[exim-dev] [Bug 2265] TLS SNI not auto-set for DANE clients

https://bugs.exim.org/show_bug.cgi?id=2265 --- Comment #6 from Phil Pennock --- Viktor notes on exim-users: --- Thanks for bringing this up. Indeed for DANE it is essential to ignore any statically configured value and use the "TLSA base domain". Otherwise, the cert chain you get may well not be

Re: [exim-dev] [Bug 2601] Taint for $sender_address_domain?

On Wed, 17 Jun 2020, admin--- via Exim-dev wrote: https://bugs.exim.org/show_bug.cgi?id=2601 --- Comment #2 from marty...@mc2.dev --- Yes, but why do we trust message body then? Like: if $message_body matches "" then seen finish endif The thing I don't get - why is $message_body safer tha

[exim-dev] [Bug 2601] Taint for $sender_address_domain?

https://bugs.exim.org/show_bug.cgi?id=2601 marty...@mc2.dev changed: What|Removed |Added Resolution|--- |INVALID Status|REOPENED

[exim-dev] [Bug 2601] Taint for $sender_address_domain?

https://bugs.exim.org/show_bug.cgi?id=2601 marty...@mc2.dev changed: What|Removed |Added Resolution|INVALID |--- Status|RESOLVED

[exim-dev] [Bug 2601] Taint for $sender_address_domain?

https://bugs.exim.org/show_bug.cgi?id=2601 --- Comment #2 from marty...@mc2.dev --- Yes, but why do we trust message body then? Like: if $message_body matches "" then seen finish endif The thing I don't get - why is $message_body safer than $sender_address_domain ? Thank you. -- You are

[exim-dev] [Bug 2601] Taint for $sender_address_domain?

https://bugs.exim.org/show_bug.cgi?id=2601 Jeremy Harris changed: What|Removed |Added Resolution|--- |INVALID Status|NEW

[exim-dev] [Bug 2601] New: Taint for $sender_address_domain?

https://bugs.exim.org/show_bug.cgi?id=2601 Bug ID: 2601 Summary: Taint for $sender_address_domain? Product: Exim Version: 4.94 Hardware: x86-64 OS: All Status: NEW Severity: bug Priority: medium