wildcards in whitelist

Glenn Steen glenn.steen at gmail.com
Fri Feb 16 10:38:27 CET 2007


On 16/02/07, shuttlebox <shuttlebox at gmail.com> wrote:
> On 2/15/07, mikea <mikea at mikea.ath.cx> wrote:
> > I think it does. Typically, I'll use whitelist entries in this form:
> >
> > FromOrTo:       *@domain.com            yes
> >
> > to catch the case in which good mail comes directly from domain.com,
> > and
> >
> > FromOrTo:       *@*.domain.com          yes
> >
> > for cases in which all subdomains send good mail.
>
> Shouldn't just *domain.com cover that?
>
Good question. ISTR Jules expostulating on that subject in the distant
past... so I'd assume a list search could turn some nice tidbits up.
One obvious flaw with the above would be that then "example.net" and
"badexample.net", which are different domains, would likely both match
that statement. Perhaps not what one wants. Better to have two lines
then (one for *@exmple.net, the other for *@*.example.net). As usual,
I might be wrong:-).

Another good question is whether one should use envelope address
whitelisting at all. Combined with IP addresses or perhaps a "From:
... AND To: ..." construct, but not just plain sender (easily spoofed,
one would need other measures to be sure that it couldn't be the case,
IMO).

-- 
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se


More information about the MailScanner mailing list