Using wildcards in Policies

Document created by user.oxriBaJeN4 Employee on Sep 21, 2015Last modified by user.oxriBaJeN4 Employee on Oct 4, 2015
Version 2Show Document
  • View in full screen mode

When creating Policies, the sender and recipient (FROM/TO) field can be populated with multiple options, including Groups, Domains, individual email addresses, etc. If multiple email addresses or Domains are to be added, Mimecast recommends that Groups be used to ease the management of these Policies.

 

There may, however, be occasions when you need to include sub-domains of a particular domain OR you may not be sure of the complete email address or domain for the sender/recipient. In these situations, wildcard entries can be used to include all sub-domains, or to complete the address or domain variations. Wildcard entries cannot be added to Groups, and should therefore be added as separate Policies.

wildcard1.png

 

Wildcard Usage Guidelines

There are different variations of how a wildcard can be entered in Policies, which includes adding a regular expression and multi-level wildcard matches. These can be used to match Mailbox, sub-Domain or Domain portions of addresses:

wildcard2.png

Below are the guidelines to be used when implementing a wildcard in a Policy FROM or TO field.

 

Individual Email Address Matches

Individual email addresses are matched in the following order:

  1. By exact address match
  2. By compound address match
  3. By explicit regular expression address match
  4. By catch-all address match

Exact Address Match

Exact Matches can only be made when the address(es) are identical.

Compound Address Match

The compound address match could be used when wildcards are required in both the mailbox and Domain portions. Here the match is done by comparing the address and Policy mailbox and Domain portions respectively, and then combine their results to get the match.

The user of the 'multi:' prefix is required for Compound Address Matches.

Address Mailbox Match

  • Exact Local Match: Address mailbox matches exactly
  • Catch-all Local Wildcard Prefix: '*bloggs' matches any address mailbox ending with 'bloggs', e.g. joe_bloggs, joe.bloggs, jbloggs, etc.
  • Catch-all Local Wildcard Suffix: 'joe*' matches any address mailbox beginning with "joe", e.g. joe_bloggs, joe.bloggs, joebloggs, etc.
Match addressEmail addressMatches
jbloggsjbloggsYes
jbloggsj.bloggsNo
jbloggs*jbloggsestYes
jbloggs*jbloggsingYes
joe*joe.bloggsYes
joe.*joe_bloggsNo
joe.*joe.bloggsYes
*bloggsjoe.bloggsYes
*.bloggsjoe.bloggsYes
*_bloggsjoe.bloggsNo

Address Domain Match

Address Domain matches are supported for the following types:

  • Exact Domain Match: Address Domain matches exactly
  • Multi-level Domain Wildcard Prefix: Used to match sub-Domains, for example 'multi: *.example.com' matches one.example.com, two.example.com, etc. Likewise, '*.*.domain.com' matches one.domain.com, two.newdomain.com, etc.
  • Multi-level Domain Wildcard Suffix: Used to match parent Domains, e.g. 'multi: example.*' matches example.com, example.org, etc. Likewise, 'one.domain.*' matches one.domain.com, one.newdomain.org, etc.
  • Multi-level Domain Wildcard Infix: Used to match same level Domains, e.g. 'multi: one.*.com' matches one.example.com, one.domain.com, etc. Likewise, 'one.*.example.com' matches one.domain.example.com, two.newdomain.example.com, etc.
  • Catch-all Domain Wildcard Prefix: Used to match all sub-Domains, e.g. '*example.com' matches  one.domain.example.com, two.domain.example.com, etc.
  • Catch-all Domain Wildcard Suffix: Used to match all parent Domains matching a given sub-domain, e.g. 'mail*' matches mail.example.com, mail.one.domain.example.co.uk, mail.two.domain.com, etc.
The user of the 'multi:' prefix is required for Address Domain Matches, and if not used, the Catch-all match is used. The multi-level Domain wildcards cannot be used together, E.g. '*.one.*.com', 'one.*.domain.*', or '*.one.*.domain.*', etc.
TypeMatch addressEmail addressMatches
Exact Domainexample.comexample.comYes
example.comexample.orgNo
one.domain.comone.domain.comYes
one.domain.comone.domain.orgNo
one.domain.comtwo.domain.comNo
Multi-Level Domainmulti: *.domain.comone.domain.comYes
multi: *.domain.comtwo.domain.comYes
multi: *.domain.comone.domain.orgNo
multi: one.*.comone.domain.comYes
multi: one.*.comone.newdomain.comYes
multi: one.domain.*one.domain.comYes
multi: one.domain.*one.domain.orgYes
multi: one.domain.*one.newdomain.comNo
multi: one.domain.*two.domain.comNo
Catch-All Domain*.domain.comone.domain.comYes
*.domain.comtwo.domain.comYes
*.domain.comone.domain.orgNo
one*one.domain.comYes
one*one.newdomain.comYes
one*one.domain.orgYes
one.domain*one.domain.comYes
one.newdomain*one.domain.comNo

Regular Expression Match

The prefix "regex:" is used to specify regular expression for addresses/Domains.

Match addressEmail addressMatches
regex: recipient@[a-zA-Z0-9]+.comrecipient@example.comYes
regex: .*@.*.domain.comjoe.bloggs@one.domain.comYes

Catch-All Address Match

Matches the wildcard '*' suffix or prefix.

Email Domain Matches

Email Domains are matched in the following order:

  1. Exact match
  2. Multi-level Domain match
  3. Explicit regular expression match
  4. Catch-all domain match.

Exact Matches

Exact Matches can only be made when the Domain(s) are identical.

Match addressEmail addressMatches
example.comexample.comYes
example.comexample2.comNo
one.domain.comone.domain.comYes
one.domain.comone.domain.orgNo

Regular Expression Matches

Match addressEmail addressMatches
regex: recipient@[a-zA-Z0-9]+.comexample.comYes
regex: *.domain.comone.domain.comYes

Multi-level Domain Match

Address Domain matches are supported for the following types:

 

  • Multi-level Domain Wildcard Prefix: Used to match sub-Domains, for example 'multi: *.example.com' matches one.example.com, two.example.com, etc. Likewise, '*.*.domain.com' matches one.domain.com, two.newdomain.com, etc.
  • Multi-level Domain Wildcard Suffix: Used to match parent Domains, e.g. 'multi: example.*' matches example.com, example.org, etc. Likewise, 'one.domain.*' matches one.domain.com, one.newdomain.org, etc.
  • Multi-level Domain Wildcard Infix: Used to match same level Domains, e.g. 'multi: one.*.com' matches one.example.com, one.domain.com, etc. Likewise, 'one.*.example.com' matches one.domain.example.com, two.newdomain.example.com, etc.
The user of the 'multi:' prefix is required for Address Domain Matches, and if not used, the Catch-all match is used.Note: The multi-level Domain wildcards cannot be used together, E.g. '*.one.*.com', 'one.*.domain.*', or '*.subdomain.*.domain.*', etc.
Match addressEmail addressMatches
multi: *.domain.comone.domain.comYes
multi: *.domain.comtwo.domain.comYes
multi: *.domain.comone.domain.orgNo
multi: one.*.comone.domain.comYes
multi: one.*.comone.newdomain.comYes
multi: one.domain.*one.domain.comYes
multi: one.domain.*one.domain.orgYes
multi: one.domain.*one.newdomain.comNo
multi: one.domain.*two.domain.comNo

Catch-All Domain Match

Address Domain matches are supported for the following types:

 

  • Catch-all Domain Wildcard Prefix: Used to match all sub-Domains, e.g. '*.example.com' matches  one.domain.example.com, two.domain.example.com, etc.
  • Catch-all Domain Wildcard Suffix: Used to match all parent Domains matching a given sub-domain, e.g. 'mail*' matches mail.example.com, mail.one.domain.example.co.uk, mail.two.domain.com, etc.

Match address

Email address

Matches

*.domain.com

one.domain.com

Yes

*.domain.com

two.domain.com

Yes

*.domain.com

one.domain.org

No

one*

one.domain.com

Yes

one*

one.newdomain.com

Yes

one*

one.domain.org

Yes

one.domain*

one.domain.com

Yes

one.newdomain*

one.domain.com

No

2 people found this helpful

Attachments

    Outcomes