Blacklist all + allow some?

Julian Field MailScanner at
Sun Jun 1 15:01:09 IST 2008

Rich West wrote:
> Glenn Steen wrote:
>> I suppose you're asking what
>> syntax you need use for a ruleset "blacklisting" everything, and then
>> whitelisting some mails passing through MailScanner... In which case
>> you can do this with a normal ruleset ... The syntax is described in
>> numerous places (the EXAMPLES file in the rules subdirectory, the
>> wiki, the book...) ... So all you really need do is decide on what
>> setting (in MailScanner.conf) you should apply the ruleset, since this
>> will
>> a) decide what the rightmost value should be (it need make sense to
>> the setting applied to), and
>> b) affect what will actually happen.
>> I'd think the "Is Definitely Spam"/"Is Definitely Not Spam" and
>> perhaps "Definite Spam Is Highscoring" settings could be used for
>> this, along with a "store" only "High Scoring Spam Actions" setting,
>> or similar ... (or perhaps use a SA "rule" to tag the messages and
>> selectively act on them with the new SA-rules actions... Seems a bit
>> backward, but might be more manageable for you).
>> Note that for this to really work on a "per intern basis", you need
>> split your incoming mails into one/recipient, else MailScanner will
>> just use the rules applicable for the first recipient.
>> Links that apply to all this:
>> (watch out for line wrapping in the above:-)
>> HtH
>> Cheers
> Ahh.. thanks.  For what it is worth, I did check out a few of those 
> (some within the wiki lead to blank pages, and others are examples 
> that didn't really cover what I was looking for).  I really thought 
> that there might have been some special syntax I was missing for the 
> per-user blacklist rule where you'd have one master blacklist rule for 
> that user which says "block everything" and the whitelist rules 
> allowing email from certain individuals (whitelists win).
> Thankfully, I already split the emails to one per recipient.
> Perhaps you are right.. an "Is Definitely Spam" ruleset might do the 
> trick.  With entries like "To: user at yes"...
> Hrmm.. I will have to test that.
> Of course, after the first request at work to block inbound to a 
> single user, I now have a list of 22 interns I need to block.. Ugh.
If you don't want to mix this in with your anti-spam settings, you could 
use "Reject Messsage" setting, which has its own report file attached to 
it, which would make the rejection message easier for the senders to 
understand, than getting complete silence from your anti-spam settings.

Here's the docs on it from MailScanner.conf:

# You may not want to receive mail from certain addresses and/or to certain
# addresses. If so, you can do this with your email transport (sendmail,
# Postfix, etc) but that will just send a one-line message which is not
# helpful to the user sending the message.
# If this is set to yes, then the message set by the "Rejection Report"
# will be sent instead, and the incoming message will be deleted.
# If you want to store a copy of the original incoming message then use the
# "Archive Mail" setting to archive a copy of it.
# The purpose of this option is to set it to be a ruleset, so that you
# can reject messages from a few offending addresses where you need to  send
# a polite reply instead of just a brief 1-line rejection message.
Reject Message = no


Julian Field MEng CITP CEng
Buy the MailScanner book at

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key:

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list