On 16/11/2022 14:06, Martin Clayton via Exim-users wrote:
Removing the rhsbl services (i.e, $sender_address_domain) and all is well.
Looks like I guessed wrong. I'm wondering why this taint error isn't widespread
-- could it be $filter/exists specific?
Aha! (otherwise pronounced "Doh!")...
This item:
dbl.spamhaus.org!=127.0.1.255,127.255.255.252,127.255.255.254,127.255.255.255/$sender_address_domain
because it uses $sender_address_domain (which is tainted), taints the entire
string
that is the list for ${filter...} (because string-expansion is done before
list-expansion).
Therefore every $item for the filter is tainted, and so the filtered result
list is also.
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
