On 2023-10-26 Thomas Andrews via Exim-users <exim-users@lists.exim.org> wrote: > On 10/25/23 23:09, Jeremy Harris via Exim-users wrote: [...] > > For use in a command line for a pipe transport, you'll need de-tainted > > versions of those. Which means full verification of both components > > against a local source of trust.
> The destination address could be g...@wimzail.org or anything - ie I have no > way to de-taint it as it is not a local address. Therefore using $local_part > and $domain is not an option. What are my other options? (By the way, it > doesn't actually matter if the destination address is tainted in my case - > the external program my_proggie will deal with that.) Exim will refuse to invoke the external arguments with tainted arguments. Other options are to pass on the information by different means than a commandline arguments, inline like using lmtp protocol. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## exim-users-unsubscr...@lists.exim.org ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
