[Rspamd-Users] whitelist.conf TLDs.

Fri Nov 14 10:37:09 UTC 2025

Hi Michelle,

On Fri, 2025-11-14 at 12:14 +1100, Michelle Sullivan wrote:
> So have a bunch of whitelists eg: WHITELIST_DMARC_SPF_DKIM but have
> run into a possible issue.. currently I have a big list of domains I
> have to add, but is there a way to regex/tld match .. for example I
> would want to add *.gov.au as the TLD is extremely restricted and
> other than a compromise I should be able to trust any domain within
> *.gov.au - assuming it has DKIM/SPF/DMARC (or any relevant
> combination of)… or do I have to monitor my logs and add new ones to
> the map(s) as appropriate?

We should be able to use a `regexp` or better, `glob` map - however -
`whitelist` module is using an old, low-level API for adding maps - so
that doesn't readily work - we need to patch it:
https://github.com/rspamd/rspamd/pull/5746

We should then be able to extend the whitelist with a glob map:

```
# /etc/rspamd/local.d/whitelist.conf

rules {
  WHITELIST_DMARC {
    domains [
      "glob;/etc/rspamd/local_dmarc_glob_whitelist.map";
    ]
  }
}
```

```
# /etc/rspamd/local_dmarc_glob_whitelist.map
*.gov.au
```

Best,
-AL.