Per Jessen wrote: > Matt Kettler wrote: > >> Per Jessen wrote: >>> Occasionally I'd like to do something like this: >>> >>> whitelist_from_rcvd [EMAIL PROTECTED] /^smtp[0-9]+\.orange\.fr$/ >>> >> One problem.. That involves a regex, but whitelist_from is a "regular >> user" config option. >> >> In general, regular expressions are intentionally not used in >> "regular user" options due to the potential for a to possibly exploit >> the system. (this is why user_prefs can't contain rules unless you >> define allow_user_rules). >> >> So, SA actually went out of its way to prevent that from being >> allowed. > > Yes, I saw that in the code
I've been reading some more and it looks like it is actually possible to use regex syntax in the domain part of whitelist_from_rcvd. The address part is sanitized, but the domain part isn't. /Per Jessen, Zürich
