This article contains information on using Wildcards in Mimecast Policies to match email domains or addresses, including guidelines for wildcard usage, matching order, and limitations for Address Attributes or Header Display Name configurations.
When creating Policies you can populate the Sender and Recipient fields with multiple options, including Groups, Domains, individual email addresses, etc. If multiple email addresses or domains are to be added, Mimecast recommends using Groups to ease the management of these policies.
There may be occasions when you need to include sub-domains of a particular domain, OR you may not be sure of the complete email address or domain for the sender/recipient. Wildcard entries can contain all sub-domains or complete the address or domain variations in these situations.
Wildcard and Regex entries cannot be used for Address Attributes or Header Display Name option(s) when configuring the Applies From & Applies To categories.
Wildcard Usage Guidelines
There are different variations of how a wildcard can be entered in Policies, including adding a regular expression and multi-level wildcard matches. These can be used to match mailbox, sub-domain, or domain portions of addresses:
Below are the guidelines for implementing a wildcard in a Policy From or To field. The following sections help you by focusing on using wildcards to match in the following two areas:
Email Domain Matches
Email Domains are matched in the following order:
Exact Matches
Exact Matches can only be made when the Domain(s) are identical.
| Match Address | Email Address | Matches |
|---|---|---|
| example.com | example.com | Yes |
| example.com | example2.com | No |
| one.domain.com | one.domain.com | Yes |
| one.domain.com | one.domain.org | No |
Multi-Level Domain Match
Address Domain matches are supported for the following types:
-
-
- Multi: "*.example.com" matches "one.example.com," "two.example.com", etc. Likewise, "*.*.domain.com" matches "one.domain.com," "two.newdomain.com," etc.
- Multi-level Domain Wildcard Suffix: Used to match parent domains. For example, "multi: example.*" matches "example.com," "example.org," etc. Likewise, "one.domain.*" matches "one.domain.com," "one.newdomain.org," etc.
- Multi-level Domain Wildcard Infix: Used to match same-level domains. For example, "multi: one.*.com" matches "one.example.com," "one.domain.com," etc. Likewise, "one.*.example.com" matches "one.domain.example.com," "two.newdomain.example.com," etc.
-
- The multi-level Domain Wildcards cannot be used together, e.g., '*.one.*.com', 'one.*.domain.*', or '*.subdomain.*.domain.*', etc.
- The 'multi:' prefix is required for Domain Matches; if not used, the Catch-all match is used.
| Match Address | Email Address | Matches |
|---|---|---|
| multi: *.domain.com | one.domain.com | Yes |
| multi: *.domain.com | two.domain.com | Yes |
| multi: *.domain.com | one.domain.org | No |
| multi: one.*.com | one.domain.com | Yes |
| multi: one.*.com | one.newdomain.com | Yes |
| multi: one. Domain.* | one.domain.com | Yes |
| multi: one. Domain.* | one.domain.org | Yes |
| multi: one. Domain.* | one.newdomain.com | No |
| multi: one. Domain.* | two.domain.com | No |
Regular Expression Matches
| Match Address | Email Address | Matches |
|---|---|---|
| regex: [a-zA-Z0-9]+.com | example.com | Yes |
| regex: .*\.domain\.com | one.domain.com | Yes |
Catch-All Domain Match
Address Domain matches are supported for the following types:
-
-
-
Catch-all Domain Wildcard Prefix: Used to match all sub-Domains, e.g., '*.example.com' matches one.domain.example.com, two.domain.example.com, etc.
-
Catch-all Domain Wildcard Suffix: Used to match all parent Domains matching a given sub-domain, e.g., 'mail*' matches mail.example.com, mail.one.domain.example.co.uk, mail.two.domain.com, etc.
-
-
| Match Address | Email Address | Matches |
|---|---|---|
| *.domain.com | one.domain.com | Yes |
| *.domain.com | two.domain.com | Yes |
| *.domain.com | one.domain.org | No |
| one* | one.domain.com | Yes |
| one* | one.newdomain.com | Yes |
| one* | one.domain.org | Yes |
| *.domain.com | one.domain.com | Yes |
| *.newdomain.com | one.domain.com | No |
Email Address Matches
Individual email addresses are matched in the following order:
- Exact address match
- Compound address match
- Address mailbox match
- Address domain match
- Explicit regular expression address match
- Catch-all address match
Exact Address Match
Exact Matches can only be made when the address(es) are identical.
| Match Address | Email Address | Matches |
|---|---|---|
| jbloggs@domain.com | jbloggs@domain.com | Yes |
| jbloggs@domain.com | auser@domain.com | No |
| joe.bloggs@subdomain.domain.com | joe.bloggs@subdomain.domain.com | Yes |
| joe.bloggs@subdomain.domain.com | joe_bloggs@subdomain.domain.com | No |
Compound Address Match
The compound address match could be used when wildcards are required in the mailbox and Domain portions. The match is done by comparing the Address, Policy Mailbox, and Domain portions, respectively, and then combining their results to get the match.
The Multi: prefix is required for Compound Address Matches; if not used, the Catch-all match is used.
| Match Address | Email Address | Matches |
|---|---|---|
| multi: joe*@*.*.com | joe.bloggs@subdomain.domain.com | Yes |
| multi: joe*@subdomain.*.com | joe.bloggs@subdomain.domain.com | Yes |
| multi: joe*@subdomain.*.* | joe.bloggs@subdomain.domain.com | Yes |
| multi: joe*@*.*.* | joe.bloggs@subdomain.domain.com | No |
| multi: joe*@*.domain.* | joe.bloggs@subdomain.domain.com | No |
Address Mailbox Match
-
-
-
Exact Local Match: The address in the mailbox matches exactly.
-
Catch-all Local Wildcard Prefix: '*bloggs' matches any address mailbox ending with 'bloggs,' e.g., joe_bloggs, joe.bloggs, jbloggs, etc.
-
Catch-all Local Wildcard Suffix: 'joe*' matches any address mailbox beginning with "joe," e.g., joe_bloggs, joe.bloggs, joebloggs, etc.
-
-
| Match Address | Email Address | Matches |
|---|---|---|
| jbloggs | jbloggs | Yes |
| jbloggs | j.bloggs | No |
| jbloggs* | jbloggsest | Yes |
| jbloggs* | jbloggsing | Yes |
| joe* | joe.bloggs | Yes |
| joe.* | joe bloggs | No |
| joe.* | joe.bloggs | Yes |
| *bloggs | joe.bloggs | Yes |
| *.bloggs | joe.bloggs | Yes |
| *_bloggs | joe.bloggs | No |
Address Domain Match
The multi-level Domain wildcards cannot be used together, e.g., '*.one.*.com', 'one.*.domain.*', or '*.one.*.domain.*', etc. Address Domain matches are supported for the following types in the table below.
The Multi: prefix is required for Address Domain Matches; if not used, the Catch-all match is used.
| Type | Match Address | Email Address | Matches |
|---|---|---|---|
| Exact Domain | example.com | example.com | Yes |
| example.com | example.org | No | |
| one.domain.com | one.domain.com | Yes | |
| one.domain.com | one.domain.org | No | |
| one.domain.com | two.domain.com | No | |
| Multi-Level Domain | multi: *.domain.com | one.domain.com | Yes |
| multi: *.domain.com | two.domain.com | Yes | |
| multi: *.domain.com | one.domain.org | No | |
| multi: one.*.com | one.domain.com | Yes | |
| multi: one.*.com | one.newdomain.com | Yes | |
| multi: one. Domain.* | one.domain.com | Yes | |
| multi: one. Domain.* | one.domain.org | Yes | |
| multi: one. Domain.* | one.newdomain.com | No | |
| multi: one. Domain.* | two.domain.com | No | |
| Catch-All Domain | *.domain.com | one.domain.com | Yes |
| *.domain.com | two.domain.com | Yes | |
| *.domain.com | one.domain.org | No | |
| one* | one.domain.com | Yes | |
| one* | one.newdomain.com | Yes | |
| one* | one.domain.org | Yes | |
| one. Domain* | one.domain.com | Yes | |
| one.newdomain* | one.domain.com | No |
Regular Expression Match
The prefix Regex: specifies a regular expression for addresses/Domains.
| Match Address | Email Address | Matches |
|---|---|---|
| regex: recipient@[a-zA-Z0-9]\.com | recipient@example.com | Yes |
| regex: .*@.*\.domain\.com | 4joe.bloggs@one.domain.com | Yes |
Catch-All Address Match
Matches the wildcard '*' suffix or prefix. It also matches the wildcard at both the beginning and end.
| Match Address | Email Address | Matches |
|---|---|---|
| *.com | recipient@example.com | Yes |
| recipient* | recipient-100@example.com | Yes |
| *100@example.com | recipient-100@example.com | Yes |
| *example.com | recipient-100@example.com | Yes |
| joe* | joe.bloggs@one.domain.com | Yes |
| joe.* | joe.bloggs@one.domain.com | Yes |
| joe.bloggs* | joe.bloggs@one.domain.com | Yes |
| joe.bloggs@domain.* | joe.bloggs@one.domain.com | Yes |
| *bloggs@one.domain.com | joe.bloggs@one.domain.com | Yes |
| *one.domain.com | joe.bloggs@one.domain.com | Yes |
| *.domain.com | joe.bloggs@one.domain.com | Yes |
| *accounts* | accounts@one.domain.com | Yes |
| *finance* | finance@one.domain.com | Yes |
See Also...
Comments
Please sign in to leave a comment.