Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 1 subscriber
  • Views 7843 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.304-9 - Antispam - wildcard expressions in blacklist

alexander@impuls
After upgrading to 9.304-9 I noticed that wildcard expressions for email adresses in the antispam blacklist are interpreted a bit different than before:

*@*domain.com does NOT match anymore for xyz@domain.com

I was using the expression *@*domain.com for all eMails from a single domain including subdomains. Maybe * does not match for empty strings anymore (which is wrong in my eyes).

Did someone else notice this?


This thread was automatically locked due to age.
  • 0
    Alexander, I have experimented with *@*domain.com over the years and have never found that it worked.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Alexander, I have experimented with *@*domain.com over the years and have never found that it worked.


    Bob,

    thank you.

    I was pretty sure that it worked before 9.3, but maybe I'm wrong, hm...
    Is there any way to filter out all senders from all subdomains of one domain? Example: mcsv.net has a lot of different sender domains like mail35.atl91.mcsv.net and so on. *@*.*.mcsv.net is treated as invalid, *@*.mcsv.net does not work.
  • 0
    Can you use a REGEX expression in the blacklist field?

    In the help doco it does not say you can, so maybe someone more knowledgeable can say if this is possible or not.

    If you can, that would let you deal with any sub-domains.
  • 0
    No REGEX in that field.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Unfortunate, but I kind of expected that (given it was not mentioned as an option in the doco).

    Definitely would be nice if there was a reliable method to exclude sub-domains, but it would seem that there currently isn't. Sigh...
  • 0
    Alexander, all of the mcsv.net servers are MailChimp, a reputable emailing service that doesn't send spam.  I use MailChimp for several organizations.  All MailChimp mailing lists are opt-in except entries submitted by the mail list owner.  All emails from MailChimp include an unsubscribe link.  If you believe that a list owner is spamming you in spite of your request to unsubscribe, you should send a complaint to abuse(at)mailchimp.com.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hi !

    So Is there a way to block subdomains sending spams ?
  • 0
    Not directly.  What domain has subdomains that you want to block?  Examples?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Everything from the domain " madmimi.com ".

    Our customer receive mail from mailman@madmimi.com but when we look at the envelope of the message we can read envelope-from : m8.madmimi.com">mailman@m8.madmimi.com
  • 0
    Yeah, madmimi is a criminal spammer.  I don't think there's a good tool yet to combat them.  Please submit a ticket to Sophos Support and make a feature request.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML