1 # Exim test configuration 2620
3 PARTIAL=localhost::PORT_N
4 SERVERS=PARTIAL/test/CALLER/
6 .include DIR/aux-var/std_conf_prefix
8 primary_hostname = myhost.test.ex
10 # ----- Main settings -----
12 domainlist local_domains = @
13 hostlist relay_hosts = net-pgsql;select * from them where \
14 id='$sender_host_address'
16 acl_smtp_rcpt = check_recipient
18 pgsql_servers = SERVERS
28 # taint only in lookup string
29 set acl_m0 = ok: ${lookup pgsql {select name from them where id = '$local_part'}}
30 # option on lookup type unaffected
31 set acl_m0 = ok: ${lookup pgsql,servers=SERVERS {select name from them where id = '$local_part'}}
32 # partial server-spec, indexing main-option, works
33 set acl_m0 = ok: ${lookup pgsql,servers=PARTIAL {select name from them where id = '$local_part'}}
34 # oldstyle server spec, prepended to lookup string, fails with taint
35 set acl_m0 = FAIL: ${lookup pgsql {servers=SERVERS; select name from them where id = '$local_part'}}
37 # In list-stle lookup, tainted lookup string is ok if server spec comes from main-option
38 warn set acl_m0 = ok: hostlist
39 hosts = net-pgsql;select * from them where id='$local_part'
40 # ... but setting a per-query servers spec fails due to the taint
41 warn set acl_m0 = FAIL: hostlist
42 hosts = <& net-pgsql;servers=SERVERS; select * from them where id='$local_part'
44 # The newer server-list-as-option-to-lookup-type is not a solution to tainted data in the lookup, because
45 # string-expansion is done before list-expansion so the taint contaminates the entire list.
46 warn set acl_m0 = FAIL: hostlist
47 hosts = <& net-pgsql,servers=SERVERS; select * from them where id='$local_part'
49 accept domains = +local_domains
50 accept hosts = +relay_hosts
51 deny message = relay not permitted
60 address_data = ${lookup pgsql{select name from them where id='ph10'}}
64 # ----- Transports -----
70 file = DIR/test-mail/\
71 ${lookup pgsql{select id from them where id='ph10'}{$value}fail}