From: Heiko Schlittermann (HS12-RIPE) Date: Sat, 3 Apr 2021 07:29:13 +0000 (+0200) Subject: update doc X-Git-Url: https://git.exim.org/users/heiko/exim.git/commitdiff_plain/3a06d0148235262301a342c4af37f024820b126f update doc --- diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index a76103688..5d368654a 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -237,6 +237,14 @@ failure report bounce message + + de-tainting + tainting, de-tainting + + + detainting + tainting, de-tainting + dialup intermittently connected hosts @@ -9578,6 +9586,8 @@ reasons, and expansion of data deriving from the sender (&"tainted data"&) .new is not permitted (including acessing a file using a tainted name). +The main config option &%allow_insecure_tainted_data%& can be used as +mitigation during uprades to more secure configurations. .wen .new @@ -14557,6 +14567,7 @@ listed in more than one group. .section "Miscellaneous" "SECID96" .table2 .row &%add_environment%& "environment variables" +.row &%allow_insecure_tainted_data%& "turn taint errors into warnings" .row &%bi_command%& "to run for &%-bi%& command line option" .row &%debug_store%& "do extra internal checks" .row &%disable_ipv6%& "do no IPv6 processing" @@ -15167,6 +15178,18 @@ domains (defined in the named domain list &%local_domains%& in the default configuration). This &"magic string"& matches the domain literal form of all the local host's IP addresses. +.new +.option allow_insecure_tainted_data main boolean false +.cindex "de-tainting" +.oindex "allow_insecure_tainted_data" +The handling of tainted data may break older (pre 4.94) configurations. +Setting this option to "true" turns taint errors (which result in a temporary +message rejection) into warnings. This option is meant as mitigation only +and deprecated already today. Future releases of Exim may ignore it. +The &%taint%& log selector can be used to suppress even the warnings. +.wen + + .option allow_mx_to_ip main boolean false .cindex "MX record" "pointing to IP address" @@ -38646,6 +38669,7 @@ selection marked by asterisks: &` smtp_protocol_error `& SMTP protocol errors &` smtp_syntax_error `& SMTP syntax errors &` subject `& contents of &'Subject:'& on <= lines +&`*taint `& taint errors or warnings &`*tls_certificate_verified `& certificate verification status &`*tls_cipher `& TLS cipher suite on <= and => lines &` tls_peerdn `& TLS peer DN on <= and => lines @@ -39044,6 +39068,11 @@ using a CA trust anchor, &`CV=dane`& if using a DNS trust anchor, and &`CV=no`& if not. .next +.cindex "log" "Taint warnings" +&%taint%&: Log warnings about tainted data. This selector can't be +turned of if &%allow_insecure_tainted_data%& is false (which is the +default). +.next .cindex "log" "TLS cipher" .cindex "TLS" "logging cipher" &%tls_cipher%&: When a message is sent or received over an encrypted diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 50f7b4357..0edba6664 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -48,6 +48,9 @@ Version 4.95 13. Option "smtp_accept_msx_per_connection" is now expanded. +13. A main config option "allow_insecure_tainted_data" allows to turn + taint errors into warnings. + Version 4.94 ------------