Whitelist spam pattern matching in SpamAssassin

GoWilkes

Well-Known Member
Sep 26, 2006
583
21
168
cPanel Access Level
Root Administrator
Can any of you suggest a way to whitelist any email from a domain OR subdomain of that domain, without whitelisting a domain that just happens to end with the same string?

Eg, I get emails from [email protected] or [email protected], and possibly other subdomains of cpanel.net. I want to whitelist all variations (including those I don't know), so I do this:

Code:
whitelist_from *@*cpanel.net
But that also inadvertently whitelists, say, [email protected] (assuming a spammer is clever enough to buy a domain that ends with "cpanel.net"). And that's just one example, I currently have 29 whitelists that are like that.

I know that I could double down, like:

Code:
whitelist_from *@cpanel.net
whitelist_from *@*.cpanel.net
but before I double my list of whitelist addresses, is there a better way? Can I do some sort of pattern matching? Like:

Code:
whitelist_from *@(\w.)?cpanel.net
 

GoWilkes

Well-Known Member
Sep 26, 2006
583
21
168
cPanel Access Level
Root Administrator
From reading the docs, maybe?

Code:
IF (MAIL FROM =~ /@(\w\.)?cpanel\.net$)
  whitelist_from *@*cpanel.net
ENDIF
The docs briefly mention conditions, but I'm not sure if there's a predefined constant for the "from" field or if they can be used in this context.


And I really don't know if making a different condition for each one would be easier to maintain than just doubling down on the list, anyway.