ファイルデータが汚染される問題に直面しています。 $domainの代わりに$domain_dataを試してみましたが、まだ汚染されたデータを修正することはできません。
エラーログ main.log
2022-09-06 12:55:31 1oVdjO-000WZa-39 => info <[email protected]> R=localuser T=local_delivery
2022-09-06 12:55:31 1oVdjO-000WZa-39 == [email protected] R=autoreplay T=userautoreply defer (13): Permission denied: Tainted '/etc/exim/domains/example.com/autoreply.info.msg' (file for userautoreply transport) not permitted
ドメイン名(下図)を手動で転送に入れると正常に動作します。
# TRANSPORTS CONFIGURATION
userautoreply:
driver = autoreply
file = /etc/exim/domains/example.com/autoreply.info.msg
debug_print = "${local_part}@${domain}"
from = "${local_part}@${domain}"
headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
to = "${sender_address}"
exexの設定は次のとおりです。
ドメイン名リスト
domainlist local_domains = lsearch;/etc/localdomains
domainlist relay_to_domains = +local_domains
localpartlist path_safe_localparts = \N^\.*[^./][^/]*$\N
# ROUTERS CONFIGURATION
autoreplay:
driver = accept
require_files = /etc/exim/domains/${lookup{$domain_data}dsearch{/etc/exim/domains/}}/autoreply.${local_part}.msg
condition = ${if exists{/etc/exim/domains/${lookup{$domain_data}dsearch{/etc/exim/domains/}}/autoreply.${local_part}.msg}{yes}{no}}
domains = !$primary_hostname : +local_domains
local_parts = +path_safe_localparts
retry_use_local_part
transport = userautoreply
unseen
以下はデバッグログです。
12:49:31.797 124677 --------> autoreplay router <--------
12:49:31.797 124677 local_part=info domain=example.com
12:49:31.797 124677 checking domains
12:49:31.798 124677 ╭considering: !$primary_hostname : +local_domains
12:49:31.798 124677 ├───────text: !
12:49:31.798 124677 ├considering: $primary_hostname : +local_domains
12:49:31.798 124677 ├considering: : +local_domains
12:49:31.798 124677 ├───────text: : +local_domains
12:49:31.798 124677 ├──expanding: !$primary_hostname : +local_domains
12:49:31.798 124677 ╰─────result: !localhost.localdomain : +local_domains
12:49:31.798 124677 cached yes match for +local_domains
12:49:31.798 124677 cached lookup data =
12:49:31.798 124677 example.com in "!localhost.localdomain : +local_domains"? yes (matched "+local_domains" - cached)
12:49:31.798 124677 checking local_parts
12:49:31.798 124677 ╭considering: \N^\.*[^./][^/]*$\N
12:49:31.798 124677 ├──protected: ^\.*[^./][^/]*$
12:49:31.798 124677 ├──expanding: \N^\.*[^./][^/]*$\N
12:49:31.798 124677 ╰─────result: ^\.*[^./][^/]*$
12:49:31.798 124677 info in "^\.*[^./][^/]*$"? yes (matched "^\.*[^./][^/]*$")
12:49:31.798 124677 info in "+path_safe_localparts"? yes (matched "+path_safe_localparts")
12:49:31.798 124677 checking require_files
12:49:31.798 124677 ╭considering: /etc/exim/domains/${lookup{$domain_data}dsearch{/etc/exim/domains/}}/autoreply.${local_part}.msg
12:49:31.798 124677 ├───────text: /etc/exim/domains/
12:49:31.798 124677 ├considering: ${lookup{$domain_data}dsearch{/etc/exim/domains/}}/autoreply.${local_part}.msg
12:49:31.798 124677 ╭considering: $domain_data}dsearch{/etc/exim/domains/}}/autoreply.${local_part}.msg
12:49:31.798 124677 ├considering: }dsearch{/etc/exim/domains/}}/autoreply.${local_part}.msg
12:49:31.798 124677 ├──expanding: $domain_data
12:49:31.798 124677 ╰─────result:
12:49:31.798 124677 ╭considering: /etc/exim/domains/}}/autoreply.${local_part}.msg
12:49:31.798 124677 ├───────text: /etc/exim/domains/
12:49:31.798 124677 ├considering: }}/autoreply.${local_part}.msg
12:49:31.798 124677 ├──expanding: /etc/exim/domains/
12:49:31.798 124677 ╰─────result: /etc/exim/domains/
12:49:31.798 124677 search_open: dsearch "/etc/exim/domains/"
12:49:31.798 124677 search_find: file="/etc/exim/domains/"
12:49:31.798 124677 key="" partial=-1 affix=NULL starflags=0 opts=NULL
12:49:31.798 124677 LRU list:
12:49:31.798 124677 5/etc/exim/domains/
12:49:31.798 124677 :/etc/localdomains
12:49:31.798 124677 End
12:49:31.798 124677 internal_search_find: file="/etc/exim/domains/"
12:49:31.798 124677 type=dsearch key="" opts=NULL
12:49:31.798 124677 ├───item-res:
12:49:31.798 124677 ├considering: /autoreply.${local_part}.msg
12:49:31.798 124677 ├───────text: /autoreply.
12:49:31.798 124677 ├considering: ${local_part}.msg
12:49:31.798 124677 ├considering: .msg
12:49:31.798 124677 ├───────text: .msg
12:49:31.798 124677 ├──expanding: /etc/exim/domains/${lookup{$domain_data}dsearch{/etc/exim/domains/}}/autoreply.${local_part}.msg
12:49:31.798 124677 ╰─────result: /etc/exim/domains//autoreply.info.msg
12:49:31.798 124677 ╰──(tainted)
12:49:31.798 124677 file check: /etc/exim/domains/${lookup{$domain_data}dsearch{/etc/exim/domains/}}/autoreply.${local_part}.msg
12:49:31.798 124677 expanded file: /etc/exim/domains//autoreply.info.msg
12:49:31.798 124677 stat() yielded -1
12:49:31.798 124677 errno = 2
12:49:31.798 124677 autoreplay router skipped: file check
12:49:31.798 124677 --------> aliases router <--------
12:49:31.798 124677 local_part=info domain=example.com
12:49:31.798 124677 checking require_files
12:49:31.798 124677 ╭considering: /etc/exim/domains/$domain/aliases
12:49:31.798 124677 ├───────text: /etc/exim/domains/
12:49:31.798 124677 ├considering: $domain/aliases
12:49:31.798 124677 ├considering: /aliases
12:49:31.798 124677 ├───────text: /aliases
12:49:31.798 124677 ├──expanding: /etc/exim/domains/$domain/aliases
12:49:31.798 124677 ╰─────result: /etc/exim/domains/example.com/aliases
12:49:31.798 124677 ╰──(tainted)
12:49:31.798 124677 file check: /etc/exim/domains/$domain/aliases
12:49:31.798 124677 expanded file: /etc/exim/domains/example.com/aliases
12:49:31.798 124677 stat() yielded -1
12:49:31.798 124677 errno = 2
12:49:31.798 124677 aliases router skipped: file check
答え1
私はlocal_partが汚染されていると考えています。 ${local_part}を${local_part_data}に置き換える必要があります。