wildcards in whitelist

[mikea]

On Fri, Feb 16, 2007 at 10:02:48AM +0100, shuttlebox wrote:
> On 2/15/07, mikea <mikea at mikea.ath.cx> wrote:
> >I think it does. Typically, I'll use whitelist entries in this form:
> >
> >FromOrTo:       *@domain.com            yes
> >
> >to catch the case in which good mail comes directly from domain.com,
> >and
> >
> >FromOrTo:       *@*.domain.com          yes
> >
> >for cases in which all subdomains send good mail.
> 
> Shouldn't just *domain.com cover that?

No. 

*boo.com would cover boo.com, a.boo.com, and so on, but also would 
cover aboo.com, taboo.com, cariboo.com, and other possibly undesirable
cases. The "." is important.

My boss fell into a similar trap a year back, telling me to block all
mail that matched /cialis/i and not realizing that he'd have me block
these words:

anarchosocialist, antisocialist, antisocialistic, antisocialistically,
artificialism, biracialism, brain specialist, commercialism,
commercialist, commercialistic, face specialist, financialist,
foot specialist, glacialism, glacialist, guild socialism,
guild socialist, guild-socialistic, interracialism, nonsocialist,
nonsocialistic, nonspecialist, officialism, presocialism,
presocialist, prespecialist, provincialism, provincialist,
pseudo officialism, pseudo socialism, pseudo socialist, pseudo specialist,
pseudosocialistic, quasi socialist, quasi specialist, racialism,
racialist, semisocialism, socialism, socialist,
socialistic, specialism, specialist, specialistic,
state-socialist, sternofacialis, subspecialist, superficialism,
superficialist, unsocialism, unsocialistic

Similar problems exist for other regular expressions, and even I 
sometimes block things I shouldn't. 

The delimiters are important.

Or am I answering the question you asked? 

-- 
Mike Andrews, W5EGO
mikea at mikea.ath.cx
Tired old sysadmin