"My Break-Dancing days are over, but there's always the Funky Chicken" -- The Full Monty
> On Jul 7, 2016, at 7:15 AM, Reindl Harald <h.rei...@thelounge.net> wrote: > > > >> Am 07.07.2016 um 14:12 schrieb Joe Quinn: >>> On 7/6/2016 11:42 PM, Bill Cole wrote: >>> On 6 Jul 2016, at 23:10, lorenzo wrote: >>> >>> [...] >>>> The output from spamassassin -t -D < In-whitelist.txt gives the >>>> answer, I believe: >>>> >>>> address hefg...@hkjhkjhk.onmicrosoft.com matches whitelist or >>>> blacklist regexp: ^.*microsoft\.com$ >>>> >>>> Very sneaky. I think I can handle this one from here. >>>> Thanks again. >>> >>> Happy to be of help. >>> >>> For what it's worth: *.onmicrosoft.com domains are part of free trials >>> of Office365 and generate almost entirely spam. I suppose one could be >>> a regular paying O365 customer and keep that free domain, but no one >>> who does that can care much about their email. Spammers have been >>> using those domains for years and MS really seems not to care about >>> the fact that they've become a de facto indication of spam. >> In addition to the above, it's easy for a spammer to register something >> like kajsdhfkjasghdskghlaskfhmicrosoft.com which would also be >> whitelisted for you. I would recommend against using wildcard whitelist >> patterns like that > > should at least look similar to that: > ^.*\.microsoft\.com$ > > well the ^ followed by .* is also pointless I see. Thanks for the tip, I'll make changes. The reason I did wild cards was so that I could also capture us domains. Is there a rule that allows me to get subdomains w/o opening myself like I have? >