[plug] Another gem

Brad Campbell brad at fnarfbargle.com
Fri Aug 30 16:33:35 AWST 2024 

So Exim 4.94 introduces "tainted" variables. I upgrade all my servers and vms to the latest Devuan a couple of days ago, and most have Exim 4.92 (thankfully).
When I upgraded my main mail outbound relay I inadvertently included the backports repository which installed Exim 4.94. This server also happens to be my secondary. Cue a series of "Bounce probes" from vger.kernel.org lists and I thought I'd best take a look.

I have a relatively simple mail domain management system that relies on some tricky lookups of a few flat files to see if the address is valid (hate a secondary that accepts anything then passes it to the primary which then bounces is), and where to route it to.

Exim 4.94 taint checking breaks this in horrible and non-obvious ways with absolutely no warning. Again, thank $deity I didn't upgrade the primary.
Message from Exim-Users (thanks for the heads up boys!)

===
As many of you may have noticed, with the release of 4.94 we introduced
strict checks for the data Exim uses in expansions. This broke old
configurations that used "tainted" data.

Unfortunately the introduction of these taint checks wasn't communicated
very well, and as not all of you were able to test the release
candidates, we understand that this "breaking" change was unexpected to
a majority of our user base. (Or will be, in case of Debian, which
currently ships 4.92, but having 4.94 already in its backports.)  <----- *boom*

The traffic on the mailing lists indicated that there are issues with
these taint checks. A good share of the issues was caused by broken
builds. But another share of the issues arose due to suddenly broken
configurations. 
===

As I'm not an Exim whiz and I wrote these routers about 10 years ago I've forgotten everything I learned about Exim config parsing and routing, so I'm back on the learning curve. Because of the way I learn there's a lot of progressive trial end error involved, and frankly I'm sick to death of trying to communicate with an SMTP server using telnet. I spent a while digging and came across this little gem : https://github.com/mludvig/smtp-cli

A very basic, but complete smtp command line client that will send anything anywhere in an easily configurable and repeatable manner. Add that with bash history and repeated tests become "up arrow; enter" rather than a manual telnet interaction.

./smtp-cli --server=1.2.3.4:25 --from=mon at fred.com --to=brad at fred.com --subject="Test Mesage" --body="Boo"

What a pleasure. At least the boss is out tonight, so I get so watch the F1 & MotoGP while boning up on my Exim config again.

Oh, if you are a Debian/Devuan user who uses custom configs in Exim, heads-up!

Regards,
Brad

More information about the plug mailing list