Here my filter in centos is not working can anyone help me with it.

[email protected] cannot be resolved at this time: Tainted name '/etc/exim/users/soft/204.compilor.com/soft/filter' for file read not permitted

This is my issue which I get

My router

email_filter:
    driver = redirect
    allow_filter
    allow_fail
    forbid_filter_run
    forbid_filter_perl
    forbid_filter_lookup
    forbid_filter_readfile
    forbid_filter_readsocket
    no_check_local_user
    domains = lsearch;/etc/userdomains
    require_files = "/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/${local_part}/filter"
    condition = "${extract \
        {size} \
        {${stat:/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/${local_part}/filter}} \
    }"
    file = /etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/${local_part}/filter
    file_transport = address_file
    directory_transport = address_directory
    reply_transport = address_reply
    router_home_directory = ${extract \
        {5} \
        {::} \
        {${lookup passwd \
            {${lookup \
                {$domain} \
                lsearch{/etc/userdomains} \
                {$value} \
            }} \
            {$value} \
        }} \
    }
    user = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
    group = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
    local_part_suffix =  *
    local_part_suffix_optional
    retry_use_local_part
    no_verify

So here my filters are not working showing this error to me I am not getting about the tained part I had tried all possible from myself

CodePudding user response：

So here I solved this issue by detaining the tained variable.

Here You can use perl untaint like this

${perl{untaint}{$local_part}}

It is also fine but there might be some security risk so I define this line to detaint my local part and domain

BADCHARS = \N[^A-Za-z0-9_.-] \N
SAFELOCALPART = ${lookup{${sg{$local_part}{BADCHARS}{_}}} lsearch*,ret=key{/etc/userdomains}}
SAFEDOMAIN = ${lookup{${sg{$domain}{BADCHARS}{_}}} lsearch*,ret=key{/etc/userdomains}}

So after this my router is

email_filter:
    driver = redirect
    allow_filter
    allow_fail
    forbid_filter_run
    forbid_filter_perl
    forbid_filter_lookup
    forbid_filter_readfile
    forbid_filter_readsocket
    no_check_local_user
    domains = lsearch;/etc/userdomains
    require_files = "/etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/SAFELOCALPART/filter"
    condition = "${extract \
        {size} \
        {${stat:/etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/SAFELOCALPART/filter}} \
    }"
    file = /etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/SAFELOCALPART/filter
    file_transport = address_file
    directory_transport = address_directory
    reply_transport = address_reply
    router_home_directory = ${extract \
        {5} \
        {::} \
        {${lookup passwd \
            {${lookup \
                {$domain} \
                lsearch{/etc/userdomains} \
                {$value} \
            }} \
            {$value} \
        }} \
    }
    user = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
    group = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
    local_part_suffix =  *
    local_part_suffix_optional
    retry_use_local_part
    no_verify

Hope anyone facing same issue will be able to now solve this issue