Hello EPEL on Centos/RHEL 7 recently gave use Exim 4.94 which broken significant parts of our config.
We tried to re-write things to conform to the new severely restricted Exim config language but some parts are giving us trouble. One bit is this transport which we have been using for years now for debugging purposes (we mostly run webservers using exim to send mails from websites we develop). > # save copy of outgoing messages > traffic_tap_save_copy: > driver = appendfile > delivery_date_add > envelope_to_add > return_path_add > maildir_format = true > create_directory = true > directory = > /var/mailarchive/outgoing/$sender_address_domain/$sender_address_local_part/$domain/$local_part/ > user = mail > group = mail Basically this is supposed to save all outgoing mail indexed by both sending and recipient address. I can not see a way to implement this at all (short of letting exim dump it all in one folder and use more flexible tools to sort it into separate directories. We also have similar transports for storing incoming mail for virtual users. Search/Replace does not lead to de-tainting. Calling external programs to filter the data (bad as that would be for performance anyway) does not seem to de-taint data. I obviously can not build a lookup table for any possible domain and local part in the entire internet to de-taint this. In a regular programming language or a shell script or our Puppet manifest what we would do here is just some search and replace of all dangerous characters (all but the known safe ones in fact) with something like an underscore and be done with it. How does that work in the new tainted exim reality? On a side-note, to the best of my knowledge other than slash and the null byte on Linux at least all characters are safe for use in filenames anyway though I could see how you want to avoid the risk of them being fed into other tools indirectly that way. Thanks for any help you can provide. Sorry for any of my annoyance that bled through in the paragraphs above but this change really has severely limited the expressiveness of the Exim config language without any warning. It feels like this should have been a major version update. Matthias Hörmann -- Mit freundlichen Grüßen, Matthias Hörmann fon: +49 (0) 521 - 329647-29 fax: +49 (0) 521 - 329647-40 email: [email protected] --------------- saltation GmbH & Co. KG | Niederwall 43 | 33602 Bielefeld Sitz Bielefeld | Amtsgericht Bielefeld HRA 15344 Persönlich haftende Gesellschafterin: saltation Beteiligungs-GmbH | Niederwall 43 | 33602 Bielefeld Sitz Bielefeld | Amtsgericht Bielefeld HRB 39339 Geschäftsführer: Daniel Brün --------------- Wir erfüllen unsere Informationspflichten gem. Artt. 13-14 DS-GVO durch Veröffentlichung auf unserer Internetseite unter https://www.saltation.com/de/datenschutzerklaerung.html oder durch Zusendung auf Ihre formlose Anfrage. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
