[Rspamd-Users] email:domain vs email:domain:tld

Dan Swartzendruber dswartz at druber.com
Tue Oct 9 14:26:16 UTC 2018

I had sometime ago coded a multimap.conf that goes in 
/etc/rspamd/local.d.  I have two whitelists: one for files, and one for 
domains.  They look like this:

sender_from_whitelisted_user {
   type = "from";
   filter = "email:addr";
   map = "file:///usr/local/rspam/whitelisted_user.map";
   description = "Mail comes from whitelisted sender";
   action = "accept";

sender_from_whitelisted_domain {
   type = "from";
   filter = "email:domain:tld";
   map = "file:///usr/local/rspam/whitelisted_domain.map";
   description = "Mail comes from whitelisted domain";
   score = -10.0;

what has me confused: some domains are TLD (e.g. dcu.org), whereas 
others (most even) come from a 2nd level domain.  Since the latter is 
the case, I was using email:domain:tld, but this seems to also catch TLD 
references (e.g. I sent myself a test email from my work address, and it 
shows as:


yet, looking at /usr/local/rspam/whitelisted_domain.map, my company's 
domain name is a TLD.  I'm not complaining, this is how I would like it 
to work, but the documentation doesn't seem to indicate this, and I at 
first thought I would need two sets of rules...

More information about the Users mailing list