Yeah, I know I could Blacklist using the enveloppe sender, but as you know, the enveloppe sender is often forged or change to match anything else.
For example, some messages from Facebook will have the from name pick in the user's profile email address. It could be is real company name, or his personal address. I only want to block email that come from Facebook.
Block IP addresses is possible, but it is not always easy to find all the Domain IPs a company are using...(CIDR) some company use more than one network as a fail over.
so If you know they followed a pattern in their reverse DNS to identify them, it is a lot easier to block.
In my opinion Brightmail should have something for that...
Another example:
You want to whitelist a company's mail server. Their mail server is using IP: 123.123.123.123 and a reverse DNS set to "mail.thatcompany.com".
If you whitelist "mail.thatcompany.com" and later that company has to change their ISP, they will get a new IP and your configuration will still works.