• Jeremy Harris via Exim-users [2022-07-20 15:54]: > On 20/07/2022 15:37, Kirill Miazine via Exim-users wrote: > > IIRC Mailman has some facility to generate aliases file, which Exim > > could be using. Mailman is able to generate those automatically, and > > that should make the taint checking happy, as there won't be any unsafe > > variables left. > > Getting a file out of Mailman to verify recipient names against would be > ideal. > You want also to use a static list of possible affixes, rather than a > wildcard.
Again, if my memory serves me right, Mailman may generates an alias file in the form of: list: command-without-variables list-owner: command-without-variables list-bounce: command-without-variables list-foo: command-without-variables So it will include both list name and all applicable suffixes. > Handling initial signups for a list, where you don't have a known name > to verify, seems like it could be an issue. There shouldn't be any issues with this one, should there? list-bounce+*: command-without-variables > Still, do a proper job on all the possible other cases first, to > reduce the attack surface, *before* resorting to deliberately > subverting Exim's attempts to provide security. > > These attempts are not perfect; there are ways of evading them. But do > not forget the log4j fracas. > > > Looking > > athttps://bazaar.launchpad.net/~mailman-coders/mailman/2.1/files/head:/Mailman/MTA > > it seems you'd have to say that your MTA is Postfix. > > :-( That would be ironic: descripe a setup for Exim and specify MTA to be Postfix. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/