You could also just switch to LMTP instead of LDA.
Aki
On 25/04/2022 16:47 Kirill Miazine km@krot.org wrote:
So my workaround was to create a simple wrapper and call it, instead of dovecot-lda:
$ cat /local/bin/dovecot-lda-wrapper #!/bin/sh exec /usr/local/libexec/dovecot/dovecot-lda
-d "${LOCAL_PART}@${DOMAIN}"
-a "${LOCAL_PART}${LOCAL_PART_SUFFIX}@${DOMAIN}"
-r "${LOCAL_PART}${LOCAL_PART_SUFFIX}@${DOMAIN}"
-f "${SENDER}"Here's how it is called from Exim:
dovecot_pipe: driver = pipe command = /local/bin/dovecot-lda-wrapper # command = /usr/local/libexec/dovecot/dovecot-lda
# -d $local_part@$domain
# -a $local_part$local_part_suffix@$domain
# -r $local_part$local_part_suffix@$domain
# -r $local_part$local_part_suffix@$domain
# -f $return_path• Kirill Miazine [2022-04-25 14:36]:
Hi, all
The just released RC0 for Exim 4.96 will break Dovecot LDA delivery as described on https://wiki.dovecot.org/LDA/Exim
Here is the relevant ChangeLog entry:
JH/25 Taint-check exec arguments for transport-initiated external processes. Previously, tainted values could be used. This affects "pipe", "lmtp" and "queryprogram" transport, transport-filter, and ETRN commands. The ${run} expansion is also affected: in "preexpand" mode no part of the command line may be tainted, in default mode the executable name may not be tainted.
As of now I don't have a personal working solution to get untained data. I did try a small hack, but Exim was smart enough to see what I was doing.
-- -- Kirill Miazine km@krot.org
-- -- Kirill Miazine km@krot.org