wildcards in whitelist

Furnish, Trever G TGFurnish at herffjones.com
Mon Feb 26 16:34:37 CET 2007 

Thanks, Glenn.  I didn't even realize those options for the MailScanner
executable existed.  That'll be useful in the future.

--
Trever


> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info 
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf 
> Of Glenn Steen
> Sent: Friday, February 23, 2007 3:35 AM
> To: MailScanner discussion
> Subject: Re: wildcards in whitelist
> 
> On 22/02/07, Furnish, Trever G <TGFurnish at herffjones.com> wrote:
> > Aren't they supposed to be perl regexes, and in that case, doesn't 
> > .boo.com still match aboo.com?
> >
> > In perl (and most other regex implementations AFAIK) the period 
> > represents a single occurance of (almost) any character, so the 
> > following command line:
> >
> >         echo aboo | perl -ne 'print "yes\n" if (/.boo/)'
> >
> > ...does in fact print "yes".  If you don't want . to match 'any 
> > character', then you should escape it with a backslash.
> >
> > Actually I've wondered frequently whether this weren't a mistake in 
> > the MailScanner examples, but have never taken the time to 
> > go through 
> > the code and decide for certain.  There is an occurance of 
> > "\." in the 
> > rules/EXAMPLES file for escaping the periods between octets 
> > in an ip 
> > address.  I don't see anything to indicate that it 
> > shouldn't also be 
> > used between domain parts.

> You can actually test this;-).
> Observe:
> -----
> # MailScanner --changed|grep virusscanning
> virusscanning                      yes            RULESET:Default=yes
> # grep glenn.steen /etc/MailScanner/rules/virus.whitelist.rules
> From:   glenn.steen at aa.ap1.se                           no
> # MailScanner --from=glenn.steen at aa.ap1.se 
> --to=glenn.steen at ap1.se --value=virusscanning Looked up 
> internal option name "virusscan"
> With sender = glenn.steen at aa.ap1.se
>   recipient = glenn.steen at ap1.se
> Client IP =
> Virus =
> Result is "0"
> 
> 0=No 1=Yes
> # MailScanner --from=glenn.steen at aaaap1.se 
> --to=glenn.steen at ap1.se --value=virusscanning Looked up 
> internal option name "virusscan"
> With sender = glenn.steen at aaaap1.se
>   recipient = glenn.steen at ap1.se
> Client IP =
> Virus =
> Result is "1"
> 
> 0=No 1=Yes
> #
> -----
> So the answer is: No, that is not straight perl REs, if you 
> want that you need enclose the RE in slashes like 
> /.*@example.net/ (btw, a lone asterisk is _not_ a generic 
> glob-like wildcard in perl, it is a "0 or more" repetition 
> indicator... sort of a shorthand for {0,} ... You do need 
> tell perl _what_ to repeat;-).



> -- Glenn
> email: glenn < dot > steen < at > gmail < dot > com
> work: glenn < dot > steen < at > ap1 < dot > se

More information about the MailScanner mailing list