Re: Recommended changes for delivery from Exim

Fri, 02 Feb 2024 07:19:19 -0800 

Hi,

it's not working do this.

i tried ans doesnt work.

i use workaround from Kirill Miazine <km at krot.org>

---
$ cat /local/bin/dovecot-lda-wrapper
#!/bin/sh
exec /usr/local/libexec/dovecot/dovecot-lda \
  -d "${LOCAL_PART}@${DOMAIN}" \
  -a "${LOCAL_PART}${LOCAL_PART_SUFFIX}@${DOMAIN}" \
  -r "${LOCAL_PART}${LOCAL_PART_SUFFIX}@${DOMAIN}" \
  -f "${SENDER}"

Here's how it is called from Exim:

dovecot_pipe:
    driver = pipe
    command = /local/bin/dovecot-lda-wrapper
#    command = /usr/local/libexec/dovecot/dovecot-lda \
#                -d $local_part@$domain \
#                -a $local_part$local_part_suffix@$domain \
#                -r $local_part$local_part_suffix@$domain \
#                -r $local_part$local_part_suffix@$domain \
#                -f $return_path
---


Benoît

Le 01/05/2022 à 12:06, j...@exim.org a écrit :

Hi,

Security changes to Exim have invalidated certain suggested configurations
in the Dovecot wiki.

As I do not have a Dovecot installation to test, I am not going to write
any updates there.  It would be good if someone would test these suggestions 
and then make updates as needed.

1) The use of $local_part and $domain in commands run by the "pipe"
    transport will be disallowed in the upcoming Exim release.
    These are currently noted as optional, with the "-m" flag to
    dovecot-lda.  They should be replaced with validated (untainted)
    versions, commonly $local_part_data and $domain_data, developed via
    one of the several de-taint methods documented for Exim.

    The same applies to $original_local_part and $original_domain.

2) The use of $sender_address will likewise be disallowed.  This
    and the "-f" flag can be dropped from the dovecot-lda command line,
    and the specification of a null "message_prefix" option removed.

    The defaults for a pipe transport will then prefix the message
    with a suitable Mbox "From " header line, which dovecot-lda is
    documented to extract the sender from.

Both of these suggestions are back-compatible to the current 4.95
release of Exim, and will be required with the 4.96 release.
BEGIN:VCARD
VERSION:4.0
N:PELISSIER;Benoît;;;
FN:PELISSIER Benoît
EMAIL;PREF=1;TYPE=work:bpeliss...@lan2net.fr
URL;TYPE=work:https://www.lan2net.fr
ADR;TYPE=work:;;12 avenue Jules Verne - bâtiment A;Saint-Sébastien-Sur-Lo
 ire;;44230;FRANCE
TITLE:Administrateur Systèmes et Réseaux
ORG:Lan2Net - L'informatique fiable sous Linux + logiciels libres\, membre 
 du réseau "Alliance-Libre"
TEL;TYPE=work;VALUE=TEXT:02 85 52 65 37
END:VCARD

_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Reply via email to