"My Break-Dancing days are over, but there's always the Funky Chicken" -- The Full Monty
> On Jul 7, 2016, at 3:57 PM, Sidney Markowitz <sid...@sidney.com> wrote: > > Lorenzo Thurman wrote on 8/07/16 3:03 AM: >>> On Jul 7, 2016, at 8:14 AM, Antony Stone >>> <antony.st...@spamassassin.open.source.it> wrote: >>> \.microsoft\.com$ will match anything ending in ".microsoft.com" > > RW already pointed this out, but to make sure nobody reading this thread > misses it, the above is wrong because whitelist does not use regexps. > > See > https://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html#whitelist_and_blacklist_options > > where it says > > "Whitelist and blacklist addresses are now file-glob-style patterns, so > fri...@somewhere.com, *@isp.com, or *.domain.net will all work. Specifically, > * and ? are allowed, but all other metacharacters are not. Regular expressions > are not used for security reasons. Matching is case-insensitive. > > Multiple addresses per line, separated by spaces, is OK. Multiple > whitelist_from lines are also OK." > > Notice the last example there. Spamassassin is parsing out the email addresses > and matching them with the patterns so you don't have to do tricky stuff like > *@*.microsoft.com. Specifically, you can use > > whitelist_from *@microsoft.com *.microsoft.com > > which will match what you want but will not match anyth...@onmicrosoft.com and > will not match foo.microsoft....@example.com > > As the page also points out if you can figure out how to use > whitelistfrom_rcvd instead of whitelist_from it will protect against spammers > spoofing the From address. Whether you can do that depends on whether the > domain you are whitelisting has restrictions on what servers can send mail > for it. > > Sidney > > Thanks for the info. Does anyone know how I can use whitelistfrom_rcvd? I can't find any clear answers via Google.
