Re: [spamdyke-users] recipient-blacklist-file=FILE with RegExes?
Sam, On 2015-12-31 06:34, Sam Clippinger via spamdyke-users wrote: Ah... you're confusing the "sender" address with the "From" address. Dammit! . . I get caught with that every time I come back to look at this stuff . . The sender address is what appears in the logs. Of course . . The From address is what appears in the message headers and is also what you see in your mail client. The two are completely separate and spammers usually supply different (bogus) values for them. Right . . To block both of the examples you gave, add these lines to your sender-blacklist-file (not your header-blacklist-file): @brewster.com [1] @nice.com [2] Yes . . but I solved the "From:" and "Reply-to:" problem with a single file and globbing but I can't do that with the sender-blacklist-file as well . . I might set up one master file and do a nightly cron job that produces both of the needed files from the master file . . Thanks again! Phil. That should do it! More info here: http://www.spamdyke.org/documentation/README.html#REJECTING_SENDERS -- Sam Clippinger On Dec 29, 2015, at 11:54 PM, Philip Rhoades via spamdyke-users wrote: People, I thought of starting a new thread but the question relates to this discussion so I thought I would revive it - see inline comments: On 2015-06-21 04:57, Philip Rhoades via spamdyke-users wrote: Sam, On 2015-06-21 03:12, Sam Clippinger via spamdyke-users wrote: Regex support is on the (rather lengthy) to-do list, but frankly it's not a very high priority -- there's a lot of low-hanging fruit that would be of much more benefit right now. Plus, since I'm not one of the 10 people in the world who completely understands regexes, I doubt I would actually use them myself; I'd rather add globbing support, which I do understand. :) OK, no worries - SD is going well so far so I may not need some of the mechanisms that I used in my own setup - we'll see how things go. spamdyke's header filter runs at connection time, as all of its filters do. If a header line matches a blacklisted pattern, the entire message is rejected (the sending server receives an error code, qmail never sees the message). Right - thanks for the clarification. One annoying spammer continues to get their mail through but I don't understand why - my header-blacklist-file includes these two lines in it: [FR][re][op][ml]*:*brewster.com* [FR][re][op][ml]*:*nice.com* but the first one works and the second one doesn't!: /var/log/maillog-20151230:Dec 29 17:08:43 prix spamdyke[15684]: DENIED_HEADER_BLACKLISTED from: smartdel...@brewster.com to: p...@pricom.com.au origin_ip: 23.253.183.234 origin_rdns: mail-183-234.mailgun.info auth: (unknown) encryption: (none) reason: /usr/local/bin/srejector2/spamdyke_blacklist_header.txt:11 /var/log/maillog-20151230:Dec 29 17:08:00 prix spamdyke[15609]: ALLOWED from: support.a...@nice.com to: mailer-dae...@pricom.com.au origin_ip: 192.114.148.4 origin_rdns: mailil.nice.com auth: (unknown) encryption: (none) reason: 250_ok_1451369280_qp_15628 I have even saved the file in vim a couple of times and restarted qmail a couple of times but no change in the behaviour - what could the explanation be? Thanks, Phil. On Jun 19, 2015, at 9:09 PM, Philip Rhoades via spamdyke-users wrote: Sam, See inline comments: On 2015-06-20 11:53, Sam Clippinger via spamdyke-users wrote: You're correct spamdyke does not support regexes for any of its options, but you can use a wildcard in a sender or recipient white/blacklist file to match entire domains by prefixing the line with an @ symbol. For example: @example.com [1] [1] Yep, saw that - is it possible to support regexes in the future? Full documentation here: http://www.spamdyke.org/documentation/README.html#REJECTING_RECIPIENTS [2] [2] BUT! Be careful -- the "To" and "From" lines in the message header are not the same as the "sender" and "recipient". The sender and recipient are part of SMTP, the To and From lines are part of the message data and are completely unrelated. Think of it this way: when a letter is sent through the post office, the name on the outside of the envelope tells the postman which mailbox gets the envelope (or where to send it back to) but top of the letter inside may have a completely unrelated letterhead and salutation. Whenever spamdyke's options/documentation refer to a "sender" or a "recipient", it means the name on the outside of the envelope. The user never sees those values in their mail client unless the sender chooses to use those values in the To and From fields. Spammers typically fake all sender/recipient/To/From fields, but other software does too for perfectly legitimate reasons (e.g. mailing lists, autoresponders). Right. If you want to block based on the To and From lines the user sees in their mail client, you should look at spamdyke's header blacklist filter: http://www.spamdyke.org/documentation/README.html#HEADERS [3] [3] In that case the mail has already been acce
Re: [spamdyke-users] recipient-blacklist-file=FILE with RegExes?
Ah... you're confusing the "sender" address with the "From" address. The sender address is what appears in the logs. The From address is what appears in the message headers and is also what you see in your mail client. The two are completely separate and spammers usually supply different (bogus) values for them. To block both of the examples you gave, add these lines to your sender-blacklist-file (not your header-blacklist-file): @brewster.com @nice.com That should do it! More info here: http://www.spamdyke.org/documentation/README.html#REJECTING_SENDERS -- Sam Clippinger On Dec 29, 2015, at 11:54 PM, Philip Rhoades via spamdyke-users wrote: > People, > > I thought of starting a new thread but the question relates to this > discussion so I thought I would revive it - see inline comments: > > > On 2015-06-21 04:57, Philip Rhoades via spamdyke-users wrote: >> Sam, >> On 2015-06-21 03:12, Sam Clippinger via spamdyke-users wrote: >>> Regex support is on the (rather lengthy) to-do list, but frankly it's >>> not a very high priority -- there's a lot of low-hanging fruit that >>> would be of much more benefit right now. Plus, since I'm not one of >>> the 10 people in the world who completely understands regexes, I doubt >>> I would actually use them myself; I'd rather add globbing support, >>> which I do understand. :) >> OK, no worries - SD is going well so far so I may not need some of the >> mechanisms that I used in my own setup - we'll see how things go. >>> spamdyke's header filter runs at connection time, as all of its >>> filters do. If a header line matches a blacklisted pattern, the entire >>> message is rejected (the sending server receives an error code, qmail >>> never sees the message). >> Right - thanks for the clarification. > > > One annoying spammer continues to get their mail through but I don't > understand why - my header-blacklist-file includes these two lines in it: > > [FR][re][op][ml]*:*brewster.com* > [FR][re][op][ml]*:*nice.com* > > but the first one works and the second one doesn't!: > > /var/log/maillog-20151230:Dec 29 17:08:43 prix spamdyke[15684]: > DENIED_HEADER_BLACKLISTED from: smartdel...@brewster.com to: > p...@pricom.com.au origin_ip: 23.253.183.234 origin_rdns: > mail-183-234.mailgun.info auth: (unknown) encryption: (none) reason: > /usr/local/bin/srejector2/spamdyke_blacklist_header.txt:11 > > /var/log/maillog-20151230:Dec 29 17:08:00 prix spamdyke[15609]: ALLOWED from: > support.a...@nice.com to: mailer-dae...@pricom.com.au origin_ip: > 192.114.148.4 origin_rdns: mailil.nice.com auth: (unknown) encryption: (none) > reason: 250_ok_1451369280_qp_15628 > > I have even saved the file in vim a couple of times and restarted qmail a > couple of times but no change in the behaviour - what could the explanation > be? > > Thanks, > > Phil. > > >>> On Jun 19, 2015, at 9:09 PM, Philip Rhoades via spamdyke-users >>> wrote: Sam, See inline comments: On 2015-06-20 11:53, Sam Clippinger via spamdyke-users wrote: > You're correct spamdyke does not support regexes for any of its > options, but you can use a wildcard in a sender or recipient > white/blacklist file to match entire domains by prefixing the line > with an @ symbol. For example: > @example.com [1] [1] Yep, saw that - is it possible to support regexes in the future? > Full documentation here: >>> http://www.spamdyke.org/documentation/README.html#REJECTING_RECIPIENTS > [2] > [2] > BUT! Be careful -- the "To" and "From" lines in the message header > are > not the same as the "sender" and "recipient". The sender and > recipient > are part of SMTP, the To and From lines are part of the message > data > and are completely unrelated. Think of it this way: when a letter > is > sent through the post office, the name on the outside of the > envelope > tells the postman which mailbox gets the envelope (or where to > send it > back to) but top of the letter inside may have a completely > unrelated > letterhead and salutation. Whenever spamdyke's > options/documentation > refer to a "sender" or a "recipient", it means the name on the > outside > of the envelope. The user never sees those values in their mail > client > unless the sender chooses to use those values in the To and From > fields. Spammers typically fake all sender/recipient/To/From > fields, > but other software does too for perfectly legitimate reasons (e.g. > mailing lists, autoresponders). Right. > If you want to block based on the To > and From lines the user sees in their mail client, you should look > at > spamdyke's header blacklist filter: > http://www.spamdyke.org/documentation/README.html#HEADERS [3] [3] In that case the mail has already been accepted? When I was using the qmail-qfilter+Ruby script method - my unders
Re: [spamdyke-users] recipient-blacklist-file=FILE with RegExes?
People, I thought of starting a new thread but the question relates to this discussion so I thought I would revive it - see inline comments: On 2015-06-21 04:57, Philip Rhoades via spamdyke-users wrote: Sam, On 2015-06-21 03:12, Sam Clippinger via spamdyke-users wrote: Regex support is on the (rather lengthy) to-do list, but frankly it's not a very high priority -- there's a lot of low-hanging fruit that would be of much more benefit right now. Plus, since I'm not one of the 10 people in the world who completely understands regexes, I doubt I would actually use them myself; I'd rather add globbing support, which I do understand. :) OK, no worries - SD is going well so far so I may not need some of the mechanisms that I used in my own setup - we'll see how things go. spamdyke's header filter runs at connection time, as all of its filters do. If a header line matches a blacklisted pattern, the entire message is rejected (the sending server receives an error code, qmail never sees the message). Right - thanks for the clarification. One annoying spammer continues to get their mail through but I don't understand why - my header-blacklist-file includes these two lines in it: [FR][re][op][ml]*:*brewster.com* [FR][re][op][ml]*:*nice.com* but the first one works and the second one doesn't!: /var/log/maillog-20151230:Dec 29 17:08:43 prix spamdyke[15684]: DENIED_HEADER_BLACKLISTED from: smartdel...@brewster.com to: p...@pricom.com.au origin_ip: 23.253.183.234 origin_rdns: mail-183-234.mailgun.info auth: (unknown) encryption: (none) reason: /usr/local/bin/srejector2/spamdyke_blacklist_header.txt:11 /var/log/maillog-20151230:Dec 29 17:08:00 prix spamdyke[15609]: ALLOWED from: support.a...@nice.com to: mailer-dae...@pricom.com.au origin_ip: 192.114.148.4 origin_rdns: mailil.nice.com auth: (unknown) encryption: (none) reason: 250_ok_1451369280_qp_15628 I have even saved the file in vim a couple of times and restarted qmail a couple of times but no change in the behaviour - what could the explanation be? Thanks, Phil. On Jun 19, 2015, at 9:09 PM, Philip Rhoades via spamdyke-users wrote: Sam, See inline comments: On 2015-06-20 11:53, Sam Clippinger via spamdyke-users wrote: You're correct spamdyke does not support regexes for any of its options, but you can use a wildcard in a sender or recipient white/blacklist file to match entire domains by prefixing the line with an @ symbol. For example: @example.com [1] [1] Yep, saw that - is it possible to support regexes in the future? Full documentation here: http://www.spamdyke.org/documentation/README.html#REJECTING_RECIPIENTS [2] [2] BUT! Be careful -- the "To" and "From" lines in the message header are not the same as the "sender" and "recipient". The sender and recipient are part of SMTP, the To and From lines are part of the message data and are completely unrelated. Think of it this way: when a letter is sent through the post office, the name on the outside of the envelope tells the postman which mailbox gets the envelope (or where to send it back to) but top of the letter inside may have a completely unrelated letterhead and salutation. Whenever spamdyke's options/documentation refer to a "sender" or a "recipient", it means the name on the outside of the envelope. The user never sees those values in their mail client unless the sender chooses to use those values in the To and From fields. Spammers typically fake all sender/recipient/To/From fields, but other software does too for perfectly legitimate reasons (e.g. mailing lists, autoresponders). Right. If you want to block based on the To and From lines the user sees in their mail client, you should look at spamdyke's header blacklist filter: http://www.spamdyke.org/documentation/README.html#HEADERS [3] [3] In that case the mail has already been accepted? When I was using the qmail-qfilter+Ruby script method - my understanding of it at least - was that my Ruby script could process the header and body of the email and exit with a particular error code if the mail was bad and this would terminate the SMTP negotiation with that error message (eg drop the mail silently). So in this case I was able to look at all the header fields as well as the mail body and do whatever I wanted before accepting the mail. Header filtering doesn't support regexes either, but it does use "globbing" to allow more wildcard options. Right. Thanks, Phil. On Jun 19, 2015, at 7:47 PM, Philip Rhoades via spamdyke-users wrote: People, As well as using GreyLite I have done my own thing for many years with qmail-qfilter and a Ruby script (it started off as a Ruby learning exercise . . ) - anyway for my white and black lists I was able to have in the plain text files things like: ad...@phillipsfinancial.com.au administrator@(booksjournals.com [4](|.au)|(prix.|)pricom.com.au [5]|qps.com.au [6]) adwords-noreply america.com [7] ecolife where if any of those particular regexes app
Re: [spamdyke-users] recipient-blacklist-file=FILE with RegExes?
Sam, On 2015-06-21 03:12, Sam Clippinger via spamdyke-users wrote: Regex support is on the (rather lengthy) to-do list, but frankly it's not a very high priority -- there's a lot of low-hanging fruit that would be of much more benefit right now. Plus, since I'm not one of the 10 people in the world who completely understands regexes, I doubt I would actually use them myself; I'd rather add globbing support, which I do understand. :) OK, no worries - SD is going well so far so I may not need some of the mechanisms that I used in my own setup - we'll see how things go. spamdyke's header filter runs at connection time, as all of its filters do. If a header line matches a blacklisted pattern, the entire message is rejected (the sending server receives an error code, qmail never sees the message). Right - thanks for the clarification. Regards, Phil. -- Sam Clippinger On Jun 19, 2015, at 9:09 PM, Philip Rhoades via spamdyke-users wrote: Sam, See inline comments: On 2015-06-20 11:53, Sam Clippinger via spamdyke-users wrote: You're correct spamdyke does not support regexes for any of its options, but you can use a wildcard in a sender or recipient white/blacklist file to match entire domains by prefixing the line with an @ symbol. For example: @example.com [1] [1] Yep, saw that - is it possible to support regexes in the future? Full documentation here: http://www.spamdyke.org/documentation/README.html#REJECTING_RECIPIENTS [2] [2] BUT! Be careful -- the "To" and "From" lines in the message header are not the same as the "sender" and "recipient". The sender and recipient are part of SMTP, the To and From lines are part of the message data and are completely unrelated. Think of it this way: when a letter is sent through the post office, the name on the outside of the envelope tells the postman which mailbox gets the envelope (or where to send it back to) but top of the letter inside may have a completely unrelated letterhead and salutation. Whenever spamdyke's options/documentation refer to a "sender" or a "recipient", it means the name on the outside of the envelope. The user never sees those values in their mail client unless the sender chooses to use those values in the To and From fields. Spammers typically fake all sender/recipient/To/From fields, but other software does too for perfectly legitimate reasons (e.g. mailing lists, autoresponders). Right. If you want to block based on the To and From lines the user sees in their mail client, you should look at spamdyke's header blacklist filter: http://www.spamdyke.org/documentation/README.html#HEADERS [3] [3] In that case the mail has already been accepted? When I was using the qmail-qfilter+Ruby script method - my understanding of it at least - was that my Ruby script could process the header and body of the email and exit with a particular error code if the mail was bad and this would terminate the SMTP negotiation with that error message (eg drop the mail silently). So in this case I was able to look at all the header fields as well as the mail body and do whatever I wanted before accepting the mail. Header filtering doesn't support regexes either, but it does use "globbing" to allow more wildcard options. Right. Thanks, Phil. On Jun 19, 2015, at 7:47 PM, Philip Rhoades via spamdyke-users wrote: People, As well as using GreyLite I have done my own thing for many years with qmail-qfilter and a Ruby script (it started off as a Ruby learning exercise . . ) - anyway for my white and black lists I was able to have in the plain text files things like: ad...@phillipsfinancial.com.au administrator@(booksjournals.com [4](|.au)|(prix.|)pricom.com.au [5]|qps.com.au [6]) adwords-noreply america.com [7] ecolife where if any of those particular regexes appeared in the To: or From: or whatever, they could be allowed or blocked or whatever - I am guessing that eg the recipient-blacklist-file=FILE only allows for full email addresses? Thanks, Phil. -- Philip Rhoades PO Box 896 Cowra NSW 2794 Australia E-mail: p...@pricom.com.au ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users Links: -- [1] http://example.com [1] [2] http://www.spamdyke.org/documentation/README.html#REJECTING_RECIPIENTS [2] [3] http://www.spamdyke.org/documentation/README.html#HEADERS [3] ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users -- Philip Rhoades PO Box 896 Cowra NSW 2794 Australia E-mail: p...@pricom.com.au ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users Links: -- [1] http://example.com [2] http://www.spamdyke.org/documentation/README.html#REJECTING_RECIPIENTS [3] http://www.spamdyke.org/documentation/README
Re: [spamdyke-users] recipient-blacklist-file=FILE with RegExes?
Regex support is on the (rather lengthy) to-do list, but frankly it's not a very high priority -- there's a lot of low-hanging fruit that would be of much more benefit right now. Plus, since I'm not one of the 10 people in the world who completely understands regexes, I doubt I would actually use them myself; I'd rather add globbing support, which I do understand. :) spamdyke's header filter runs at connection time, as all of its filters do. If a header line matches a blacklisted pattern, the entire message is rejected (the sending server receives an error code, qmail never sees the message). -- Sam Clippinger On Jun 19, 2015, at 9:09 PM, Philip Rhoades via spamdyke-users wrote: > Sam, > > See inline comments: > > > On 2015-06-20 11:53, Sam Clippinger via spamdyke-users wrote: >> You're correct spamdyke does not support regexes for any of its >> options, but you can use a wildcard in a sender or recipient >> white/blacklist file to match entire domains by prefixing the line >> with an @ symbol. For example: >> @example.com [1] > > > Yep, saw that - is it possible to support regexes in the future? > > >> Full documentation here: >> http://www.spamdyke.org/documentation/README.html#REJECTING_RECIPIENTS >> [2] >> BUT! Be careful -- the "To" and "From" lines in the message header are >> not the same as the "sender" and "recipient". The sender and recipient >> are part of SMTP, the To and From lines are part of the message data >> and are completely unrelated. Think of it this way: when a letter is >> sent through the post office, the name on the outside of the envelope >> tells the postman which mailbox gets the envelope (or where to send it >> back to) but top of the letter inside may have a completely unrelated >> letterhead and salutation. Whenever spamdyke's options/documentation >> refer to a "sender" or a "recipient", it means the name on the outside >> of the envelope. The user never sees those values in their mail client >> unless the sender chooses to use those values in the To and From >> fields. Spammers typically fake all sender/recipient/To/From fields, >> but other software does too for perfectly legitimate reasons (e.g. >> mailing lists, autoresponders). > > > Right. > > >> If you want to block based on the To >> and From lines the user sees in their mail client, you should look at >> spamdyke's header blacklist filter: >> http://www.spamdyke.org/documentation/README.html#HEADERS [3] > > > In that case the mail has already been accepted? When I was using the > qmail-qfilter+Ruby script method - my understanding of it at least - was that > my Ruby script could process the header and body of the email and exit with a > particular error code if the mail was bad and this would terminate the SMTP > negotiation with that error message (eg drop the mail silently). So in this > case I was able to look at all the header fields as well as the mail body and > do whatever I wanted before accepting the mail. > > >> Header filtering doesn't support regexes either, but it does use >> "globbing" to allow more wildcard options. > > > Right. > > Thanks, > > Phil. > > >> On Jun 19, 2015, at 7:47 PM, Philip Rhoades via spamdyke-users >> wrote: >>> People, >>> As well as using GreyLite I have done my own thing for many years >>> with qmail-qfilter and a Ruby script (it started off as a Ruby >>> learning exercise . . ) - anyway for my white and black lists I was >>> able to have in the plain text files things like: >>> ad...@phillipsfinancial.com.au >> administrator@(booksjournals.com(|.au)|(prix.|)pricom.com.au|qps.com.au) >>> adwords-noreply >>> america.com >>> ecolife >>> where if any of those particular regexes appeared in the To: or >>> From: or whatever, they could be allowed or blocked or whatever - I >>> am guessing that eg the recipient-blacklist-file=FILE only allows >>> for full email addresses? >>> Thanks, >>> Phil. >>> -- >>> Philip Rhoades >>> PO Box 896 >>> Cowra NSW 2794 >>> Australia >>> E-mail: p...@pricom.com.au >>> ___ >>> spamdyke-users mailing list >>> spamdyke-users@spamdyke.org >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> Links: >> -- >> [1] http://example.com >> [2] http://www.spamdyke.org/documentation/README.html#REJECTING_RECIPIENTS >> [3] http://www.spamdyke.org/documentation/README.html#HEADERS >> ___ >> spamdyke-users mailing list >> spamdyke-users@spamdyke.org >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > -- > Philip Rhoades > > PO Box 896 > Cowra NSW 2794 > Australia > E-mail: p...@pricom.com.au > ___ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spam
Re: [spamdyke-users] recipient-blacklist-file=FILE with RegExes?
Sam, See inline comments: On 2015-06-20 11:53, Sam Clippinger via spamdyke-users wrote: You're correct spamdyke does not support regexes for any of its options, but you can use a wildcard in a sender or recipient white/blacklist file to match entire domains by prefixing the line with an @ symbol. For example: @example.com [1] Yep, saw that - is it possible to support regexes in the future? Full documentation here: http://www.spamdyke.org/documentation/README.html#REJECTING_RECIPIENTS [2] BUT! Be careful -- the "To" and "From" lines in the message header are not the same as the "sender" and "recipient". The sender and recipient are part of SMTP, the To and From lines are part of the message data and are completely unrelated. Think of it this way: when a letter is sent through the post office, the name on the outside of the envelope tells the postman which mailbox gets the envelope (or where to send it back to) but top of the letter inside may have a completely unrelated letterhead and salutation. Whenever spamdyke's options/documentation refer to a "sender" or a "recipient", it means the name on the outside of the envelope. The user never sees those values in their mail client unless the sender chooses to use those values in the To and From fields. Spammers typically fake all sender/recipient/To/From fields, but other software does too for perfectly legitimate reasons (e.g. mailing lists, autoresponders). Right. If you want to block based on the To and From lines the user sees in their mail client, you should look at spamdyke's header blacklist filter: http://www.spamdyke.org/documentation/README.html#HEADERS [3] In that case the mail has already been accepted? When I was using the qmail-qfilter+Ruby script method - my understanding of it at least - was that my Ruby script could process the header and body of the email and exit with a particular error code if the mail was bad and this would terminate the SMTP negotiation with that error message (eg drop the mail silently). So in this case I was able to look at all the header fields as well as the mail body and do whatever I wanted before accepting the mail. Header filtering doesn't support regexes either, but it does use "globbing" to allow more wildcard options. Right. Thanks, Phil. On Jun 19, 2015, at 7:47 PM, Philip Rhoades via spamdyke-users wrote: People, As well as using GreyLite I have done my own thing for many years with qmail-qfilter and a Ruby script (it started off as a Ruby learning exercise . . ) - anyway for my white and black lists I was able to have in the plain text files things like: ad...@phillipsfinancial.com.au administrator@(booksjournals.com(|.au)|(prix.|)pricom.com.au|qps.com.au) adwords-noreply america.com ecolife where if any of those particular regexes appeared in the To: or From: or whatever, they could be allowed or blocked or whatever - I am guessing that eg the recipient-blacklist-file=FILE only allows for full email addresses? Thanks, Phil. -- Philip Rhoades PO Box 896 Cowra NSW 2794 Australia E-mail: p...@pricom.com.au ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users Links: -- [1] http://example.com [2] http://www.spamdyke.org/documentation/README.html#REJECTING_RECIPIENTS [3] http://www.spamdyke.org/documentation/README.html#HEADERS ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users -- Philip Rhoades PO Box 896 Cowra NSW 2794 Australia E-mail: p...@pricom.com.au ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] recipient-blacklist-file=FILE with RegExes?
You're correct spamdyke does not support regexes for any of its options, but you can use a wildcard in a sender or recipient white/blacklist file to match entire domains by prefixing the line with an @ symbol. For example: @example.com Full documentation here: http://www.spamdyke.org/documentation/README.html#REJECTING_RECIPIENTS BUT! Be careful -- the "To" and "From" lines in the message header are not the same as the "sender" and "recipient". The sender and recipient are part of SMTP, the To and From lines are part of the message data and are completely unrelated. Think of it this way: when a letter is sent through the post office, the name on the outside of the envelope tells the postman which mailbox gets the envelope (or where to send it back to) but top of the letter inside may have a completely unrelated letterhead and salutation. Whenever spamdyke's options/documentation refer to a "sender" or a "recipient", it means the name on the outside of the envelope. The user never sees those values in their mail client unless the sender chooses to use those values in the To and From fields. Spammers typically fake all sender/recipient/To/From fields, but other software does too for perfectly legitimate reasons (e.g. mailing lists, autoresponders). If you want to block based on the To and From lines the user sees in their mail client, you should look at spamdyke's header blacklist filter: http://www.spamdyke.org/documentation/README.html#HEADERS Header filtering doesn't support regexes either, but it does use "globbing" to allow more wildcard options. -- Sam Clippinger On Jun 19, 2015, at 7:47 PM, Philip Rhoades via spamdyke-users wrote: > People, > > As well as using GreyLite I have done my own thing for many years with > qmail-qfilter and a Ruby script (it started off as a Ruby learning exercise . > . ) - anyway for my white and black lists I was able to have in the plain > text files things like: > > ad...@phillipsfinancial.com.au > administrator@(booksjournals.com(|.au)|(prix.|)pricom.com.au|qps.com.au) > adwords-noreply > america.com > ecolife > > where if any of those particular regexes appeared in the To: or From: or > whatever, they could be allowed or blocked or whatever - I am guessing that > eg the recipient-blacklist-file=FILE only allows for full email addresses? > > Thanks, > > Phil. > -- > Philip Rhoades > > PO Box 896 > Cowra NSW 2794 > Australia > E-mail: p...@pricom.com.au > ___ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users