So my workaround was to create a simple wrapper and call it, instead of
dovecot-lda:
$ cat /local/bin/dovecot-lda-wrapper
#!/bin/sh
exec /usr/local/libexec/dovecot/dovecot-lda \
-d "${LOCAL_PART}@${DOMAIN}" \
-a "${LOCAL_PART}${LOCAL_PART_SUFFIX}@${DOMAIN}" \
-r "${LOCAL_PART}${LOCAL_PART_SUFFIX}@${DOMAIN}" \
-f "${SENDER}"
Here's how it is called from Exim:
dovecot_pipe:
driver = pipe
command = /local/bin/dovecot-lda-wrapper
# command = /usr/local/libexec/dovecot/dovecot-lda \
# -d $local_part@$domain \
# -a $local_part$local_part_suffix@$domain \
# -r $local_part$local_part_suffix@$domain \
# -r $local_part$local_part_suffix@$domain \
# -f $return_path
• Kirill Miazine [2022-04-25 14:36]:
> Hi, all
>
> The just released RC0 for Exim 4.96 will break Dovecot LDA delivery as
> described on https://wiki.dovecot.org/LDA/Exim
>
> Here is the relevant ChangeLog entry:
>
> JH/25 Taint-check exec arguments for transport-initiated external processes.
> Previously, tainted values could be used. This affects "pipe", "lmtp"
> and
> "queryprogram" transport, transport-filter, and ETRN commands.
> The ${run} expansion is also affected: in "preexpand" mode no part of
> the command line may be tainted, in default mode the executable name
> may not be tainted.
>
> As of now I don't have a personal working solution to get untained data.
> I did try a small hack, but Exim was smart enough to see what I was
> doing.
>
> --
> -- Kirill Miazine <k...@krot.org>
--
-- Kirill Miazine <k...@krot.org>
