The docs are not very clear on whether the format uses regex a la perl or whether it's simple globbing.
It's globbing, only, and the manpages point out it's a security thing. You can't allow untusted users to create perl regexes for spamd systems. (hence the whole allow_user_rules thing)
man Mail::SpamAssassin::Conf under "whitelist_from"
"Whitelist and blacklist addresses are now file-glob-style patterns, so [EMAIL PROTECTED], [EMAIL PROTECTED], or *.domain.net will all work. Specifically, * and ? are allowed, but all other metacharacters are not. Regular expressions are not used for security reasons. "
(text same in 2.6x and 3.0x)
