On 09/02/2025 22:29, Daniel Botting via Exim-users wrote:
My understanding of tainting and experience so far is that it will stop your
configuration from working until you resolve the tainted data?
No.
Some data is tainted. Basically, if it came from the wire.
This is normal.
What is not permitted is the *expansion* of tainted data
(for fairly expansive interpretations thereof).
You *are* allowed to use tainted data as the key for a lookup
(in fact, that's the most common way of getting untainted data).
So your
${lookup{$sender_address}nwildlsearch{CONFDIR/sender-whitelist}
is fine.
If you want to play around to see what happens, use "exim -d -be".
Expansion-test mode on current Exim lets you set variables and mark
the content as tainted.
--
Cheers,
Jeremy
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscr...@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
