is per user whitelist/blacklist config and a default whitelist/blacklist possible?

Ken Anderson ka at PACIFIC.NET
Thu Jun 26 18:30:50 IST 2003

Am I correct that these 3 lines are not needed if we are only checking
for one TO address, since this is per user config?

return 1 if $BlackWhite->{$todomain}{$from};
return 1 if $BlackWhite->{$todomain}{$fromdomain};
return 1 if $BlackWhite->{$todomain}{$ip};

For example, I implemented this as a blacklist, including your
suggestion for the default list:

# new lookup by email list
sub LookupByEmailList {
   my($message, $BlackWhite) = @_;
   return 0 unless $message; # Sanity check the input
   # Find the "from" address and the first "to" address
   my($from, $fromdomain, @todomain, $todomain, @to, $to, $ip);
   $from       = $message->{from};
   $fromdomain = $message->{fromdomain};
   @todomain   = @{$message->{todomain}};
   $todomain   = $todomain[0];
   @to         = @{$message->{to}};
   $to         = $to[0];
   $ip         = $message->{clientip};
   # It is in the list if either the exact address is listed,
   # or the domain is listed
   return 1 if $BlackWhite->{$to}{$from};
   return 1 if $BlackWhite->{$to}{$fromdomain};
   return 1 if $BlackWhite->{$to}{$ip};
   return 1 if $BlackWhite->{'default'}{$from};
   return 1 if $BlackWhite->{'default'}{$fromdomain};
   return 1 if $BlackWhite->{'default'}{$ip};
   # It is not in the list
   return 0;

I'll let you know what kind of performance impact it has as we begin to
build user white/blacklists. Am I correct that this all gets loaded into
memory when MailScanner starts, and isn't reloaded unless MailScanner

Ken A.

Julian Field wrote:

> If, just after the "return 1" lines in "LookupByDomainList" in
>, you add
>   return 1 if $BlackWhite->{'default'}{$from};
>   return 1 if $BlackWhite->{'default'}{$fromdomain};
>   return 1 if $BlackWhite->{'default'}{$ip};
> then it will look up things in the "default" black and white lists after it
> checks the user and domain-specific ones.
> If you like, I'll add this to the standard distribution for you, it seems
> like a handy idea.
> At 17:08 26/06/2003, you wrote:
>> I've tested the per user configs (see previous message below) and it
>> seems to work okay. If anyone has any thoughts on this, I'd appreciate
>> it.
>> Next question: Is it possible to have a combination of per user AND a
>> default system wide config for blacklist/whitelist rules, so that
>> user at domain can whitelist and blacklist individual addresses or domains,
>> but a default ruleset containing common whitelisted addresses is
>> maintained for the server to allow standard stuff to come through
>> untouched unless the use specifically blacklists it.
>> Thanks,
>> Ken A.
>>> From
>>> # To enable these functions ....
>>> #   Is Definitely Not Spam = &ByDomainSpamWhitelist
>>> #   Is Definitely Spam     = &ByDomainSpamBlacklist
>>> This gives you simple white blacklist functions for TO: *
>>> Is there any reason why it wouldn't be a good idea to extend this idea
>>> to something like this:
>>> Is Definitely Not Spam = &ByEMailAddressSpamWhitelist
>>> That way, you would have full whitelist/blacklist capability on all
>>> incoming email addresses, since each file would hold the list for a
>>> single TO: address.
>>> Thoughts?
>>> Thanks,
>>> Ken A.
> --
> Julian Field
> Professional Support Services at
> MailScanner thanks transtec Computers for their support

More information about the MailScanner mailing list