SQLBlackWhitelist using wildcards

William A. Knob william at raidbr.com.br
Fri Feb 22 14:38:12 GMT 2008


    Does not exists a way to make this code check subdomains too? My 
problem is: i've blocked "domain.com" but the emails still comin` from 
with "xxx.domain.com", "yyy.domain.com" and a lot of others... How can I 
block these subdomains using the SQL stuff?

       That's my problem...


Julian Field escreveu:
> Scott Silva wrote:
>> on 2/21/2008 12:37 PM Julian Field spake the following:
>>> Unfortunately you can't do that without slowing it down a lot. The 
>>> SQLBlackWhiteList stuff, instead of allowing wildcards and hence 
>>> having to check every entry in the list for every message, reduces 
>>> the whole problem to a couple of hash table lookups which are very 
>>> fast, as it knows that there aren't any wildcards.
>>> If you allow the use of wildcards, every entry has to be matched 
>>> against every address of every message. This is slow and is why 
>>> MailScanner rulesets shouldn't ideally have more than several 
>>> hundred (or maybe a thousand) entries. The SQL stuff does not allow 
>>> wildcards much, with the result that it can just do table lookups to 
>>> find if the address is listed or not. This is enormously faster than 
>>> searching every entry of a ruleset.
>>> The reason the SQL black+whitelist support is fast, not because of 
>>> it being SQL (which actually makes it run slower) but because it 
>>> doesn't support wildcards.
>>> I hope that explains my design philosophy a bit for this feature.
>>> Jules.
>>> William A. Knob wrote:
>>>>       Hi all!
>>>>    People, I want to use "wildcards" on my black/whitelist SQL 
>>>> tables to use with Mailscanner... Anybody knows how can I do that? 
>>>> Or anyone has made a modification on the "SQLBlackWhiteList.pm" 
>>>> script to do that stuff?
>>>>    Regards;
>>> Jules
>> Does matching only a domain slow it down?
>> IE... using 'domain.com' to match '*@domain.com' instead of the 
>> default of 'user at domain.com'.
> I have finally found the original code, it was written for a specific 
> customer.
> It reduces the search process to a string of hash table lookups, like 
> this:
>  return 1 if $BlackWhite->{$to}{$from};
>  return 1 if $BlackWhite->{$to}{$fromdomain};
>  return 1 if $BlackWhite->{$to}{$ip};
>  return 1 if $BlackWhite->{$to}{'default'};
>  return 1 if $BlackWhite->{$todomain}{$from};
>  return 1 if $BlackWhite->{$todomain}{$fromdomain};
>  return 1 if $BlackWhite->{$todomain}{$ip};
>  return 1 if $BlackWhite->{$todomain}{'default'};
>  return 1 if $BlackWhite->{'default'}{$from};
>  return 1 if $BlackWhite->{'default'}{$fromdomain};
>  return 1 if $BlackWhite->{'default'}{$ip};
> So if the exact address user at domain.com or domain.com or the numerical 
> IP address is listed, it will match.
> I can't remember too much about this code, I wrote it quite a long 
> time ago.
> Jules

*William A. Knob - Divisão Desenvolvimento*
Raidbr Soluções em Informática Ltda.
Rua José Albino Reuse, 1125. Cinquentenário. Caxias do Sul - RS
Fone/ Fax: (54) 3223.7074

Visite nosso site:
www.raidbr.com.br <http://www.raidbr.com.br>

Esta mensagem foi verificada pelo sistema de antivírus e acredita-se estar livre de perigo.

More information about the MailScanner mailing list