} {1000M}}} {${lookup {$domain:quotasize} 
lsearch {VIRTUAL_DOMAINS_FILE} {$value} {1000M}}}}
  quota_filecount = 400000
  quota_is_inclusive = false
  maildir_tag = ,S=$message_size
  quota_size_regex = ,S=(\d+)
  maildir_use_size_file = true
  user = pop
  group = exim
  mode = 0660
  directory_mode = 0770
  #headers_add = ${if $h_}
  headers_remove = "x-uidl:x-status:status"
  headers_add = X-VISP-UniqueID: 
${lc:${sha1:$local_part@$domain|$message_id|$sender_address|$tod_full}}

The error I get is:
LOG: MAIN PANIC
  == my_u...@domain.com <my_user/somefol...@ourdomain.com> 
R=virtual_localuser_folder T=local_virtualfolder_delivery defer (-1): Tainted 
'/users/ou/ourdomain.com/my/my_user/pobox/.somefolder' (file or directory name 
for local_virtualfolder_delivery transport) not permitted

I figure that it is tainted because the folder comes from the incoming 
mail-address. The mail is sent by the local exim and received by the local exim.

I cannot use "local_part_data" because then exim tries to deliver to a user 
"my_user/somefol...@ourdomain.com" and not to the folder. I have no idea how to 
de-taint this part because I guess ".${tr{${substr_1:$local_part_suffix}}" is 
the tainted part in the router.

Any help would be appreciated.

Best,

Niels

-- 
## subscription configuration (requires account):
##   https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
##   exim-users-unsubscr...@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/