https://bugs.exim.org/show_bug.cgi?id=2265
--- Comment #6 from Phil Pennock ---
Viktor notes on exim-users:
---
Thanks for bringing this up. Indeed for DANE it is essential to ignore
any statically configured value and use the "TLSA base domain".
Otherwise, the cert chain you get may well not be
On Wed, 17 Jun 2020, admin--- via Exim-dev wrote:
https://bugs.exim.org/show_bug.cgi?id=2601
--- Comment #2 from marty...@mc2.dev ---
Yes, but why do we trust message body then? Like:
if $message_body matches ""
then
seen finish
endif
The thing I don't get - why is $message_body safer tha
https://bugs.exim.org/show_bug.cgi?id=2601
marty...@mc2.dev changed:
What|Removed |Added
Resolution|--- |INVALID
Status|REOPENED
https://bugs.exim.org/show_bug.cgi?id=2601
marty...@mc2.dev changed:
What|Removed |Added
Resolution|INVALID |---
Status|RESOLVED
https://bugs.exim.org/show_bug.cgi?id=2601
--- Comment #2 from marty...@mc2.dev ---
Yes, but why do we trust message body then? Like:
if $message_body matches ""
then
seen finish
endif
The thing I don't get - why is $message_body safer than $sender_address_domain
?
Thank you.
--
You are
https://bugs.exim.org/show_bug.cgi?id=2601
Jeremy Harris changed:
What|Removed |Added
Resolution|--- |INVALID
Status|NEW
https://bugs.exim.org/show_bug.cgi?id=2601
Bug ID: 2601
Summary: Taint for $sender_address_domain?
Product: Exim
Version: 4.94
Hardware: x86-64
OS: All
Status: NEW
Severity: bug
Priority: medium