spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lorenzo Thurman <lore...@thethurmans.com>
Subject Re: USER_IN_WHITELIST
Date Thu, 07 Jul 2016 21:26:11 GMT


"My Break-Dancing days are over, but there's always the Funky Chicken" -- The Full Monty

> On Jul 7, 2016, at 3:57 PM, Sidney Markowitz <sidney@sidney.com> wrote:
> 
> Lorenzo Thurman wrote on 8/07/16 3:03 AM:
>>> On Jul 7, 2016, at 8:14 AM, Antony Stone <Antony.Stone@spamassassin.open.source.it>
wrote:
>>> \.microsoft\.com$ will match anything ending in ".microsoft.com"
> 
> RW already pointed this out, but to make sure nobody reading this thread
> misses it, the above is wrong because whitelist does not use regexps.
> 
> See
> https://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html#whitelist_and_blacklist_options
> 
> where it says
> 
> "Whitelist and blacklist addresses are now file-glob-style patterns, so
> friend@somewhere.com, *@isp.com, or *.domain.net will all work. Specifically,
> * and ? are allowed, but all other metacharacters are not. Regular expressions
> are not used for security reasons. Matching is case-insensitive.
> 
> Multiple addresses per line, separated by spaces, is OK. Multiple
> whitelist_from lines are also OK."
> 
> Notice the last example there. Spamassassin is parsing out the email addresses
> and matching them with the patterns so you don't have to do tricky stuff like
> *@*.microsoft.com. Specifically, you can use
> 
> whitelist_from *@microsoft.com *.microsoft.com
> 
> which will match what you want but will not match anything@onmicrosoft.com and
> will not match foo.microsoft.com@example.com
> 
> As the page also points out if you can figure out how to use
> whitelistfrom_rcvd instead of whitelist_from it will protect against spammers
> spoofing the From address. Whether you can do that depends on whether the
> domain you are whitelisting has restrictions on what servers can send mail for it.
> 
> Sidney
> 
> 

Thanks for the info. Does anyone know how I can use whitelistfrom_rcvd? I can't find any clear
answers via Google. 

Mime
View raw message