1 # Exim test configuration 2610
3 .include DIR/aux-var/std_conf_prefix
5 primary_hostname = myhost.test.ex
7 # ----- Main settings -----
9 domainlist local_domains = @
10 hostlist relay_hosts = net-mysql;select * from them where id='$sender_host_address'
12 acl_smtp_rcpt = check_recipient
14 PARTIAL = 127.0.0.1::PORT_N
15 SSPEC = PARTIAL/test/root/pass
26 # taint only in lookup string
27 set acl_m0 = ok: ${lookup mysql {select name from them where id = '$local_part'}}
28 # option on lookup type unaffected
29 set acl_m0 = ok: ${lookup mysql,servers=SSPEC {select name from them where id = '$local_part'}}
30 # partial server-spec, indexing main-option, works
31 set acl_m0 = ok: ${lookup mysql,servers=PARTIAL {select name from them where id = '$local_part'}}
32 # oldstyle server spec, prepended to lookup string, fails with taint
33 set acl_m0 = FAIL: ${lookup mysql {servers=SSPEC; select name from them where id = '$local_part'}}
35 # In list-stle lookup, tainted lookup string is ok if server spec comes from main-option
36 warn set acl_m0 = ok: hostlist
37 hosts = net-mysql;select * from them where id='$local_part'
38 # ... but setting a per-query servers spec fails due to the taint
39 warn set acl_m0 = FAIL: hostlist
40 hosts = <& net-mysql;servers=SSPEC; select * from them where id='$local_part'
42 # The newer server-list-as-option-to-lookup-type is not a solution to tainted data in the lookup, because
43 # string-expansion is done before list-expansion so the taint contaminates the entire list.
44 warn set acl_m0 = FAIL: hostlist
45 hosts = <& net-mysql,servers=SSPEC; select * from them where id='$local_part'
47 accept domains = +local_domains
48 accept hosts = +relay_hosts
49 deny message = relay not permitted
58 address_data = ${lookup mysql{select name from them where id='ph10'}}
62 # ----- Transports -----
68 file = DIR/test-mail/\
69 ${lookup mysql{select id from them where id='ph10'}{$value}fail}
git://git.exim.org / exim.git / blob