X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/bff2d6435aecaf2701ba12c4dd99c7f395953f19..7ad863f3819407559cd654639c25dcae427c190f:/test/stderr/5420

diff --git a/test/stderr/5420 b/test/stderr/5420
index 39e963227..ff97dbbc7 100644
--- a/test/stderr/5420
+++ b/test/stderr/5420
@@ -1,10 +1,17 @@
 Exim version x.yz ....
+adding SSLKEYLOGFILE=TESTSUITE/spool/sslkeys
 configuration file is TESTSUITE/test-config
 admin user
  in hosts_connection_nolog? no (option unset)
 LOG: smtp_connection MAIN
   SMTP connection from CALLER
  â­considering: $smtp_active_hostname ESMTP Exim $version_number $tod_full
+ âconsidering:  ESMTP Exim $version_number $tod_full
+ ââââââââtext:  ESMTP Exim 
+ âconsidering: $version_number $tod_full
+ âconsidering:  $tod_full
+ ââââââââtext:  
+ âconsidering: $tod_full
  âââexpanding: $smtp_active_hostname ESMTP Exim $version_number $tod_full
  â°âââââresult: myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
  in dsn_advertise_hosts? no (option unset)
@@ -13,18 +20,26 @@ LOG: smtp_connection MAIN
  in tls_advertise_hosts? yes (matched "*")
  â­considering: ${if eq {SERVER}{server}{queue}{cutthrough}}
   â­considering: SERVER}{server}{queue}{cutthrough}}
+  ââââââââtext: SERVER
+  âconsidering: }{server}{queue}{cutthrough}}
   âââexpanding: SERVER
   â°âââââresult: SERVER
   â­considering: server}{queue}{cutthrough}}
+  ââââââââtext: server
+  âconsidering: }{queue}{cutthrough}}
   âââexpanding: server
   â°âââââresult: server
  âââcondition: eq {SERVER}{server}
  ââââââresult: false
   â­âââscanning: queue}{cutthrough}}
+  ââââââââtext: queue
+  ââââscanning: }{cutthrough}}
   âââexpanding: queue
   ââââââresult: queue
   â°âââskipping: result is not used
   â­considering: cutthrough}}
+  ââââââââtext: cutthrough
+  âconsidering: }}
   âââexpanding: cutthrough
   â°âââââresult: cutthrough
  âââexpanding: ${if eq {SERVER}{server}{queue}{cutthrough}}
@@ -38,6 +53,7 @@ domain.com in "! +local_domains"? yes (end of list)
  â­considering: $local_part
  âââexpanding: $local_part
  â°âââââresult: userx
+            â°ââ(tainted)
 domain.com in "*"? yes (matched "*")
 ----------- end verify ------------
 accept: condition test succeeded in ACL "cutthrough"
@@ -48,8 +64,9 @@ domain.com in "! +local_domains"? yes (end of list)
  â­considering: $local_part
  âââexpanding: $local_part
  â°âââââresult: userx
+            â°ââ(tainted)
 domain.com in "*"? yes (matched "*")
-Connecting to 127.0.0.1 [127.0.0.1]:1225 from ip4.ip4.ip4.ip4 ... connected
+Connecting to 127.0.0.1 [127.0.0.1]:1225 from ip4.ip4.ip4.ip4 ...  connected
  â­considering: $primary_hostname
  âââexpanding: $primary_hostname
  â°âââââresult: myhost.test.ex
@@ -65,18 +82,26 @@ cmd buf flush ddd bytes
          250 HELP
  â­considering: ${if eq {$address_data}{usery}{*}{:}}
   â­considering: $address_data}{usery}{*}{:}}
+  âconsidering: }{usery}{*}{:}}
   âââexpanding: $address_data
   â°âââââresult: userx
+             â°ââ(tainted)
   â­considering: usery}{*}{:}}
+  ââââââââtext: usery
+  âconsidering: }{*}{:}}
   âââexpanding: usery
   â°âââââresult: usery
  âââcondition: eq {$address_data}{usery}
  ââââââresult: false
   â­âââscanning: *}{:}}
+  ââââââââtext: *
+  ââââscanning: }{:}}
   âââexpanding: *
   ââââââresult: *
   â°âââskipping: result is not used
   â­considering: :}}
+  ââââââââtext: :
+  âconsidering: }}
   âââexpanding: :
   â°âââââresult: :
  âââexpanding: ${if eq {$address_data}{usery}{*}{:}}
@@ -84,18 +109,26 @@ cmd buf flush ddd bytes
 127.0.0.1 in hosts_avoid_tls? no (end of list)
  â­considering: ${if eq {$address_data}{userz}{*}{:}}
   â­considering: $address_data}{userz}{*}{:}}
+  âconsidering: }{userz}{*}{:}}
   âââexpanding: $address_data
   â°âââââresult: userx
+             â°ââ(tainted)
   â­considering: userz}{*}{:}}
+  ââââââââtext: userz
+  âconsidering: }{*}{:}}
   âââexpanding: userz
   â°âââââresult: userz
  âââcondition: eq {$address_data}{userz}
  ââââââresult: false
   â­âââscanning: *}{:}}
+  ââââââââtext: *
+  ââââscanning: }{:}}
   âââexpanding: *
   ââââââresult: *
   â°âââskipping: result is not used
   â­considering: :}}
+  ââââââââtext: :
+  âconsidering: }}
   âââexpanding: :
   â°âââââresult: :
  âââexpanding: ${if eq {$address_data}{userz}{*}{:}}
@@ -118,16 +151,16 @@ cmd buf flush ddd bytes
 using PIPELINING
 not using DSN
 127.0.0.1 in hosts_require_auth? no (option unset)
-  SMTP>> MAIL FROM:<CALLER@myhost.test.ex>
+  SMTP|> MAIL FROM:<CALLER@myhost.test.ex>
   SMTP>> RCPT TO:<userx@domain.com>
 cmd buf flush ddd bytes
 sync_responses expect mail
   SMTP<< 250 OK
-sync_responses expect rcpt
+sync_responses expect rcpt for userx@domain.com
   SMTP<< 250 Accepted
 holding verify callout open for cutthrough delivery
 ----------- end cutthrough setup ------------
-processing "accept" (TESTSUITE/test-config 54)
+processing "accept" (TESTSUITE/test-config 55)
 accept: condition test succeeded in inline ACL
 end of inline ACL: ACCEPT
   SMTP>> DATA
@@ -137,7 +170,15 @@ end of inline ACL: ACCEPT
  â°âââââresult: Tue, 2 Mar 1999 09:44:33 +0000
  â­considering: Received: ${if def:sender_rcvhost {from $sender_rcvhost
  	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
- 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: Received: 
+ âconsidering: ${if def:sender_rcvhost {from $sender_rcvhost
+ 	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+ 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
  	}}(Exim $version_number)
  	${if def:sender_address {(envelope-from <$sender_address>)
  	}}id $message_exim_id${if def:received_for {
@@ -146,7 +187,30 @@ end of inline ACL: ACCEPT
  ââââââresult: false
   â­âââscanning: from $sender_rcvhost
   	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
-  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: from 
+  ââââscanning: $sender_rcvhost
+  	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââscanning: 
+  	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: 
+  	
+  ââââscanning: }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
   	}}(Exim $version_number)
   	${if def:sender_address {(envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
@@ -157,7 +221,7 @@ end of inline ACL: ACCEPT
   	
   â°âââskipping: result is not used
   â­considering: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
-  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
   	}}(Exim $version_number)
   	${if def:sender_address {(envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
@@ -165,25 +229,79 @@ end of inline ACL: ACCEPT
   âââcondition: def:sender_ident
   ââââââresult: true
    â­considering: from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
-   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   ââââââââtext: from 
+   âconsidering: ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
    	}}(Exim $version_number)
    	${if def:sender_address {(envelope-from <$sender_address>)
    	}}id $message_exim_id${if def:received_for {
    	for $received_for}}
    ââ­considering: $sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
-   â	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   â	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   â	}}(Exim $version_number)
+   â	${if def:sender_address {(envelope-from <$sender_address>)
+   â	}}id $message_exim_id${if def:received_for {
+   â	for $received_for}}
+   ââconsidering: } }}${if def:sender_helo_name {(helo=$sender_helo_name)
+   â	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
    â	}}(Exim $version_number)
    â	${if def:sender_address {(envelope-from <$sender_address>)
    â	}}id $message_exim_id${if def:received_for {
    â	for $received_for}}
    ââââexpanding: $sender_ident
    ââ°âââââresult: CALLER
+   ââââââop-res: CALLER
+   âconsidering:  }}${if def:sender_helo_name {(helo=$sender_helo_name)
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   ââââââââtext:  
+   âconsidering: }}${if def:sender_helo_name {(helo=$sender_helo_name)
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
    âââexpanding: from ${quote_local_part:$sender_ident} 
    â°âââââresult: from CALLER 
+  ââââitem-res: from CALLER 
+  âconsidering: ${if def:sender_helo_name {(helo=$sender_helo_name)
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
   âââcondition: def:sender_helo_name
   ââââââresult: true
    â­considering: (helo=$sender_helo_name)
-   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   ââââââââtext: (helo=
+   âconsidering: $sender_helo_name)
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   âconsidering: )
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   ââââââââtext: )
+   	
+   âconsidering: }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
    	}}(Exim $version_number)
    	${if def:sender_address {(envelope-from <$sender_address>)
    	}}id $message_exim_id${if def:received_for {
@@ -192,19 +310,90 @@ end of inline ACL: ACCEPT
    	
    â°âââââresult: (helo=myhost.test.ex)
    	
+              â°ââ(tainted)
+  ââââitem-res: (helo=myhost.test.ex)
+  	
+             â°ââ(tainted)
+  âconsidering: }}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
   âââexpanding: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
   	}}
   â°âââââresult: from CALLER (helo=myhost.test.ex)
   	
+             â°ââ(tainted)
+ ââââitem-res: from CALLER (helo=myhost.test.ex)
+ 	
+            â°ââ(tainted)
+ âconsidering: by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: by 
+ âconsidering: $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ âconsidering:  ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext:  
+ âconsidering: ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
  âââcondition: def:received_protocol
  ââââââresult: true
-  â­considering: with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  â­considering: with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: with 
+  âconsidering: $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  âconsidering:  }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext:  
+  âconsidering: }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
   	}}(Exim $version_number)
   	${if def:sender_address {(envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
   	for $received_for}}
   âââexpanding: with $received_protocol 
   â°âââââresult: with local-esmtp 
+ ââââitem-res: with local-esmtp 
+            â°ââ(tainted)
+ âconsidering: ${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  âââexpanding:  ($tls_in_ver)
+  ââââââresult:  ()
+  â°âââskipping: result is not used
+ ââââitem-res: 
+            â°ââ(tainted)
+ âconsidering: ${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
  âââcondition: def:tls_in_cipher_std
  ââââââresult: false
   â­âââscanning:  tls $tls_in_cipher_std
@@ -212,31 +401,97 @@ end of inline ACL: ACCEPT
   	${if def:sender_address {(envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
   	for $received_for}}
+  ââââââââtext:  tls 
+  ââââscanning: $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââscanning: 
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: 
+  	
+  ââââscanning: }}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
   âââexpanding:  tls $tls_in_cipher_std
   	
   ââââââresult:  tls 
   	
   â°âââskipping: result is not used
+ ââââitem-res: 
+            â°ââ(tainted)
+ âconsidering: (Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: (Exim 
+ âconsidering: $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ âconsidering: )
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: )
+ 	
+ âconsidering: ${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
  âââcondition: def:sender_address
  ââââââresult: true
   â­considering: (envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
   	for $received_for}}
+  ââââââââtext: (envelope-from <
+  âconsidering: $sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  âconsidering: >)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: >)
+  	
+  âconsidering: }}id $message_exim_id${if def:received_for {
+  	for $received_for}}
   âââexpanding: (envelope-from <$sender_address>)
   	
   â°âââââresult: (envelope-from <CALLER@myhost.test.ex>)
   	
+ ââââitem-res: (envelope-from <CALLER@myhost.test.ex>)
+ 	
+            â°ââ(tainted)
+ âconsidering: id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: id 
+ âconsidering: $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ âconsidering: ${if def:received_for {
+ 	for $received_for}}
  âââcondition: def:received_for
  ââââââresult: true
   â­considering: 
   	for $received_for}}
+  ââââââââtext: 
+  	for 
+  âconsidering: $received_for}}
+  âconsidering: }}
   âââexpanding: 
   	for $received_for
   â°âââââresult: 
   	for userx@domain.com
+             â°ââ(tainted)
+ ââââitem-res: 
+ 	for userx@domain.com
+            â°ââ(tainted)
  âââexpanding: Received: ${if def:sender_rcvhost {from $sender_rcvhost
  	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
- 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
  	}}(Exim $version_number)
  	${if def:sender_address {(envelope-from <$sender_address>)
  	}}id $message_exim_id${if def:received_for {
@@ -246,6 +501,7 @@ end of inline ACL: ACCEPT
  	(envelope-from <CALLER@myhost.test.ex>)
  	id 10HmaX-0005vi-00
  	for userx@domain.com
+            â°ââ(tainted)
 ----------- start cutthrough headers send -----------
 ----------- done cutthrough headers send ------------
  â­considering: ${tod_full}
@@ -265,14 +521,21 @@ LOG: MAIN
   Completed
 LOG: smtp_connection MAIN
   SMTP connection from CALLER closed by QUIT
->>>>>>>>>>>>>>>> Exim pid=pppp (msg setup toplevel) terminating with rc=0 >>>>>>>>>>>>>>>>
+>>>>>>>>>>>>>>>> Exim pid=pppp (fresh-exec) terminating with rc=0 >>>>>>>>>>>>>>>>
 Exim version x.yz ....
+adding SSLKEYLOGFILE=TESTSUITE/spool/sslkeys
 configuration file is TESTSUITE/test-config
 admin user
  in hosts_connection_nolog? no (option unset)
 LOG: smtp_connection MAIN
   SMTP connection from CALLER
  â­considering: $smtp_active_hostname ESMTP Exim $version_number $tod_full
+ âconsidering:  ESMTP Exim $version_number $tod_full
+ ââââââââtext:  ESMTP Exim 
+ âconsidering: $version_number $tod_full
+ âconsidering:  $tod_full
+ ââââââââtext:  
+ âconsidering: $tod_full
  âââexpanding: $smtp_active_hostname ESMTP Exim $version_number $tod_full
  â°âââââresult: myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
  in dsn_advertise_hosts? no (option unset)
@@ -281,18 +544,26 @@ LOG: smtp_connection MAIN
  in tls_advertise_hosts? yes (matched "*")
  â­considering: ${if eq {SERVER}{server}{queue}{cutthrough}}
   â­considering: SERVER}{server}{queue}{cutthrough}}
+  ââââââââtext: SERVER
+  âconsidering: }{server}{queue}{cutthrough}}
   âââexpanding: SERVER
   â°âââââresult: SERVER
   â­considering: server}{queue}{cutthrough}}
+  ââââââââtext: server
+  âconsidering: }{queue}{cutthrough}}
   âââexpanding: server
   â°âââââresult: server
  âââcondition: eq {SERVER}{server}
  ââââââresult: false
   â­âââscanning: queue}{cutthrough}}
+  ââââââââtext: queue
+  ââââscanning: }{cutthrough}}
   âââexpanding: queue
   ââââââresult: queue
   â°âââskipping: result is not used
   â­considering: cutthrough}}
+  ââââââââtext: cutthrough
+  âconsidering: }}
   âââexpanding: cutthrough
   â°âââââresult: cutthrough
  âââexpanding: ${if eq {SERVER}{server}{queue}{cutthrough}}
@@ -306,6 +577,7 @@ domain.com in "! +local_domains"? yes (end of list)
  â­considering: $local_part
  âââexpanding: $local_part
  â°âââââresult: usery
+            â°ââ(tainted)
 domain.com in "*"? yes (matched "*")
 ----------- end verify ------------
 accept: condition test succeeded in ACL "cutthrough"
@@ -316,8 +588,9 @@ domain.com in "! +local_domains"? yes (end of list)
  â­considering: $local_part
  âââexpanding: $local_part
  â°âââââresult: usery
+            â°ââ(tainted)
 domain.com in "*"? yes (matched "*")
-Connecting to 127.0.0.1 [127.0.0.1]:1225 from ip4.ip4.ip4.ip4 ... connected
+Connecting to 127.0.0.1 [127.0.0.1]:1225 from ip4.ip4.ip4.ip4 ...  connected
  â­considering: $primary_hostname
  âââexpanding: $primary_hostname
  â°âââââresult: myhost.test.ex
@@ -333,17 +606,25 @@ cmd buf flush ddd bytes
          250 HELP
  â­considering: ${if eq {$address_data}{usery}{*}{:}}
   â­considering: $address_data}{usery}{*}{:}}
+  âconsidering: }{usery}{*}{:}}
   âââexpanding: $address_data
   â°âââââresult: usery
+             â°ââ(tainted)
   â­considering: usery}{*}{:}}
+  ââââââââtext: usery
+  âconsidering: }{*}{:}}
   âââexpanding: usery
   â°âââââresult: usery
  âââcondition: eq {$address_data}{usery}
  ââââââresult: true
   â­considering: *}{:}}
+  ââââââââtext: *
+  âconsidering: }{:}}
   âââexpanding: *
   â°âââââresult: *
   â­âââscanning: :}}
+  ââââââââtext: :
+  ââââscanning: }}
   âââexpanding: :
   ââââââresult: :
   â°âââskipping: result is not used
@@ -354,16 +635,16 @@ cmd buf flush ddd bytes
 using PIPELINING
 not using DSN
 127.0.0.1 in hosts_require_auth? no (option unset)
-  SMTP>> MAIL FROM:<CALLER@myhost.test.ex>
+  SMTP|> MAIL FROM:<CALLER@myhost.test.ex>
   SMTP>> RCPT TO:<usery@domain.com>
 cmd buf flush ddd bytes
 sync_responses expect mail
   SMTP<< 250 OK
-sync_responses expect rcpt
+sync_responses expect rcpt for usery@domain.com
   SMTP<< 250 Accepted
 holding verify callout open for cutthrough delivery
 ----------- end cutthrough setup ------------
-processing "accept" (TESTSUITE/test-config 54)
+processing "accept" (TESTSUITE/test-config 55)
 accept: condition test succeeded in inline ACL
 end of inline ACL: ACCEPT
   SMTP>> DATA
@@ -373,7 +654,15 @@ end of inline ACL: ACCEPT
  â°âââââresult: Tue, 2 Mar 1999 09:44:33 +0000
  â­considering: Received: ${if def:sender_rcvhost {from $sender_rcvhost
  	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
- 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: Received: 
+ âconsidering: ${if def:sender_rcvhost {from $sender_rcvhost
+ 	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+ 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
  	}}(Exim $version_number)
  	${if def:sender_address {(envelope-from <$sender_address>)
  	}}id $message_exim_id${if def:received_for {
@@ -382,7 +671,30 @@ end of inline ACL: ACCEPT
  ââââââresult: false
   â­âââscanning: from $sender_rcvhost
   	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
-  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: from 
+  ââââscanning: $sender_rcvhost
+  	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââscanning: 
+  	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: 
+  	
+  ââââscanning: }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
   	}}(Exim $version_number)
   	${if def:sender_address {(envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
@@ -393,7 +705,7 @@ end of inline ACL: ACCEPT
   	
   â°âââskipping: result is not used
   â­considering: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
-  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
   	}}(Exim $version_number)
   	${if def:sender_address {(envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
@@ -401,25 +713,79 @@ end of inline ACL: ACCEPT
   âââcondition: def:sender_ident
   ââââââresult: true
    â­considering: from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
-   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   ââââââââtext: from 
+   âconsidering: ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
    	}}(Exim $version_number)
    	${if def:sender_address {(envelope-from <$sender_address>)
    	}}id $message_exim_id${if def:received_for {
    	for $received_for}}
    ââ­considering: $sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
-   â	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   â	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   â	}}(Exim $version_number)
+   â	${if def:sender_address {(envelope-from <$sender_address>)
+   â	}}id $message_exim_id${if def:received_for {
+   â	for $received_for}}
+   ââconsidering: } }}${if def:sender_helo_name {(helo=$sender_helo_name)
+   â	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
    â	}}(Exim $version_number)
    â	${if def:sender_address {(envelope-from <$sender_address>)
    â	}}id $message_exim_id${if def:received_for {
    â	for $received_for}}
    ââââexpanding: $sender_ident
    ââ°âââââresult: CALLER
+   ââââââop-res: CALLER
+   âconsidering:  }}${if def:sender_helo_name {(helo=$sender_helo_name)
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   ââââââââtext:  
+   âconsidering: }}${if def:sender_helo_name {(helo=$sender_helo_name)
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
    âââexpanding: from ${quote_local_part:$sender_ident} 
    â°âââââresult: from CALLER 
+  ââââitem-res: from CALLER 
+  âconsidering: ${if def:sender_helo_name {(helo=$sender_helo_name)
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
   âââcondition: def:sender_helo_name
   ââââââresult: true
    â­considering: (helo=$sender_helo_name)
-   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   ââââââââtext: (helo=
+   âconsidering: $sender_helo_name)
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   âconsidering: )
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   ââââââââtext: )
+   	
+   âconsidering: }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
    	}}(Exim $version_number)
    	${if def:sender_address {(envelope-from <$sender_address>)
    	}}id $message_exim_id${if def:received_for {
@@ -428,19 +794,90 @@ end of inline ACL: ACCEPT
    	
    â°âââââresult: (helo=myhost.test.ex)
    	
+              â°ââ(tainted)
+  ââââitem-res: (helo=myhost.test.ex)
+  	
+             â°ââ(tainted)
+  âconsidering: }}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
   âââexpanding: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
   	}}
   â°âââââresult: from CALLER (helo=myhost.test.ex)
   	
+             â°ââ(tainted)
+ ââââitem-res: from CALLER (helo=myhost.test.ex)
+ 	
+            â°ââ(tainted)
+ âconsidering: by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: by 
+ âconsidering: $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ âconsidering:  ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext:  
+ âconsidering: ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
  âââcondition: def:received_protocol
  ââââââresult: true
-  â­considering: with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  â­considering: with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: with 
+  âconsidering: $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  âconsidering:  }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext:  
+  âconsidering: }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
   	}}(Exim $version_number)
   	${if def:sender_address {(envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
   	for $received_for}}
   âââexpanding: with $received_protocol 
   â°âââââresult: with local-esmtp 
+ ââââitem-res: with local-esmtp 
+            â°ââ(tainted)
+ âconsidering: ${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  âââexpanding:  ($tls_in_ver)
+  ââââââresult:  ()
+  â°âââskipping: result is not used
+ ââââitem-res: 
+            â°ââ(tainted)
+ âconsidering: ${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
  âââcondition: def:tls_in_cipher_std
  ââââââresult: false
   â­âââscanning:  tls $tls_in_cipher_std
@@ -448,31 +885,97 @@ end of inline ACL: ACCEPT
   	${if def:sender_address {(envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
   	for $received_for}}
+  ââââââââtext:  tls 
+  ââââscanning: $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââscanning: 
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: 
+  	
+  ââââscanning: }}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
   âââexpanding:  tls $tls_in_cipher_std
   	
   ââââââresult:  tls 
   	
   â°âââskipping: result is not used
+ ââââitem-res: 
+            â°ââ(tainted)
+ âconsidering: (Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: (Exim 
+ âconsidering: $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ âconsidering: )
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: )
+ 	
+ âconsidering: ${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
  âââcondition: def:sender_address
  ââââââresult: true
   â­considering: (envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
   	for $received_for}}
+  ââââââââtext: (envelope-from <
+  âconsidering: $sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  âconsidering: >)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: >)
+  	
+  âconsidering: }}id $message_exim_id${if def:received_for {
+  	for $received_for}}
   âââexpanding: (envelope-from <$sender_address>)
   	
   â°âââââresult: (envelope-from <CALLER@myhost.test.ex>)
   	
+ ââââitem-res: (envelope-from <CALLER@myhost.test.ex>)
+ 	
+            â°ââ(tainted)
+ âconsidering: id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: id 
+ âconsidering: $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ âconsidering: ${if def:received_for {
+ 	for $received_for}}
  âââcondition: def:received_for
  ââââââresult: true
   â­considering: 
   	for $received_for}}
+  ââââââââtext: 
+  	for 
+  âconsidering: $received_for}}
+  âconsidering: }}
   âââexpanding: 
   	for $received_for
   â°âââââresult: 
   	for usery@domain.com
+             â°ââ(tainted)
+ ââââitem-res: 
+ 	for usery@domain.com
+            â°ââ(tainted)
  âââexpanding: Received: ${if def:sender_rcvhost {from $sender_rcvhost
  	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
- 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
  	}}(Exim $version_number)
  	${if def:sender_address {(envelope-from <$sender_address>)
  	}}id $message_exim_id${if def:received_for {
@@ -482,6 +985,7 @@ end of inline ACL: ACCEPT
  	(envelope-from <CALLER@myhost.test.ex>)
  	id 10HmaZ-0005vi-00
  	for usery@domain.com
+            â°ââ(tainted)
 ----------- start cutthrough headers send -----------
 ----------- done cutthrough headers send ------------
  â­considering: ${tod_full}
@@ -501,14 +1005,21 @@ LOG: MAIN
   Completed
 LOG: smtp_connection MAIN
   SMTP connection from CALLER closed by QUIT
->>>>>>>>>>>>>>>> Exim pid=pppp (msg setup toplevel) terminating with rc=0 >>>>>>>>>>>>>>>>
+>>>>>>>>>>>>>>>> Exim pid=pppp (fresh-exec) terminating with rc=0 >>>>>>>>>>>>>>>>
 Exim version x.yz ....
+adding SSLKEYLOGFILE=TESTSUITE/spool/sslkeys
 configuration file is TESTSUITE/test-config
 admin user
  in hosts_connection_nolog? no (option unset)
 LOG: smtp_connection MAIN
   SMTP connection from CALLER
  â­considering: $smtp_active_hostname ESMTP Exim $version_number $tod_full
+ âconsidering:  ESMTP Exim $version_number $tod_full
+ ââââââââtext:  ESMTP Exim 
+ âconsidering: $version_number $tod_full
+ âconsidering:  $tod_full
+ ââââââââtext:  
+ âconsidering: $tod_full
  âââexpanding: $smtp_active_hostname ESMTP Exim $version_number $tod_full
  â°âââââresult: myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
  in dsn_advertise_hosts? no (option unset)
@@ -517,18 +1028,26 @@ LOG: smtp_connection MAIN
  in tls_advertise_hosts? yes (matched "*")
  â­considering: ${if eq {SERVER}{server}{queue}{cutthrough}}
   â­considering: SERVER}{server}{queue}{cutthrough}}
+  ââââââââtext: SERVER
+  âconsidering: }{server}{queue}{cutthrough}}
   âââexpanding: SERVER
   â°âââââresult: SERVER
   â­considering: server}{queue}{cutthrough}}
+  ââââââââtext: server
+  âconsidering: }{queue}{cutthrough}}
   âââexpanding: server
   â°âââââresult: server
  âââcondition: eq {SERVER}{server}
  ââââââresult: false
   â­âââscanning: queue}{cutthrough}}
+  ââââââââtext: queue
+  ââââscanning: }{cutthrough}}
   âââexpanding: queue
   ââââââresult: queue
   â°âââskipping: result is not used
   â­considering: cutthrough}}
+  ââââââââtext: cutthrough
+  âconsidering: }}
   âââexpanding: cutthrough
   â°âââââresult: cutthrough
  âââexpanding: ${if eq {SERVER}{server}{queue}{cutthrough}}
@@ -542,6 +1061,7 @@ domain.com in "! +local_domains"? yes (end of list)
  â­considering: $local_part
  âââexpanding: $local_part
  â°âââââresult: usery
+            â°ââ(tainted)
 domain.com in "*"? yes (matched "*")
 ----------- end verify ------------
 accept: condition test succeeded in ACL "cutthrough"
@@ -552,8 +1072,9 @@ domain.com in "! +local_domains"? yes (end of list)
  â­considering: $local_part
  âââexpanding: $local_part
  â°âââââresult: usery
+            â°ââ(tainted)
 domain.com in "*"? yes (matched "*")
-Connecting to 127.0.0.1 [127.0.0.1]:1225 from ip4.ip4.ip4.ip4 ... connected
+Connecting to 127.0.0.1 [127.0.0.1]:1225 from ip4.ip4.ip4.ip4 ...  connected
  â­considering: $primary_hostname
  âââexpanding: $primary_hostname
  â°âââââresult: myhost.test.ex
@@ -569,17 +1090,25 @@ cmd buf flush ddd bytes
          250 HELP
  â­considering: ${if eq {$address_data}{usery}{*}{:}}
   â­considering: $address_data}{usery}{*}{:}}
+  âconsidering: }{usery}{*}{:}}
   âââexpanding: $address_data
   â°âââââresult: usery
+             â°ââ(tainted)
   â­considering: usery}{*}{:}}
+  ââââââââtext: usery
+  âconsidering: }{*}{:}}
   âââexpanding: usery
   â°âââââresult: usery
  âââcondition: eq {$address_data}{usery}
  ââââââresult: true
   â­considering: *}{:}}
+  ââââââââtext: *
+  âconsidering: }{:}}
   âââexpanding: *
   â°âââââresult: *
   â­âââscanning: :}}
+  ââââââââtext: :
+  ââââscanning: }}
   âââexpanding: :
   ââââââresult: :
   â°âââskipping: result is not used
@@ -590,16 +1119,16 @@ cmd buf flush ddd bytes
 using PIPELINING
 not using DSN
 127.0.0.1 in hosts_require_auth? no (option unset)
-  SMTP>> MAIL FROM:<CALLER@myhost.test.ex>
+  SMTP|> MAIL FROM:<CALLER@myhost.test.ex>
   SMTP>> RCPT TO:<usery@domain.com>
 cmd buf flush ddd bytes
 sync_responses expect mail
   SMTP<< 250 OK
-sync_responses expect rcpt
+sync_responses expect rcpt for usery@domain.com
   SMTP<< 250 Accepted
 holding verify callout open for cutthrough delivery
 ----------- end cutthrough setup ------------
-processing "accept" (TESTSUITE/test-config 54)
+processing "accept" (TESTSUITE/test-config 55)
 accept: condition test succeeded in inline ACL
 end of inline ACL: ACCEPT
   SMTP>> DATA
@@ -609,7 +1138,15 @@ end of inline ACL: ACCEPT
  â°âââââresult: Tue, 2 Mar 1999 09:44:33 +0000
  â­considering: Received: ${if def:sender_rcvhost {from $sender_rcvhost
  	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
- 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: Received: 
+ âconsidering: ${if def:sender_rcvhost {from $sender_rcvhost
+ 	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+ 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
  	}}(Exim $version_number)
  	${if def:sender_address {(envelope-from <$sender_address>)
  	}}id $message_exim_id${if def:received_for {
@@ -618,7 +1155,30 @@ end of inline ACL: ACCEPT
  ââââââresult: false
   â­âââscanning: from $sender_rcvhost
   	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
-  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: from 
+  ââââscanning: $sender_rcvhost
+  	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââscanning: 
+  	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: 
+  	
+  ââââscanning: }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
   	}}(Exim $version_number)
   	${if def:sender_address {(envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
@@ -629,7 +1189,7 @@ end of inline ACL: ACCEPT
   	
   â°âââskipping: result is not used
   â­considering: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
-  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
   	}}(Exim $version_number)
   	${if def:sender_address {(envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
@@ -637,25 +1197,79 @@ end of inline ACL: ACCEPT
   âââcondition: def:sender_ident
   ââââââresult: true
    â­considering: from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
-   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   ââââââââtext: from 
+   âconsidering: ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
    	}}(Exim $version_number)
    	${if def:sender_address {(envelope-from <$sender_address>)
    	}}id $message_exim_id${if def:received_for {
    	for $received_for}}
    ââ­considering: $sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
-   â	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   â	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   â	}}(Exim $version_number)
+   â	${if def:sender_address {(envelope-from <$sender_address>)
+   â	}}id $message_exim_id${if def:received_for {
+   â	for $received_for}}
+   ââconsidering: } }}${if def:sender_helo_name {(helo=$sender_helo_name)
+   â	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
    â	}}(Exim $version_number)
    â	${if def:sender_address {(envelope-from <$sender_address>)
    â	}}id $message_exim_id${if def:received_for {
    â	for $received_for}}
    ââââexpanding: $sender_ident
    ââ°âââââresult: CALLER
+   ââââââop-res: CALLER
+   âconsidering:  }}${if def:sender_helo_name {(helo=$sender_helo_name)
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   ââââââââtext:  
+   âconsidering: }}${if def:sender_helo_name {(helo=$sender_helo_name)
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
    âââexpanding: from ${quote_local_part:$sender_ident} 
    â°âââââresult: from CALLER 
+  ââââitem-res: from CALLER 
+  âconsidering: ${if def:sender_helo_name {(helo=$sender_helo_name)
+  	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
   âââcondition: def:sender_helo_name
   ââââââresult: true
    â­considering: (helo=$sender_helo_name)
-   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   ââââââââtext: (helo=
+   âconsidering: $sender_helo_name)
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   âconsidering: )
+   	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+   	}}(Exim $version_number)
+   	${if def:sender_address {(envelope-from <$sender_address>)
+   	}}id $message_exim_id${if def:received_for {
+   	for $received_for}}
+   ââââââââtext: )
+   	
+   âconsidering: }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
    	}}(Exim $version_number)
    	${if def:sender_address {(envelope-from <$sender_address>)
    	}}id $message_exim_id${if def:received_for {
@@ -664,19 +1278,90 @@ end of inline ACL: ACCEPT
    	
    â°âââââresult: (helo=myhost.test.ex)
    	
+              â°ââ(tainted)
+  ââââitem-res: (helo=myhost.test.ex)
+  	
+             â°ââ(tainted)
+  âconsidering: }}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
   âââexpanding: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
   	}}
   â°âââââresult: from CALLER (helo=myhost.test.ex)
   	
+             â°ââ(tainted)
+ ââââitem-res: from CALLER (helo=myhost.test.ex)
+ 	
+            â°ââ(tainted)
+ âconsidering: by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: by 
+ âconsidering: $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ âconsidering:  ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext:  
+ âconsidering: ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
  âââcondition: def:received_protocol
  ââââââresult: true
-  â­considering: with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  â­considering: with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: with 
+  âconsidering: $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  âconsidering:  }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext:  
+  âconsidering: }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
   	}}(Exim $version_number)
   	${if def:sender_address {(envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
   	for $received_for}}
   âââexpanding: with $received_protocol 
   â°âââââresult: with local-esmtp 
+ ââââitem-res: with local-esmtp 
+            â°ââ(tainted)
+ âconsidering: ${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  âââexpanding:  ($tls_in_ver)
+  ââââââresult:  ()
+  â°âââskipping: result is not used
+ ââââitem-res: 
+            â°ââ(tainted)
+ âconsidering: ${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}(Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
  âââcondition: def:tls_in_cipher_std
  ââââââresult: false
   â­âââscanning:  tls $tls_in_cipher_std
@@ -684,31 +1369,97 @@ end of inline ACL: ACCEPT
   	${if def:sender_address {(envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
   	for $received_for}}
+  ââââââââtext:  tls 
+  ââââscanning: $tls_in_cipher_std
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââscanning: 
+  	}}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: 
+  	
+  ââââscanning: }}(Exim $version_number)
+  	${if def:sender_address {(envelope-from <$sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
   âââexpanding:  tls $tls_in_cipher_std
   	
   ââââââresult:  tls 
   	
   â°âââskipping: result is not used
+ ââââitem-res: 
+            â°ââ(tainted)
+ âconsidering: (Exim $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: (Exim 
+ âconsidering: $version_number)
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ âconsidering: )
+ 	${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: )
+ 	
+ âconsidering: ${if def:sender_address {(envelope-from <$sender_address>)
+ 	}}id $message_exim_id${if def:received_for {
+ 	for $received_for}}
  âââcondition: def:sender_address
  ââââââresult: true
   â­considering: (envelope-from <$sender_address>)
   	}}id $message_exim_id${if def:received_for {
   	for $received_for}}
+  ââââââââtext: (envelope-from <
+  âconsidering: $sender_address>)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  âconsidering: >)
+  	}}id $message_exim_id${if def:received_for {
+  	for $received_for}}
+  ââââââââtext: >)
+  	
+  âconsidering: }}id $message_exim_id${if def:received_for {
+  	for $received_for}}
   âââexpanding: (envelope-from <$sender_address>)
   	
   â°âââââresult: (envelope-from <CALLER@myhost.test.ex>)
   	
+ ââââitem-res: (envelope-from <CALLER@myhost.test.ex>)
+ 	
+            â°ââ(tainted)
+ âconsidering: id $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ ââââââââtext: id 
+ âconsidering: $message_exim_id${if def:received_for {
+ 	for $received_for}}
+ âconsidering: ${if def:received_for {
+ 	for $received_for}}
  âââcondition: def:received_for
  ââââââresult: true
   â­considering: 
   	for $received_for}}
+  ââââââââtext: 
+  	for 
+  âconsidering: $received_for}}
+  âconsidering: }}
   âââexpanding: 
   	for $received_for
   â°âââââresult: 
   	for usery@domain.com
+             â°ââ(tainted)
+ ââââitem-res: 
+ 	for usery@domain.com
+            â°ââ(tainted)
  âââexpanding: Received: ${if def:sender_rcvhost {from $sender_rcvhost
  	}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
- 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
+ 	}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver        { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std
  	}}(Exim $version_number)
  	${if def:sender_address {(envelope-from <$sender_address>)
  	}}id $message_exim_id${if def:received_for {
@@ -718,6 +1469,7 @@ end of inline ACL: ACCEPT
  	(envelope-from <CALLER@myhost.test.ex>)
  	id 10HmbB-0005vi-00
  	for usery@domain.com
+            â°ââ(tainted)
 ----------- start cutthrough headers send -----------
 ----------- done cutthrough headers send ------------
  â­considering: ${tod_full}
@@ -737,6 +1489,6 @@ LOG: MAIN
   Completed
 LOG: smtp_connection MAIN
   SMTP connection from CALLER closed by QUIT
->>>>>>>>>>>>>>>> Exim pid=pppp (msg setup toplevel) terminating with rc=0 >>>>>>>>>>>>>>>>
+>>>>>>>>>>>>>>>> Exim pid=pppp (fresh-exec) terminating with rc=0 >>>>>>>>>>>>>>>>
 
 ******** SERVER ********