Bug#1140099: exim4-daemon-heavy: regression in 4.98.2-1+deb13u3 - bare filename in router domains condition no longer treated as implicit lsearch

[Terry Roy]

Package: exim4-daemon-heavy
Version: 4.98.2-1+deb13u3
Severity: important

Dear Maintainer,

The security update to exim4 4.98.2-1+deb13u3 (trixie-security, installed
2026-06-15) introduced a regression in virtual alias routing for sites using
a bare filename in the `domains` condition of Exim routers.

** Symptoms

Virtual alias addresses are rejected with:

  550 5.1.1 Bad destination mailbox address

`exim4 -d -bt user at domain` shows the virtual_aliases router being skipped
with "domains mismatch" despite the domain being present in the domains file.

** Configuration

The virtual_aliases router had:

  domains = VIRTDIR/domains

where VIRTDIR expands to /etc/exim4/virtual. This configuration worked
correctly under all previous versions of exim4 in trixie.

** Root cause

In 4.98.2-1+deb13u3, a bare filename in a domains list is no longer treated
as an implicit lsearch. The string is matched literally, so no domain ever
matches. The debug trace confirms this:

  cfsg.net in domains?
   list element: /etc/exim4/virtual/domains
  cfsg.net in domains? no (end of list)
  virtual_aliases router skipped: domains mismatch

Note that the domainlist declaration for local_domains in the same config
uses the explicit prefix and was unaffected:

  domainlist local_domains = @ : localhost : lsearch;/etc/exim4/virtual/domains

** Workaround

Adding the explicit lsearch; prefix to the router domains condition restores
correct behavior:

  domains = lsearch;VIRTDIR/domains

** Impact

Any site using a bare filename (without explicit lookup type prefix) in a
router domains condition will silently lose routing for those domains after
this update. Virtual alias setups following the pattern documented in the
Exim4 Debian split configuration examples are likely affected.

** Reproducibility

Confirmed on Debian trixie, exim4-daemon-heavy 4.98.2-1+deb13u3,
monolithic config. Routing worked correctly prior to this update with the
same configuration.

Regards,
Terry Roy

File it with:

-- Package-specific info:
Exim version 4.98.2 #2 built 27-May-2026 16:58:40
Copyright (c) University of Cambridge, 1995 - 2018
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2024
Hints DB:
 Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: Content_Scanning crypteq Expand_dlfunc iconv() IPv6 PAM Perl GnuTLS move_frozen_messages TLS_resume DANE DKIM DNSSEC ESMTP_Limits ESMTP_Wellknown Event I18N OCSP PIPECONNECT PRDR PROXY Queue_Ramp SOCKS SPF SRS TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite
Authenticators: cram_md5 cyrus_sasl dovecot external plaintext spa tls
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Malware: f-protd f-prot6d drweb fsecure sophie clamd avast sock cmdline
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
Configuration file search path is /etc/exim4/exim4.conf:/var/lib/exim4/config.autogenerated
Configuration file is /etc/exim4/exim4.conf
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
#
# Please note that this is _not_ a dpkg-conffile and that automatic changes
# to this file might happen. The code handling this will honor your local
# changes, so this is usually fine, but will break local schemes that mess
# around with multiple versions of the file.
#
# update-exim4.conf uses this file to determine variable values to generate
# exim configuration macros for the configuration file.
#
# Most settings found in here do have corresponding questions in the
# Debconf configuration, but not all of them.
#
# This is a Debian specific file

dc_eximconfig_configtype='local'
dc_other_hostnames='localhost'
dc_local_interfaces='127.0.0.1 ; ::1'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'
mailname:localhost
# /etc/default/exim4
EX4DEF_VERSION=''

# 'combined' -	 one daemon running queue and listening on SMTP port
# 'no'       -	 no daemon running the queue
# 'separate' -	 two separate daemons
# 'ppp'      -   only run queue with /etc/ppp/ip-up.d/exim4.
# 'nodaemon' - no daemon is started at all.
# 'queueonly' - only a queue running daemon is started, no SMTP listener.
# setting this to 'no' will also disable queueruns from /etc/ppp/ip-up.d/exim4
QUEUERUNNER='combined'
# how often should we run the queue
QUEUEINTERVAL='30m'
# options common to quez-runner and listening daemon
COMMONOPTIONS=''
# more options for the daemon/process running the queue (applies to the one
# started in /etc/ppp/ip-up.d/exim4, too.
QUEUERUNNEROPTIONS=''
# special flags given to exim directly after the -q. See exim(8)
QFLAGS=''
# Options for the SMTP listener daemon. By default, it is listening on
# port 25 only. To listen on more ports, it is recommended to use
# -oX 25:587:10025 -oP /run/exim4/exim.pid
#SMTPLISTENEROPTIONS=''
SMTPLISTENEROPTIONS='-oX 25:465 -oP /var/run/exim4/exim.pid'
# for debugging
#SMTPLISTENEROPTIONS='-d+transports -oX 25:465 -oP /var/run/exim4/exim.pid'
#SMTPLISTENEROPTIONS='-d+auth -oX 25:465 -oP /var/run/exim4/exim.pid'

-- System Information:
Debian Release: 13.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.12.90+deb13.1-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages exim4-daemon-heavy depends on:
ii  debconf [debconf-2.0]  1.5.91
ii  exim4-base             4.98.2-1+deb13u3
ii  libc6                  2.41-12+deb13u3
ii  libcrypt1              1:4.4.38-1
ii  libdb5.3t64            5.3.28+dfsg2-9
ii  libgnutls-dane0t64     3.8.9-3+deb13u4
ii  libgnutls30t64         3.8.9-3+deb13u4
ii  libidn12               1.43-1
ii  libidn2-0              2.3.8-2
ii  libldap2               2.6.10+dfsg-1
ii  libmariadb3            1:11.8.6-0+deb13u1
ii  libnsl2                1.3.0-3+b3
ii  libpam0g               1.7.0-5
ii  libpcre2-8-0           10.46-1~deb13u1
ii  libperl5.40            5.40.1-6
ii  libpq5                 17.10-0+deb13u1
ii  libsasl2-2             2.1.28+dfsg1-9
ii  libspf2-2t64           1.2.10-8.3
ii  libsqlite3-0           3.46.1-7+deb13u1

exim4-daemon-heavy recommends no packages.

exim4-daemon-heavy suggests no packages.

-- debconf information:
  exim4-daemon-heavy/drec: