Try and detaint messages.openstreetmap.org deliveries

author Tom Hughes <tom@compton.nu>

Wed, 20 Mar 2024 17:43:10 +0000 (17:43 +0000)

committer Tom Hughes <tom@compton.nu>

Wed, 20 Mar 2024 17:43:10 +0000 (17:43 +0000)
author Tom Hughes <tom@compton.nu>
Wed, 20 Mar 2024 17:43:10 +0000 (17:43 +0000)
committer Tom Hughes <tom@compton.nu>
Wed, 20 Mar 2024 17:43:10 +0000 (17:43 +0000)
diff --git a/cookbooks/exim/recipes/default.rb b/cookbooks/exim/recipes/default.rb

index 6ac19107f1d8a11ba7bd1dbe17f78c8e478b9353..7354e93d363d2daf763cfc096213db53f7e3e6a1 100644 (file)
--- a/cookbooks/exim/recipes/default.rb
+++ b/cookbooks/exim/recipes/default.rb
@@ -131,6 +131,13 @@ file "/etc/exim4/blocked-sender-domains" do
    mode "644"
  end
  
+file "/etc/exim4/detaint" do
+  owner "root"
+  group "Debian-exim"
+  mode "644"
+  content "*"
+end
+
  if node[:exim][:dkim_selectors]
    keys = data_bag_item("exim", "dkim")
  
diff --git a/roles/web-frontend.rb b/roles/web-frontend.rb

index b6d80ae8c2fb04a1b9b8a9179d0d9ae55dd87a39..b5597adb67278a6628e506ad382d778308e2330f 100644 (file)
--- a/roles/web-frontend.rb
+++ b/roles/web-frontend.rb
@@ -38,7 +38,7 @@ default_attributes(
        :messages => {
          :comment => "messages.openstreetmap.org",
          :domains => ["messages.openstreetmap.org"],
-        :local_parts => ["^c-(\\\\d+)-(\\\\d+)-(.*)\\$", "^m-(\\\\d+)-(.*)\\$"],
+        :local_parts => ["${lookup{$local_part}lsearch*,ret=key{/etc/exim4/detaint}}"],
          :command => "/usr/local/bin/deliver-message $local_part_data",
          :user => "rails",
          :group => "rails",
author	Tom Hughes <tom@compton.nu>
	Wed, 20 Mar 2024 17:43:10 +0000 (17:43 +0000)
committer	Tom Hughes <tom@compton.nu>
	Wed, 20 Mar 2024 17:43:10 +0000 (17:43 +0000)
cookbooks/exim/recipes/default.rb		patch \| blob \| history
roles/web-frontend.rb		patch \| blob \| history