Lists

From Securence

Jump to: navigation, search

Using White Lists, Allow Lists & Black Lists

All company, group, and domain specified lists will be applied to the domain. Mail will be filtered through all of the White List first then if the mail does not match anything on the White List it will be filtered through the Black List. If there are entries in the Allow List, all mail will be rejected with the exception of what is in the Allow List.


Edit a List:

  • Click on Add Rule in the corresponding list that you would like to add a rule to.
  • Pick a prefix for the rule to apply to. (see syntax examples below)
  • Type the rule that you want mail to be filtered through in the rule section. (see syntax examples below)


Examples of syntax used for editing the Lists: In the example, For the "to" address prefix, the "to" prefix is the email address of the person who is intended to receive the email. For example, if "to:someone@yourdomain.com" is added to your White List, and an email is sent to someone@yourdomain.com, the email will not be filtered for spam; it will still be filtered for viruses. Keep in mind, the e-mail will only be automatically allowed through if the address, someone@yourdomain.com, is contained in the "to" section of the e-mail header. The e-mail may still be filtered if the address only appears in either the "cc" or "rcptto" fields unless additional White List entries are added for these e-mail header sections.

For the "from" address prefix use:

  • from:spammer@domain.com

For the "mailfrom" address prefix use:

  • mailfrom:spammer@domain.com -or- @domain.com

For the "cc" address prefix use:

  • cc:someone@domain.com

For the "rcptto" address prefix use:

  • rcptto:someone@domain.com

For the "to" address prefix use:

  • to:someone@domain.com

For the "replyto" address prefix use:

  • replyto:spam@fakedomain.com

For IP address entries use:

  • host:12.345.67.89

For Host name entries use:

  • host:subdomain.domain.com -or- domain.com

For Subject line entries use:

  • subject:Free stuff!


Using a Wildcard: You may use the * sign as a wildcard character. The wildcard character stands for "any" or "all". For example, if you add "mailfrom:*@domain.com" to your black list, any and all email coming from domain.com will be filtered. You can use the wildcard in conjunction with the previously listed prefixes. Please note, you may only use a wildcard at the beginning or end of the value match.

Incorrect Wildcard usage:

  • to:user@*.com
  • host:*.*.255.1

Correct Wildcard usage: For the "to" address prefix use:

  • to:*@domain.com

For the "cc" address prefix use:

  • cc:*@domain.com

For the "rcptto" address prefix use:

  • rcptto:*@domain.com

For the "from" address prefix use:

  • from:*@domain.com

For the "mailfrom" address prefix use:

  • mailfrom:*@domain.com -or- *@domain.com

For the "replyto" address prefix use:

  • replyto:*@fakedomain.com

For IP address entries use:

  • host:12.345.67.* -or- 12.345.67.*

For Host/Subdomain name entries use:

  • host:*.domain.com -or- host:subdomain.domain.*

For Subject line entries use:

  • subject:*Free stuff!*


Combining Prefixes: Highly recommended You can also combine types of prefixes by using the + sign. Using "mailfrom+from" or "rcptto+to" are two common examples of ways you can combine entries. If you added "to+rcptto:someone@domain.com" to your white/black list, then mail from someone@domain.com would be filtered by both the "to" and "rcptto" fields. To whitelist a message that is caught by phishing scanners you will want to use phish+host:. To whitelist a message that was caught by virus scanners you will need to add virus+host:. Please note that we do not recommend white listing virus containing emails.

For the phish scanning use:

  • from+phish:user@domain.com

For virus scanning use:

  • from+virus:user@domain.com
Retrieved from "http://wiki.securence.com/index.php5/Lists"
Personal tools