Bug#989260: exim4-config: Default configuration enables sieve filters but cannot deliver from them

anomie at users.sourceforge.net anomie at users.sourceforge.net
Sun May 30 16:51:58 BST 2021 

Package: exim4-config
Version: 4.94.2-6

The default configuration provided by exim4-config allows for sieve
filters to be used in ~/.forward, but if a user attempts to configure
such a filter their mail delivery will most likely break.

More specifically, the keep action (including the default "keep" when
nothing matches the filter) will fail to deliver mail with an error
along the lines of

  2021-05-30 15:17:10 1lnNBd-0000rr-U4 == save inbox <test at localhost> R=userforward T=address_file defer (-21): appendfile: file or directory name "inbox" is not absolute

Most uses of a fileinto action will do the same, unless the user
specifies an absolute path to the desired mailbox file rather than the
plain mailbox name that the sieve specification calls for.

This can be tested as follows, using `docker run --rm -it debian:sid`:

  # Install exim
  apt-get update
  apt-get -y install dialog
  apt-get -y install exim4

  # Create test user and .forward file
  useradd --create-home test
  touch /home/test/.forward
  chown test.test /home/test/.forward
  chmod 0644 /home/test/.forward

  # Test 1: Default "keep", should deliver to /var/mail/test but fails
  echo '# Sieve filter' > /home/test/.forward
  mail test at localhost <<<"Testing"
  sleep 1

  # Test 2: Relative folder name, should deliver to /home/test/mail/testing but fails
  echo '# Sieve filter' > /home/test/.forward
  echo 'require "fileinto";' >> /home/test/.forward
  echo 'fileinto "testing";' >> /home/test/.forward
  mail test at localhost <<<"Testing 2"
  sleep 1

  # Test 3: Absolute path, will deliver to /home/test/somefile
  echo '# Sieve filter' > /home/test/.forward
  echo 'require "fileinto";' >> /home/test/.forward
  echo 'fileinto "/home/test/somefile";' >> /home/test/.forward
  mail test at localhost <<<"Testing 3"
  sleep 1

  # Show logs
  cat /var/log/exim4/mainlog

Adding the following to the "address_file" transport seems to fix it:

  group = mail
  file = ${if eq{$address_file}{inbox} \
           {/var/mail/$local_part_data} \
           {${if eq{${substr_0_1:$address_file}}{/} \
             {$address_file} \
             {$home/mail/$address_file} \
           }} \
         }

Or if you'd rather just disable sieve filters by default (so manual
configuration is needed to enable them), you might set
`forbid_sieve_filter` in the "userforward" router.

P.S. README.SIEVE.gz needs updating for the taint change in 4.94-18, it
uses $local_part rather than $local_part_data.

More information about the Pkg-exim4-maintainers mailing list