Here my filter in centos is not working can anyone help me with it.
soft@204.compilor.com cannot be resolved at this time: Tainted name '/etc/exim/users/soft/204.compilor.com/soft/filter' for file read not permitted
This is my issue which I get
My router
email_filter:
driver = redirect
allow_filter
allow_fail
forbid_filter_run
forbid_filter_perl
forbid_filter_lookup
forbid_filter_readfile
forbid_filter_readsocket
no_check_local_user
domains = lsearch;/etc/userdomains
require_files = "/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/${local_part}/filter"
condition = "${extract \
{size} \
{${stat:/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/${local_part}/filter}} \
}"
file = /etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/${local_part}/filter
file_transport = address_file
directory_transport = address_directory
reply_transport = address_reply
router_home_directory = ${extract \
{5} \
{::} \
{${lookup passwd \
{${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}} \
{$value} \
}} \
}
user = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
group = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
local_part_suffix = +*
local_part_suffix_optional
retry_use_local_part
no_verify
So here my filters are not working showing this error to me I am not getting about the tained part I had tried all possible from myself
So here I solved this issue by detaining the tained variable.
Here You can use perl untaint like this
${perl{untaint}{$local_part}}
It is also fine but there might be some security risk so I define this line to detaint my local part and domain
BADCHARS = \N[^A-Za-z0-9_.-]+\N
SAFELOCALPART = ${lookup{${sg{$local_part}{BADCHARS}{_}}} lsearch*,ret=key{/etc/userdomains}}
SAFEDOMAIN = ${lookup{${sg{$domain}{BADCHARS}{_}}} lsearch*,ret=key{/etc/userdomains}}
So after this my router is
email_filter:
driver = redirect
allow_filter
allow_fail
forbid_filter_run
forbid_filter_perl
forbid_filter_lookup
forbid_filter_readfile
forbid_filter_readsocket
no_check_local_user
domains = lsearch;/etc/userdomains
require_files = "/etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/SAFELOCALPART/filter"
condition = "${extract \
{size} \
{${stat:/etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/SAFELOCALPART/filter}} \
}"
file = /etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/SAFELOCALPART/filter
file_transport = address_file
directory_transport = address_directory
reply_transport = address_reply
router_home_directory = ${extract \
{5} \
{::} \
{${lookup passwd \
{${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}} \
{$value} \
}} \
}
user = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
group = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
local_part_suffix = +*
local_part_suffix_optional
retry_use_local_part
no_verify
Hope anyone facing same issue will be able to now solve this issue