Catch 22 Whitelist & BlackList
Julian Field
mailscanner at ecs.soton.ac.uk
Tue Apr 15 21:31:51 IST 2003
At 18:55 15/04/2003, you wrote:
>Clarification then, please:
>
>A match for a "yes" and a match for a "no" are both matches, and will then
>terminate the scan through the table of whitelists and proceed to the
>blacklist to scan for matches (which you have indicated will override the
>whitelist match)?
The rules are processed in top to bottom order until any rule matches
(whether it's a yes or a no). If no rule matches after all have been tried,
the "default" rule value is used.
I'm just checking the code right now. What happens is this:
Is the sender address whitelisted? If so, then get out and don't do any
more spam checks.
Is the sender address blacklisted? If so, then get out and don't do any
more spam checks.
Do the RBL checks, then the SA checks.
So my previous message was wrong. The whitelist is done first.
Having "yes" in the whitelist and "yes" in the blacklist will cause the
message to be whitelisted.
>I have to say to all: I never imagined the many ways to use MailScanner when
>I first started using it. The flexibility of this application is amazing
>once you learn the ins and outs.
The configuration system is not quite as flexible as I would like (you
can't write expressions in it) but it's 99% there, which is quite good
enough for most people most of the time. And if I had written expression
support in it, I bet that only a few people would ever work out how to use
it anyway. Which is why the Custom Function support is there, so you can
implement anything else you like.
>Thank you very much
Pleasure.
>----- Original Message -----
>From: "Julian Field" <mailscanner at ECS.SOTON.AC.UK>
>To: <MAILSCANNER at JISCMAIL.AC.UK>
>Sent: Monday, April 14, 2003 3:27 PM
>Subject: Re: Catch 22 Whitelist & BlackList
>
>
> > The rules are processed in top to bottom order. The default rule is used
> > only if none of the other rules match. The whitelist check is done before
> > the blacklist check, and will over-ride it.
> >
> > At 19:50 14/04/2003, you wrote:
> > >We have someone spoofing mail to and from a particular user at one of our
> > >domains. I would like to get rid of all of this mail. Some of this is
> > >spoofed to the user and some is bounced back to the user. I can not
>locate
> > >where it is originating. If I set up whitelisting such as:
> > >
> > >FromOrTo: <mailto:BadUser at our.domain>BadUser at our.domain no
> > >FromOrTo: <mailto:*@our.domain>*@our.domain yes
> > >FromOrTo: default no
> > >
> > >and blacklist such as:
> > >
> > >FromOrTo: <mailto:BadUser at our.domain>BadUser at our.domain yes
> > >FromOrTo: default no
> > >
> > >Will this allow all mail from everyone at our.domain to pass either way
> > >with the exception of <mailto:BadUser at our.domain>BadUser at our.domain?
> > >
> > >Steve Campbell
> > ><mailto:campbell at cnpapers.com>campbell at cnpapers.com
> >
> > --
> > Julian Field
> > www.MailScanner.info
> > Professional Support Services at www.MailScanner.biz
> > MailScanner thanks transtec Computers for their support
--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
More information about the MailScanner
mailing list