SQLBlackWhitelist using wildcards

Julian Field MailScanner at ecs.soton.ac.uk
Thu Feb 21 21:30:04 GMT 2008

Scott Silva wrote:
> on 2/21/2008 12:37 PM Julian Field spake the following:
>> Unfortunately you can't do that without slowing it down a lot. The 
>> SQLBlackWhiteList stuff, instead of allowing wildcards and hence 
>> having to check every entry in the list for every message, reduces 
>> the whole problem to a couple of hash table lookups which are very 
>> fast, as it knows that there aren't any wildcards.
>> If you allow the use of wildcards, every entry has to be matched 
>> against every address of every message. This is slow and is why 
>> MailScanner rulesets shouldn't ideally have more than several hundred 
>> (or maybe a thousand) entries. The SQL stuff does not allow wildcards 
>> much, with the result that it can just do table lookups to find if 
>> the address is listed or not. This is enormously faster than 
>> searching every entry of a ruleset.
>> The reason the SQL black+whitelist support is fast, not because of it 
>> being SQL (which actually makes it run slower) but because it doesn't 
>> support wildcards.
>> I hope that explains my design philosophy a bit for this feature.
>> Jules.
>> William A. Knob wrote:
>>>       Hi all!
>>>    People, I want to use "wildcards" on my black/whitelist SQL 
>>> tables to use with Mailscanner... Anybody knows how can I do that? 
>>> Or anyone has made a modification on the "SQLBlackWhiteList.pm" 
>>> script to do that stuff?
>>>    Regards;
>> Jules
> Does matching only a domain slow it down?
> IE... using 'domain.com' to match '*@domain.com' instead of the 
> default of 'user at domain.com'.
I have finally found the original code, it was written for a specific 
It reduces the search process to a string of hash table lookups, like this:

  return 1 if $BlackWhite->{$to}{$from};
  return 1 if $BlackWhite->{$to}{$fromdomain};
  return 1 if $BlackWhite->{$to}{$ip};
  return 1 if $BlackWhite->{$to}{'default'};
  return 1 if $BlackWhite->{$todomain}{$from};
  return 1 if $BlackWhite->{$todomain}{$fromdomain};
  return 1 if $BlackWhite->{$todomain}{$ip};
  return 1 if $BlackWhite->{$todomain}{'default'};
  return 1 if $BlackWhite->{'default'}{$from};
  return 1 if $BlackWhite->{'default'}{$fromdomain};
  return 1 if $BlackWhite->{'default'}{$ip};

So if the exact address user at domain.com or domain.com or the numerical 
IP address is listed, it will match.

I can't remember too much about this code, I wrote it quite a long time ago.


Julian Field MEng CITP CEng
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list