Lines 1-330
Link Here
|
1 |
--- ../MailScanner-install-4.38.2.orig/docs/man/MailScanner.conf.5.html Mon Jan 17 15:49:00 2005 |
1 |
--- ../MailScanner-install-4.40.10.old/docs/man/MailScanner.conf.5.html Fri Apr 1 16:10:19 2005 |
2 |
+++ docs/man/MailScanner.conf.5.html Mon Jan 17 15:54:10 2005 |
2 |
+++ docs/man/MailScanner.conf.5.html Fri Apr 1 16:10:40 2005 |
3 |
@@ -1,5 +1,5 @@ |
3 |
@@ -1,5 +1,5 @@ |
4 |
<!-- Creator : groff version 1.19 --> |
4 |
<!-- Creator : groff version 1.19 --> |
5 |
-<!-- CreationDate: Fri Oct 22 08:13:20 2004 --> |
5 |
-<!-- CreationDate: Mon Jan 17 15:53:41 2005 --> |
6 |
+<!-- CreationDate: Mon Jan 17 15:53:41 2005 --> |
6 |
+<!-- CreationDate: Fri Apr 1 16:08:30 2005 --> |
7 |
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" |
7 |
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" |
8 |
"http://www.w3.org/TR/html4/loose.dtd"> |
8 |
"http://www.w3.org/TR/html4/loose.dtd"> |
9 |
<html> |
9 |
<html> |
10 |
@@ -397,4 +397,5813 @@ |
10 |
@@ -120,13 +120,15 @@ |
11 |
<td width="3%"></td> |
11 |
directories within the MailScanner installation and in the |
12 |
<td width="72%"> |
12 |
section "RULESETS" later in this manpage.</p> |
13 |
|
13 |
<!-- INDENTATION --> |
14 |
-<p>the name of a fi@ |
14 |
-<p>The options are best listed in a few categories. This is |
15 |
\ No newline at end of file |
15 |
-also the order in which you will find them in the |
16 |
+<p>the name of a file containing a list of directory names, |
16 |
-MailScanner.conf file. If this list looks very large then |
17 |
+which can in turn contain wildcards.</p> |
17 |
-don’t worry, the supplied MailScanner.conf file (or |
18 |
+</td> |
18 |
-MailScanner.conf.sample) contains sensible defaults for all |
19 |
+</table> |
19 |
-the values. You will probably only need to change a very few |
20 |
+<!-- INDENTATION --> |
20 |
-of them to start with.</p> |
21 |
+<table width="100%" border=0 rules="none" frame="void" |
21 |
+<p>The options are best listed in a few categories. If this |
22 |
+ cols="2" cellspacing="0" cellpadding="0"> |
22 |
+list looks very large then don’t worry, the supplied |
23 |
+<tr valign="top" align="left"> |
23 |
+MailScanner.conf file (or MailScanner.conf.sample) contains |
24 |
+<td width="28%"></td> |
24 |
+sensible defaults for all the values. You will probably only |
25 |
+<td width="72%"> |
25 |
+need to change a very few of them to start with.</p> |
26 |
+<p>Example: |
|
|
27 |
+/usr/local/etc/MailScanner/mqueue.in.list.conf</p></td> |
28 |
+</table> |
29 |
+<!-- INDENTATION --> |
30 |
+<table width="100%" border=0 rules="none" frame="void" |
31 |
+ cols="2" cellspacing="0" cellpadding="0"> |
32 |
+<tr valign="top" align="left"> |
33 |
+<td width="11%"></td> |
34 |
+<td width="89%"> |
35 |
+<p><b>Outgoing Queue Dir</b></p></td> |
36 |
+</table> |
37 |
+<!-- INDENTATION --> |
38 |
+<table width="100%" border=0 rules="none" frame="void" |
39 |
+ cols="2" cellspacing="0" cellpadding="0"> |
40 |
+<tr valign="top" align="left"> |
41 |
+<td width="22%"></td> |
42 |
+<td width="78%"> |
43 |
+<p>Default: /var/spool/mqueue</p> |
44 |
+<!-- INDENTATION --> |
45 |
+<p>Directory in which MailScanner should place scanned |
46 |
+e−mail messages. This can also be the filename of a |
47 |
+ruleset.</p> |
48 |
+</td> |
49 |
+</table> |
50 |
+<!-- INDENTATION --> |
51 |
+<table width="100%" border=0 rules="none" frame="void" |
52 |
+ cols="2" cellspacing="0" cellpadding="0"> |
53 |
+<tr valign="top" align="left"> |
54 |
+<td width="11%"></td> |
55 |
+<td width="89%"> |
56 |
+<p><b>Incoming work dir</b></p></td> |
57 |
+</table> |
58 |
+<!-- INDENTATION --> |
59 |
+<table width="100%" border=0 rules="none" frame="void" |
60 |
+ cols="2" cellspacing="0" cellpadding="0"> |
61 |
+<tr valign="top" align="left"> |
62 |
+<td width="22%"></td> |
63 |
+<td width="78%"> |
64 |
+<p>Default: /opt/MailScanner/var/incoming<br> |
65 |
+Default FreeBSD: /var/spool/MailScanner/incoming</p> |
66 |
+<!-- INDENTATION --> |
67 |
+<p>Directory in which to temporarily store unpacked MIME |
68 |
+messages during scanning process.</p> |
69 |
+</td> |
70 |
+</table> |
71 |
+<!-- INDENTATION --> |
72 |
+<table width="100%" border=0 rules="none" frame="void" |
73 |
+ cols="2" cellspacing="0" cellpadding="0"> |
74 |
+<tr valign="top" align="left"> |
75 |
+<td width="11%"></td> |
76 |
+<td width="89%"> |
77 |
+<p><b>Quarantine Dir</b></p></td> |
78 |
+</table> |
79 |
+<!-- INDENTATION --> |
80 |
+<table width="100%" border=0 rules="none" frame="void" |
81 |
+ cols="2" cellspacing="0" cellpadding="0"> |
82 |
+<tr valign="top" align="left"> |
83 |
+<td width="22%"></td> |
84 |
+<td width="78%"> |
85 |
+<p>Default: /opt/MailScanner/var/quarantine<br> |
86 |
+Default FreeBSD: /var/spool/MailScanner/quarantine</p> |
87 |
+<!-- INDENTATION --> |
88 |
+<p>Set where to store infected messages and attachments (if |
89 |
+they are kept). This can also be the filename of a |
90 |
+ruleset.</p> |
91 |
+</td> |
92 |
+</table> |
93 |
+<!-- INDENTATION --> |
94 |
+<table width="100%" border=0 rules="none" frame="void" |
95 |
+ cols="2" cellspacing="0" cellpadding="0"> |
96 |
+<tr valign="top" align="left"> |
97 |
+<td width="11%"></td> |
98 |
+<td width="89%"> |
99 |
+<p><b>PID file</b></p></td> |
100 |
+</table> |
101 |
+<!-- INDENTATION --> |
102 |
+<table width="100%" border=0 rules="none" frame="void" |
103 |
+ cols="2" cellspacing="0" cellpadding="0"> |
104 |
+<tr valign="top" align="left"> |
105 |
+<td width="22%"></td> |
106 |
+<td width="78%"> |
107 |
+<p>Default: /opt/MailScanner/var/MailScanner.pid<br> |
108 |
+Default FreeBSD: /var/run/MailScanner.pid</p> |
109 |
+<!-- INDENTATION --> |
110 |
+<p>Set where to store the process id number so you can stop |
111 |
+MailScanner. In the FreeBSD port this should remain |
112 |
+/var/run/MailScanner.pid in order for the start/stop script |
113 |
+to work.</p> |
114 |
+</td> |
115 |
+</table> |
116 |
+<!-- INDENTATION --> |
117 |
+<table width="100%" border=0 rules="none" frame="void" |
118 |
+ cols="2" cellspacing="0" cellpadding="0"> |
119 |
+<tr valign="top" align="left"> |
120 |
+<td width="11%"></td> |
121 |
+<td width="89%"> |
122 |
+<p><b>Restart Every</b></p></td> |
123 |
+</table> |
124 |
+<!-- INDENTATION --> |
125 |
+<table width="100%" border=0 rules="none" frame="void" |
126 |
+ cols="2" cellspacing="0" cellpadding="0"> |
127 |
+<tr valign="top" align="left"> |
128 |
+<td width="22%"></td> |
129 |
+<td width="78%"> |
130 |
+<p>Default: 14400</p> |
131 |
+<!-- INDENTATION --> |
132 |
+<p>To avoid resource leaks the MailScanner parent process |
133 |
+stops and restarts its child processes from time to time. |
134 |
+Set the amount of seconds each child process is supposed to |
135 |
+live here.</p> |
136 |
+</td> |
137 |
+</table> |
138 |
+<!-- TABS --> |
139 |
+<table width="100%" border=0 rules="none" frame="void" |
140 |
+ cols="5" cellspacing="0" cellpadding="0"> |
141 |
+<tr valign="top" align="left"> |
142 |
+<td width="11%"></td> |
143 |
+<td width="4%"> |
144 |
+ |
145 |
+<p><b>MTA</b></p> |
146 |
+</td> |
147 |
+<td width="7%"></td> |
148 |
+<td width="26%"> |
149 |
+ |
150 |
+<p>Default: sendmail</p> |
151 |
+</td> |
152 |
+<td width="52%"> |
153 |
+</td> |
154 |
+</table> |
155 |
+<!-- INDENTATION --> |
156 |
+<table width="100%" border=0 rules="none" frame="void" |
157 |
+ cols="2" cellspacing="0" cellpadding="0"> |
158 |
+<tr valign="top" align="left"> |
159 |
+<td width="22%"></td> |
160 |
+<td width="78%"> |
161 |
+<p>MailScanner works with sendmail and exim. Since the queue |
162 |
+handling differs a bit, you have to tell MailScanner which |
163 |
+MTA you are using. Valid options are sendmail and exim.</p> |
164 |
+</td> |
165 |
+</table> |
166 |
+<!-- INDENTATION --> |
167 |
+<table width="100%" border=0 rules="none" frame="void" |
168 |
+ cols="2" cellspacing="0" cellpadding="0"> |
169 |
+<tr valign="top" align="left"> |
170 |
+<td width="11%"></td> |
171 |
+<td width="89%"> |
172 |
+<p><b>Sendmail</b></p></td> |
173 |
+</table> |
174 |
+<!-- INDENTATION --> |
175 |
+<table width="100%" border=0 rules="none" frame="void" |
176 |
+ cols="2" cellspacing="0" cellpadding="0"> |
177 |
+<tr valign="top" align="left"> |
178 |
+<td width="22%"></td> |
179 |
+<td width="78%"> |
180 |
+<p>Default: /usr/lib/sendmail<br> |
181 |
+Default FreeBSD: /usr/sbin/sendmail</p> |
182 |
+<!-- INDENTATION --> |
183 |
+<p>Set how to invoke MTA when sending messages MailScanner |
184 |
+has created (e.g. to sender/recipient saying "found a |
185 |
+virus in your message"). This can also be the filename |
186 |
+of a ruleset.</p> |
187 |
+</td> |
188 |
+</table> |
189 |
+<!-- INDENTATION --> |
190 |
+<table width="100%" border=0 rules="none" frame="void" |
191 |
+ cols="2" cellspacing="0" cellpadding="0"> |
192 |
+<tr valign="top" align="left"> |
193 |
+<td width="11%"></td> |
194 |
+<td width="89%"> |
195 |
+<p><b>Sendmail2</b></p></td> |
196 |
+</table> |
197 |
+<!-- INDENTATION --> |
198 |
+<table width="100%" border=0 rules="none" frame="void" |
199 |
+ cols="2" cellspacing="0" cellpadding="0"> |
200 |
+<tr valign="top" align="left"> |
201 |
+<td width="22%"></td> |
202 |
+<td width="78%"> |
203 |
+<p>Default: same value as the Sendmail setting</p> |
204 |
+<!-- INDENTATION --> |
205 |
+<p>Sendmail2 is provided for exim users. It is the command |
206 |
+used to attempt delivery of outgoing cleaned/disinfected |
207 |
+messages. This is not usually required for sendmail.<br> |
208 |
+For Exim users this could be: Sendmail2 = /usr/sbin/exim |
209 |
+−C /usr/local/etc/exim/configure.out</p> |
210 |
+</td> |
211 |
+</table> |
212 |
+<a name="Incoming Work Dir Settings"></a> |
213 |
+<h2>Incoming Work Dir Settings</h2> |
214 |
+<!-- INDENTATION --> |
215 |
+<table width="100%" border=0 rules="none" frame="void" |
216 |
+ cols="2" cellspacing="0" cellpadding="0"> |
217 |
+<tr valign="top" align="left"> |
218 |
+<td width="11%"></td> |
219 |
+<td width="89%"> |
220 |
+<p>You should not normally need to touch these settings at |
221 |
+all, unless you are using ClamAV and need to be able to use |
222 |
+the external archive unpackers instead of ClamAV’s |
223 |
+built−in ones.</p> |
224 |
+</td> |
225 |
+</table> |
226 |
+<!-- INDENTATION --> |
227 |
+<table width="100%" border=0 rules="none" frame="void" |
228 |
+ cols="2" cellspacing="0" cellpadding="0"> |
229 |
+<tr valign="top" align="left"> |
230 |
+<td width="11%"></td> |
231 |
+<td width="89%"> |
232 |
+<p><b>Incoming Work User</b></p></td> |
233 |
+</table> |
234 |
+<!-- INDENTATION --> |
235 |
+<table width="100%" border=0 rules="none" frame="void" |
236 |
+ cols="2" cellspacing="0" cellpadding="0"> |
237 |
+<tr valign="top" align="left"> |
238 |
+<td width="22%"></td> |
239 |
+<td width="78%"> |
240 |
+<p>Default:</p> |
241 |
+<!-- INDENTATION --> |
242 |
+<p>If you want to create the temporary working files so they |
243 |
+are owned by a user other than the "Run As User" |
244 |
+setting, you can change that here. Note: If the "Run As |
245 |
+User" is not "root" then you cannot change |
246 |
+the user but may still be able to change the group, if the |
247 |
+"Run As User" is a member of both of the groups |
248 |
+"Run As Group" and "Incoming Work |
249 |
+Group".</p> |
250 |
+</td> |
251 |
+</table> |
252 |
+<!-- INDENTATION --> |
253 |
+<table width="100%" border=0 rules="none" frame="void" |
254 |
+ cols="2" cellspacing="0" cellpadding="0"> |
255 |
+<tr valign="top" align="left"> |
256 |
+<td width="11%"></td> |
257 |
+<td width="89%"> |
258 |
+<p><b>Incoming Work Group</b></p></td> |
259 |
+</table> |
260 |
+<!-- INDENTATION --> |
261 |
+<table width="100%" border=0 rules="none" frame="void" |
262 |
+ cols="2" cellspacing="0" cellpadding="0"> |
263 |
+<tr valign="top" align="left"> |
264 |
+<td width="22%"></td> |
265 |
+<td width="78%"> |
266 |
+<p>Default:</p> |
267 |
+<!-- INDENTATION --> |
268 |
+<p>If you want to create the temporary working files so they |
269 |
+are owned by a group other than the "Run As User" |
270 |
+setting, you can change that here. Note: If the "Run As |
271 |
+User" is not "root" then you cannot change |
272 |
+the user but may still be able to change the group, if the |
273 |
+"Run As User" is a member of both of the groups |
274 |
+"Run As Group" and "Incoming Work |
275 |
+Group".</p> |
276 |
+</td> |
277 |
+</table> |
278 |
+<!-- INDENTATION --> |
279 |
+<table width="100%" border=0 rules="none" frame="void" |
280 |
+ cols="2" cellspacing="0" cellpadding="0"> |
281 |
+<tr valign="top" align="left"> |
282 |
+<td width="11%"></td> |
283 |
+<td width="89%"> |
284 |
+<p><b>Incoming Work Permissions</b></p></td> |
285 |
+</table> |
286 |
+<!-- INDENTATION --> |
287 |
+<table width="100%" border=0 rules="none" frame="void" |
288 |
+ cols="2" cellspacing="0" cellpadding="0"> |
289 |
+<tr valign="top" align="left"> |
290 |
+<td width="22%"></td> |
291 |
+<td width="78%"> |
292 |
+<p>Default: 0600</p> |
293 |
+<!-- INDENTATION --> |
294 |
+<p>If you want processes running under the same *group* as |
295 |
+MailScanner to be able to read the working files (and list |
296 |
+what is in the directories, of course), set to 0640. If you |
297 |
+want *all* other users to be able to read them, set to 0644. |
298 |
+For a detailed description, if you’re not already |
299 |
+familiar with it, refer to ‘man 2 chmod‘. |
300 |
+Typical use: external helper programs of virus scanners |
301 |
+(notably ClamAV), like unpackers. Use with care, you may |
302 |
+well open security holes.</p> |
303 |
+</td> |
304 |
+</table> |
305 |
+<a name="Quarantine and Archive Settings"></a> |
306 |
+<h2>Quarantine and Archive Settings</h2> |
307 |
+<!-- INDENTATION --> |
26 |
+<!-- INDENTATION --> |
308 |
+<table width="100%" border=0 rules="none" frame="void" |
27 |
+<p>Starting with version 4.40.10 of MailScanner you can use |
309 |
+ cols="2" cellspacing="0" cellpadding="0"> |
28 |
+shell environment variables such as $HOSTNAME or ${HOSTNAME} |
310 |
+<tr valign="top" align="left"> |
29 |
+in MailScanner.conf and its relatives.</p> |
311 |
+<td width="11%"></td> |
30 |
<!-- INDENTATION --> |
312 |
+<td width="89%"> |
31 |
<p>You should define the following variables:</p> |
313 |
+<p>If, for example, you are using a web interface so that |
32 |
</td> |
314 |
+users can manage their quarantined files, you might want to |
33 |
@@ -220,6 +222,54 @@ |
315 |
+change the ownership and permissions of the quarantined so |
34 |
headers.</p> |
316 |
+that they can be read and/or deleted by the web server. |
35 |
</td> |
317 |
+Don’t touch this unless you know what you are |
36 |
</table> |
318 |
+doing!</p> |
|
|
319 |
+</td> |
320 |
+</table> |
321 |
+<!-- INDENTATION --> |
37 |
+<!-- INDENTATION --> |
322 |
+<table width="100%" border=0 rules="none" frame="void" |
38 |
+<table width="100%" border=0 rules="none" frame="void" |
323 |
+ cols="2" cellspacing="0" cellpadding="0"> |
39 |
+ cols="2" cellspacing="0" cellpadding="0"> |
324 |
+<tr valign="top" align="left"> |
40 |
+<tr valign="top" align="left"> |
325 |
+<td width="11%"></td> |
41 |
+<td width="11%"></td> |
326 |
+<td width="89%"> |
42 |
+<td width="89%"> |
327 |
+<p><b>Quarantine User</b></p></td> |
43 |
+<p><b>%org−long−name%</b></p></td> |
328 |
+</table> |
44 |
+</table> |
329 |
+<!-- INDENTATION --> |
45 |
+<!-- INDENTATION --> |
330 |
+<table width="100%" border=0 rules="none" frame="void" |
46 |
+<table width="100%" border=0 rules="none" frame="void" |
Lines 332-347
Link Here
|
332 |
+<tr valign="top" align="left"> |
48 |
+<tr valign="top" align="left"> |
333 |
+<td width="22%"></td> |
49 |
+<td width="22%"></td> |
334 |
+<td width="78%"> |
50 |
+<td width="78%"> |
335 |
+<p>Default:</p> |
51 |
+<p>Default: Your Organisation Name Here</p> |
336 |
+<!-- INDENTATION --> |
52 |
+<!-- INDENTATION --> |
337 |
+<p>If you want to create the quarantine/archive so the files |
53 |
+<p>Enter the full name of your organisation below, this is |
338 |
+are owned by a user other than the "Run As User" |
54 |
+used in the signature placed at the bottom of report |
339 |
+setting at the top of this file, you can change that here. |
55 |
+messages sent by MailScanner. It can include pretty much any |
340 |
+Note: If the "Run As User" is not "root" |
56 |
+text you like. You can make the result span several lines by |
341 |
+then you cannot change the user but may still be able to |
57 |
+including "0 sequences in the text. These will be |
342 |
+change the group, if the "Run As User" is a member |
58 |
+replaced by line−breaks.</p> |
343 |
+of both of the groups "Run As Group" and |
|
|
344 |
+"Quarantine Group".</p> |
345 |
+</td> |
59 |
+</td> |
346 |
+</table> |
60 |
+</table> |
347 |
+<!-- INDENTATION --> |
61 |
+<!-- INDENTATION --> |
Lines 350-356
Link Here
|
350 |
+<tr valign="top" align="left"> |
64 |
+<tr valign="top" align="left"> |
351 |
+<td width="11%"></td> |
65 |
+<td width="11%"></td> |
352 |
+<td width="89%"> |
66 |
+<td width="89%"> |
353 |
+<p><b>Quarantine Group</b></p></td> |
67 |
+<p><b>%web−site%</b></p></td> |
354 |
+</table> |
68 |
+</table> |
355 |
+<!-- INDENTATION --> |
69 |
+<!-- INDENTATION --> |
356 |
+<table width="100%" border=0 rules="none" frame="void" |
70 |
+<table width="100%" border=0 rules="none" frame="void" |
Lines 358-382
Link Here
|
358 |
+<tr valign="top" align="left"> |
72 |
+<tr valign="top" align="left"> |
359 |
+<td width="22%"></td> |
73 |
+<td width="22%"></td> |
360 |
+<td width="78%"> |
74 |
+<td width="78%"> |
361 |
+<p>Default:</p> |
75 |
+<p>Default: www.your−organisation.com</p> |
362 |
+<!-- INDENTATION --> |
76 |
+<!-- INDENTATION --> |
363 |
+<p>If you want to create the quarantine/archive so the files |
77 |
+<p>Enter the location of your organisation’s web site |
364 |
+are owned by a user other than the "Run As User" |
78 |
+below. This is used in the signature placed at the bottom of |
365 |
+setting at the top of this file, you can change that here. |
79 |
+report messages sent by MailScanner. It should preferably be |
366 |
+Note: If the "Run As User" is not "root" |
80 |
+the location of a page that you have written explaining why |
367 |
+then you cannot change the user but may still be able to |
81 |
+you might have rejected the mail and what the recipient |
368 |
+change the group, if the "Run As User" is a member |
82 |
+and/or sender should do about it.</p> |
369 |
+of both of the groups "Run As Group" and |
|
|
370 |
+"Quarantine Group".</p> |
371 |
+</td> |
83 |
+</td> |
372 |
+</table> |
84 |
+</table> |
373 |
+<!-- INDENTATION --> |
85 |
<a name="System Settings"></a> |
374 |
+<table width="100%" border=0 rules="none" frame="void" |
86 |
<h2>System Settings</h2> |
375 |
+ cols="2" cellspacing="0" cellpadding="0"> |
87 |
<!-- INDENTATION --> |
376 |
+<tr valign="top" align="left"> |
88 |
@@ -1071,6 +1121,54 @@ |
377 |
+<td width="11%"></td> |
89 |
<tr valign="top" align="left"> |
378 |
+<td width="89%"> |
90 |
<td width="11%"></td> |
379 |
+<p><b>Quarantine Permissions</b></p></td> |
91 |
<td width="89%"> |
|
|
92 |
+<p><b>Unrar Command</b></p></td> |
380 |
+</table> |
93 |
+</table> |
381 |
+<!-- INDENTATION --> |
94 |
+<!-- INDENTATION --> |
382 |
+<table width="100%" border=0 rules="none" frame="void" |
95 |
+<table width="100%" border=0 rules="none" frame="void" |
Lines 384-411
Link Here
|
384 |
+<tr valign="top" align="left"> |
97 |
+<tr valign="top" align="left"> |
385 |
+<td width="22%"></td> |
98 |
+<td width="22%"></td> |
386 |
+<td width="78%"> |
99 |
+<td width="78%"> |
387 |
+<p>Default: 0600</p> |
100 |
+<p>Default: /usr/bin/unrar</p> |
388 |
+<!-- INDENTATION --> |
101 |
+<!-- INDENTATION --> |
389 |
+<p>If you want processes running under the same *group* as |
102 |
+<p>Where the "unrar" command is installed. If you |
390 |
+MailScanner to be able to read the quarantined files (and |
103 |
+haven’t got this command, look at www.rarlab.com. This |
391 |
+list what is in the directories, of course), set to 0640. If |
104 |
+is used for unpacking rar archives so that the contents can |
392 |
+you want *all* other users to be able to read them, set to |
105 |
+be checked for banned filenames and filetypes, and also that |
393 |
+0644. For a detailed description, if you’re not |
106 |
+the archive can be tested to see if it is |
394 |
+already familiar with it, refer to ‘man 2 |
107 |
+password−protected. Virus scanning the contents of rar |
395 |
+chmod‘. Typical use: let the webserver have access to |
108 |
+archives is still left to the virus scanner, with one |
396 |
+the files so users can download them if they really want to. |
109 |
+exception: If using the clavavmodule virus scanner, this |
397 |
+Use with care, you may well open security holes.</p> |
110 |
+adds external RAR checking to that scanner which is needed |
|
|
111 |
+for archives which are RAR version 3.</p> |
398 |
+</td> |
112 |
+</td> |
399 |
+</table> |
113 |
+</table> |
400 |
+<a name="Process Incoming Mail"></a> |
|
|
401 |
+<h2>Process Incoming Mail</h2> |
402 |
+<!-- INDENTATION --> |
114 |
+<!-- INDENTATION --> |
403 |
+<table width="100%" border=0 rules="none" frame="void" |
115 |
+<table width="100%" border=0 rules="none" frame="void" |
404 |
+ cols="2" cellspacing="0" cellpadding="0"> |
116 |
+ cols="2" cellspacing="0" cellpadding="0"> |
405 |
+<tr valign="top" align="left"> |
117 |
+<tr valign="top" align="left"> |
406 |
+<td width="11%"></td> |
118 |
+<td width="11%"></td> |
407 |
+<td width="89%"> |
119 |
+<td width="89%"> |
408 |
+<p><b>Max Unscanned Bytes Per Scan</b></p></td> |
120 |
+<p><b>Unrar Timeout</b></p></td> |
409 |
+</table> |
121 |
+</table> |
410 |
+<!-- INDENTATION --> |
122 |
+<!-- INDENTATION --> |
411 |
+<table width="100%" border=0 rules="none" frame="void" |
123 |
+<table width="100%" border=0 rules="none" frame="void" |
Lines 413-429
Link Here
|
413 |
+<tr valign="top" align="left"> |
125 |
+<tr valign="top" align="left"> |
414 |
+<td width="22%"></td> |
126 |
+<td width="22%"></td> |
415 |
+<td width="78%"> |
127 |
+<td width="78%"> |
416 |
+<p>Default: 100000000</p> |
128 |
+<p>Default: 50</p> |
417 |
+<!-- INDENTATION --> |
|
|
418 |
+<p>MailScanner handles messages in batches for efficiency. |
419 |
+Messages are gathered (in strict date order) from the |
420 |
+incoming queue directory, one at a time, until this or one |
421 |
+of the following three limits is reached or the queue is |
422 |
+empty.</p> |
423 |
+<!-- INDENTATION --> |
129 |
+<!-- INDENTATION --> |
424 |
+<p>This setting limits the total size of messages per batch |
130 |
+<p>The maximum length of time the "unrar" command |
425 |
+for which no scanning is done (i.e. Virus Scanning = |
131 |
+is allowed to run for 1 RAR archive (in seconds)</p> |
426 |
+no).</p> |
|
|
427 |
+</td> |
132 |
+</td> |
428 |
+</table> |
133 |
+</table> |
429 |
+<!-- INDENTATION --> |
134 |
+<!-- INDENTATION --> |
Lines 432-458
Link Here
|
432 |
+<tr valign="top" align="left"> |
137 |
+<tr valign="top" align="left"> |
433 |
+<td width="11%"></td> |
138 |
+<td width="11%"></td> |
434 |
+<td width="89%"> |
139 |
+<td width="89%"> |
435 |
+<p><b>Max Unsafe Bytes per Scan</b></p></td> |
140 |
<p><b>Block Encrypted Messages</b></p></td> |
436 |
+</table> |
141 |
</table> |
437 |
+<!-- INDENTATION --> |
142 |
<!-- INDENTATION --> |
438 |
+<table width="100%" border=0 rules="none" frame="void" |
143 |
@@ -1638,6 +1736,90 @@ |
439 |
+ cols="2" cellspacing="0" cellpadding="0"> |
144 |
scanner, not the "clamav" scanner setting.</p> |
440 |
+<tr valign="top" align="left"> |
145 |
</td> |
441 |
+<td width="22%"></td> |
146 |
</table> |
442 |
+<td width="78%"> |
|
|
443 |
+<p>Default: 50000000</p> |
444 |
+<!-- INDENTATION --> |
445 |
+<p>This setting limits the total size of messages per batch |
446 |
+for which scanning is done (i.e. Virus Scanning = yes).</p> |
447 |
+</td> |
448 |
+</table> |
449 |
+<!-- INDENTATION --> |
147 |
+<!-- INDENTATION --> |
450 |
+<table width="100%" border=0 rules="none" frame="void" |
148 |
+<table width="100%" border=0 rules="none" frame="void" |
451 |
+ cols="2" cellspacing="0" cellpadding="0"> |
149 |
+ cols="2" cellspacing="0" cellpadding="0"> |
452 |
+<tr valign="top" align="left"> |
150 |
+<tr valign="top" align="left"> |
453 |
+<td width="11%"></td> |
151 |
+<td width="11%"></td> |
454 |
+<td width="89%"> |
152 |
+<td width="89%"> |
455 |
+<p><b>Max Unscanned Messages Per Scan</b></p></td> |
153 |
+<p><b>ClamAVmodule Maximum Recursion Level</b></p></td> |
456 |
+</table> |
154 |
+</table> |
457 |
+<!-- INDENTATION --> |
155 |
+<!-- INDENTATION --> |
458 |
+<table width="100%" border=0 rules="none" frame="void" |
156 |
+<table width="100%" border=0 rules="none" frame="void" |
Lines 460-470
Link Here
|
460 |
+<tr valign="top" align="left"> |
158 |
+<tr valign="top" align="left"> |
461 |
+<td width="22%"></td> |
159 |
+<td width="22%"></td> |
462 |
+<td width="78%"> |
160 |
+<td width="78%"> |
463 |
+<p>Default: 100</p> |
161 |
+<p>Default: 5</p> |
464 |
+<!-- INDENTATION --> |
162 |
+<!-- INDENTATION --> |
465 |
+<p>This setting limits the total number of messages per |
163 |
+<p>ClamAVModule only: The maximum recursion level of |
466 |
+batch for which no scanning is done (i.e. Virus Scanning = |
164 |
+archives. This setting *cannot* be the filename of a |
467 |
+no).</p> |
165 |
+ruleset, only a simple number.</p> |
468 |
+</td> |
166 |
+</td> |
469 |
+</table> |
167 |
+</table> |
470 |
+<!-- INDENTATION --> |
168 |
+<!-- INDENTATION --> |
Lines 473-479
Link Here
|
473 |
+<tr valign="top" align="left"> |
171 |
+<tr valign="top" align="left"> |
474 |
+<td width="11%"></td> |
172 |
+<td width="11%"></td> |
475 |
+<td width="89%"> |
173 |
+<td width="89%"> |
476 |
+<p><b>Max Unsafe Messages per Scan</b></p></td> |
174 |
+<p><b>ClamAVmodule Maximum Files</b></p></td> |
477 |
+</table> |
175 |
+</table> |
478 |
+<!-- INDENTATION --> |
176 |
+<!-- INDENTATION --> |
479 |
+<table width="100%" border=0 rules="none" frame="void" |
177 |
+<table width="100%" border=0 rules="none" frame="void" |
Lines 483-516
Link Here
|
483 |
+<td width="78%"> |
181 |
+<td width="78%"> |
484 |
+<p>Default: 100</p> |
182 |
+<p>Default: 100</p> |
485 |
+<!-- INDENTATION --> |
183 |
+<!-- INDENTATION --> |
486 |
+<p>This setting limits the total number of messages per |
184 |
+<p>ClamAVModule only: The maximum number of files per batch. |
487 |
+batch for which scanning is done (i.e. Virus Scanning = |
185 |
+This setting *cannot* be the filename of a ruleset, only a |
488 |
+yes).</p> |
186 |
+simple number.</p> |
489 |
+</td> |
|
|
490 |
+</table> |
491 |
+<!-- INDENTATION --> |
492 |
+<table width="100%" border=0 rules="none" frame="void" |
493 |
+ cols="2" cellspacing="0" cellpadding="0"> |
494 |
+<tr valign="top" align="left"> |
495 |
+<td width="11%"></td> |
496 |
+<td width="89%"> |
497 |
+<p><b>Max Normal Queue Size</b></p></td> |
498 |
+</table> |
499 |
+<!-- INDENTATION --> |
500 |
+<table width="100%" border=0 rules="none" frame="void" |
501 |
+ cols="2" cellspacing="0" cellpadding="0"> |
502 |
+<tr valign="top" align="left"> |
503 |
+<td width="22%"></td> |
504 |
+<td width="78%"> |
505 |
+<p>Default: 1000</p> |
506 |
+<!-- INDENTATION --> |
507 |
+<p>If more messages are found in the queue than this, then |
508 |
+switch to an "accelerated" mode of processing |
509 |
+messages. This will cause it to stop scanning messages in |
510 |
+strict date order, but in the order it finds them in the |
511 |
+queue. If your queue is bigger than this size a lot of the |
512 |
+time, then some messages could be greatly delayed. So treat |
513 |
+this option as "in emergency only".</p> |
514 |
+</td> |
187 |
+</td> |
515 |
+</table> |
188 |
+</table> |
516 |
+<!-- INDENTATION --> |
189 |
+<!-- INDENTATION --> |
Lines 519-525
Link Here
|
519 |
+<tr valign="top" align="left"> |
192 |
+<tr valign="top" align="left"> |
520 |
+<td width="11%"></td> |
193 |
+<td width="11%"></td> |
521 |
+<td width="89%"> |
194 |
+<td width="89%"> |
522 |
+<p><b>Maximum Attachments Per Message</b></p></td> |
195 |
+<p><b>ClamAVmodule Maximum File Size</b></p></td> |
523 |
+</table> |
196 |
+</table> |
524 |
+<!-- INDENTATION --> |
197 |
+<!-- INDENTATION --> |
525 |
+<table width="100%" border=0 rules="none" frame="void" |
198 |
+<table width="100%" border=0 rules="none" frame="void" |
Lines 527-542
Link Here
|
527 |
+<tr valign="top" align="left"> |
200 |
+<tr valign="top" align="left"> |
528 |
+<td width="22%"></td> |
201 |
+<td width="22%"></td> |
529 |
+<td width="78%"> |
202 |
+<td width="78%"> |
530 |
+<p>Default: 200</p> |
203 |
+<p>Default: 10000000</p> |
531 |
+<!-- INDENTATION --> |
204 |
+<!-- INDENTATION --> |
532 |
+<p>The maximum number of attachments allowed in a message |
205 |
+<p>ClamAVModule only: The maximum file of each file (Default |
533 |
+before it is considered to be an error. Some email systems, |
206 |
+= 10MB). This setting *cannot* be the filename of a ruleset, |
534 |
+if bouncing a message between 2 addresses repeatedly, add |
207 |
+only a simple number.</p> |
535 |
+information about each bounce as an attachment, creating a |
|
|
536 |
+message with thousands of attachments in just a few minutes. |
537 |
+This can slow down or even stop MailScanner as it uses all |
538 |
+available memory to unpack these thousands of attachments. |
539 |
+This can also be the filename of a ruleset.</p> |
540 |
+</td> |
208 |
+</td> |
541 |
+</table> |
209 |
+</table> |
542 |
+<!-- INDENTATION --> |
210 |
+<!-- INDENTATION --> |
Lines 545-551
Link Here
|
545 |
+<tr valign="top" align="left"> |
213 |
+<tr valign="top" align="left"> |
546 |
+<td width="11%"></td> |
214 |
+<td width="11%"></td> |
547 |
+<td width="89%"> |
215 |
+<td width="89%"> |
548 |
+<p><b>Expand TNEF</b></p></td> |
216 |
+<p>ClamAVmodule Maximum Compression Ratio</p></td> |
549 |
+</table> |
217 |
+</table> |
550 |
+<!-- INDENTATION --> |
218 |
+<!-- INDENTATION --> |
551 |
+<table width="100%" border=0 rules="none" frame="void" |
219 |
+<table width="100%" border=0 rules="none" frame="void" |
Lines 553-580
Link Here
|
553 |
+<tr valign="top" align="left"> |
221 |
+<tr valign="top" align="left"> |
554 |
+<td width="22%"></td> |
222 |
+<td width="22%"></td> |
555 |
+<td width="78%"> |
223 |
+<td width="78%"> |
556 |
+<p>Default: yes</p> |
224 |
+<p>Default: 250</p> |
557 |
+<!-- INDENTATION --> |
225 |
+<!-- INDENTATION --> |
558 |
+<p>TNEF is primarily used by Microsoft programs such as |
226 |
+<p>ClamAVModule only: The maximum compression ration of |
559 |
+Outlook and Outlook Express when mails are formatted/sent in |
227 |
+archives. This setting *cannot* be the filename of a |
560 |
+Rich−Text−Format. Attachments are all put |
228 |
+ruleset, only a simple number.</p> |
561 |
+together in one WINMAIL.DAT file.</p> |
|
|
562 |
+<!-- INDENTATION --> |
563 |
+<p>Should we use a TNEF decoder (external or Perl module)? |
564 |
+This should be "yes" unless the scanner you are |
565 |
+using (Sophos, McAfee) has the facility built−in. |
566 |
+However, if you set it to "no", then the filenames |
567 |
+within the TNEF attachment will not be checked against the |
568 |
+filename rules.</p> |
569 |
+</td> |
229 |
+</td> |
570 |
+</table> |
230 |
+</table> |
571 |
+<!-- INDENTATION --> |
231 |
<a name="Removing/Logging dangerous or potentially offensive content"></a> |
572 |
+<table width="100%" border=0 rules="none" frame="void" |
232 |
<h2>Removing/Logging dangerous or potentially offensive content</h2> |
573 |
+ cols="2" cellspacing="0" cellpadding="0"> |
233 |
<!-- INDENTATION --> |
574 |
+<tr valign="top" align="left"> |
234 |
@@ -1761,6 +1943,33 @@ |
575 |
+<td width="11%"></td> |
235 |
<tr valign="top" align="left"> |
576 |
+<td width="89%"> |
236 |
<td width="11%"></td> |
577 |
+<p><b>Deliver Unparsable TNEF</b></p></td> |
237 |
<td width="89%"> |
|
|
238 |
+<p><b>Phishing Safe Sites File</b></p></td> |
578 |
+</table> |
239 |
+</table> |
579 |
+<!-- INDENTATION --> |
240 |
+<!-- INDENTATION --> |
580 |
+<table width="100%" border=0 rules="none" frame="void" |
241 |
+<table width="100%" border=0 rules="none" frame="void" |
Lines 582-598
Link Here
|
582 |
+<tr valign="top" align="left"> |
243 |
+<tr valign="top" align="left"> |
583 |
+<td width="22%"></td> |
244 |
+<td width="22%"></td> |
584 |
+<td width="78%"> |
245 |
+<td width="78%"> |
585 |
+<p>Default: no</p> |
246 |
+<p>Default: %etc−dir%/phishing.safe.sites.conf</p> |
586 |
+<!-- INDENTATION --> |
247 |
+<!-- INDENTATION --> |
587 |
+<p>Rich Text format attachments produced by some versions of |
248 |
+<p>There are some companies, such as banks, that insist on |
588 |
+Microsoft Outlook cannot be completely decoded at present. |
249 |
+sending out email messages with links in them that are |
589 |
+Setting this option to yes allows compatibility with the |
250 |
+caught by the "Find Phishing Fraud" test described |
590 |
+behaviour of earlier versions where these attachments were |
251 |
+above. This is the name of a file which contains a list of |
591 |
+still delivered. This would introduce the slight chance of a |
252 |
+link destinations which should be ignored in the test. This |
592 |
+virus getting through in the segment of the attachment that |
253 |
+may, for example, contain the known websites of some banks. |
593 |
+could not be decoded, but the setting may be necessary if |
254 |
+See the file itself for more information. This can only be |
594 |
+you have a large number of Microsoft Outlook users who are |
255 |
+the name of the file containing the list, it *cannot* be the |
595 |
+troubled by the new behaviour.</p> |
256 |
+filename of a ruleset.</p> |
596 |
+</td> |
257 |
+</td> |
597 |
+</table> |
258 |
+</table> |
598 |
+<!-- INDENTATION --> |
259 |
+<!-- INDENTATION --> |
Lines 601-621
Link Here
|
601 |
+<tr valign="top" align="left"> |
262 |
+<tr valign="top" align="left"> |
602 |
+<td width="11%"></td> |
263 |
+<td width="11%"></td> |
603 |
+<td width="89%"> |
264 |
+<td width="89%"> |
604 |
+<p><b>TNEF Expander</b></p></td> |
265 |
<p><b>Allow IFrame Tags</b></p></td> |
605 |
+</table> |
266 |
</table> |
606 |
+<!-- INDENTATION --> |
267 |
<!-- INDENTATION --> |
607 |
+<table width="100%" border=0 rules="none" frame="void" |
268 |
@@ -5122,6 +5331,28 @@ |
608 |
+ cols="2" cellspacing="0" cellpadding="0"> |
269 |
<p>Log all occurrences of "Silent Viruses" as |
609 |
+<tr valign="top" align="left"> |
270 |
defined above? This can only be a simple yes/no value, not a |
610 |
+<td width="22%"></td> |
271 |
ruleset.</p> |
611 |
+<td width="78%"> |
|
|
612 |
+<p>Default: /opt/MailScanner/bin/tnef<br> |
613 |
+Default FreeBSD: /usr/local/bin/tnef</p> |
614 |
+<!-- INDENTATION --> |
615 |
+<p>Full pathname giving location of the MS−TNEF |
616 |
+expander/decoder program, or the keyword internal which will |
617 |
+force use of the optional Perl Convert::TNEF module instead |
618 |
+of the external program.</p> |
619 |
+</td> |
272 |
+</td> |
620 |
+</table> |
273 |
+</table> |
621 |
+<!-- INDENTATION --> |
274 |
+<!-- INDENTATION --> |
Lines 624-630
Link Here
|
624 |
+<tr valign="top" align="left"> |
277 |
+<tr valign="top" align="left"> |
625 |
+<td width="11%"></td> |
278 |
+<td width="11%"></td> |
626 |
+<td width="89%"> |
279 |
+<td width="89%"> |
627 |
+<p><b>TNEF Timeout</b></p></td> |
280 |
+<p><b>Log Dangerous HTML Tags</b></p></td> |
628 |
+</table> |
281 |
+</table> |
629 |
+<!-- INDENTATION --> |
282 |
+<!-- INDENTATION --> |
630 |
+<table width="100%" border=0 rules="none" frame="void" |
283 |
+<table width="100%" border=0 rules="none" frame="void" |
Lines 632-5825
Link Here
|
632 |
+<tr valign="top" align="left"> |
285 |
+<tr valign="top" align="left"> |
633 |
+<td width="22%"></td> |
286 |
+<td width="22%"></td> |
634 |
+<td width="78%"> |
287 |
+<td width="78%"> |
635 |
+<p>Default: 120</p> |
288 |
+<p>Default: no<br> |
636 |
+<!-- INDENTATION --> |
289 |
+Log all occurrences of HTML tags found in messages, that can |
637 |
+<p>The maximum length of time (in seconds) the TNEF Expander |
290 |
+be blocked. This will help you build up your whitelist of |
638 |
+is allowed to run for diassembling one attachment.</p> |
291 |
+message sources for which particular HTML tags should be |
639 |
+</td> |
292 |
+allowed, such as mail from newsletters and daily cartoon |
640 |
+</table> |
293 |
+strips. This can also be the filename of a ruleset.</p> |
641 |
+<!-- INDENTATION --> |
294 |
</td> |
642 |
+<table width="100%" border=0 rules="none" frame="void" |
295 |
</table> |
643 |
+ cols="2" cellspacing="0" cellpadding="0"> |
296 |
<a name="Advanced SpamAssassin Settings"></a> |
644 |
+<tr valign="top" align="left"> |
|
|
645 |
+<td width="11%"></td> |
646 |
+<td width="89%"> |
647 |
+<p><b>File Command</b></p></td> |
648 |
+</table> |
649 |
+<!-- INDENTATION --> |
650 |
+<table width="100%" border=0 rules="none" frame="void" |
651 |
+ cols="2" cellspacing="0" cellpadding="0"> |
652 |
+<tr valign="top" align="left"> |
653 |
+<td width="22%"></td> |
654 |
+<td width="78%"> |
655 |
+<p>Default: /usr/bin/file</p> |
656 |
+<!-- INDENTATION --> |
657 |
+<p>Where the "file" command is installed. This is |
658 |
+used for checking the content type of files, regardless of |
659 |
+their filename. To disable Filetype checking, set this value |
660 |
+to blank.</p> |
661 |
+</td> |
662 |
+</table> |
663 |
+<!-- INDENTATION --> |
664 |
+<table width="100%" border=0 rules="none" frame="void" |
665 |
+ cols="2" cellspacing="0" cellpadding="0"> |
666 |
+<tr valign="top" align="left"> |
667 |
+<td width="11%"></td> |
668 |
+<td width="89%"> |
669 |
+<p><b>File Timeout</b></p></td> |
670 |
+</table> |
671 |
+<!-- INDENTATION --> |
672 |
+<table width="100%" border=0 rules="none" frame="void" |
673 |
+ cols="2" cellspacing="0" cellpadding="0"> |
674 |
+<tr valign="top" align="left"> |
675 |
+<td width="22%"></td> |
676 |
+<td width="78%"> |
677 |
+<p>Default: 20</p> |
678 |
+<!-- INDENTATION --> |
679 |
+<p>The maximum length of time the "file" command |
680 |
+is allowed to run for one batch of messages (in |
681 |
+seconds).</p> |
682 |
+</td> |
683 |
+</table> |
684 |
+<!-- INDENTATION --> |
685 |
+<table width="100%" border=0 rules="none" frame="void" |
686 |
+ cols="2" cellspacing="0" cellpadding="0"> |
687 |
+<tr valign="top" align="left"> |
688 |
+<td width="11%"></td> |
689 |
+<td width="89%"> |
690 |
+<p><b>Block Encrypted Messages</b></p></td> |
691 |
+</table> |
692 |
+<!-- INDENTATION --> |
693 |
+<table width="100%" border=0 rules="none" frame="void" |
694 |
+ cols="2" cellspacing="0" cellpadding="0"> |
695 |
+<tr valign="top" align="left"> |
696 |
+<td width="22%"></td> |
697 |
+<td width="78%"> |
698 |
+<p>Default: no</p> |
699 |
+<!-- INDENTATION --> |
700 |
+<p>This is inteded for use with a ruleset to ensure that |
701 |
+none of your users is covertly mailing sites with which you |
702 |
+would not normally communicate (e.g. your competitors). If |
703 |
+this is set to yes (or the ruleset evaluates to yes) |
704 |
+encrypted messages are blocked.</p> |
705 |
+</td> |
706 |
+</table> |
707 |
+<!-- INDENTATION --> |
708 |
+<table width="100%" border=0 rules="none" frame="void" |
709 |
+ cols="2" cellspacing="0" cellpadding="0"> |
710 |
+<tr valign="top" align="left"> |
711 |
+<td width="11%"></td> |
712 |
+<td width="89%"> |
713 |
+<p><b>Block Unencrypted Messages</b></p></td> |
714 |
+</table> |
715 |
+<!-- INDENTATION --> |
716 |
+<table width="100%" border=0 rules="none" frame="void" |
717 |
+ cols="2" cellspacing="0" cellpadding="0"> |
718 |
+<tr valign="top" align="left"> |
719 |
+<td width="22%"></td> |
720 |
+<td width="78%"> |
721 |
+<p>Default: no</p> |
722 |
+<!-- INDENTATION --> |
723 |
+<p>This is intended for use with a ruleset to ensure that |
724 |
+mail is always encrypted before being sent. This could be |
725 |
+used to ensure that mail to your business partners is sent |
726 |
+securely.</p> |
727 |
+</td> |
728 |
+</table> |
729 |
+<!-- INDENTATION --> |
730 |
+<table width="100%" border=0 rules="none" frame="void" |
731 |
+ cols="2" cellspacing="0" cellpadding="0"> |
732 |
+<tr valign="top" align="left"> |
733 |
+<td width="11%"></td> |
734 |
+<td width="89%"> |
735 |
+<p><b>Allow Password−Protected Archives</b></p></td> |
736 |
+</table> |
737 |
+<!-- INDENTATION --> |
738 |
+<table width="100%" border=0 rules="none" frame="void" |
739 |
+ cols="2" cellspacing="0" cellpadding="0"> |
740 |
+<tr valign="top" align="left"> |
741 |
+<td width="22%"></td> |
742 |
+<td width="78%"> |
743 |
+<p>Default: no</p> |
744 |
+<!-- INDENTATION --> |
745 |
+<p>Should archives which contain any |
746 |
+password−protected files be allowed? Leaving this set |
747 |
+to "no" is a good way of protecting against all |
748 |
+the protected zip files used by viruses at the moment. This |
749 |
+can also be the filename of a ruleset.</p> |
750 |
+</td> |
751 |
+</table> |
752 |
+<!-- INDENTATION --> |
753 |
+<table width="100%" border=0 rules="none" frame="void" |
754 |
+ cols="2" cellspacing="0" cellpadding="0"> |
755 |
+<tr valign="top" align="left"> |
756 |
+<td width="11%"></td> |
757 |
+<td width="89%"> |
758 |
+<p><b>Maximum Message Size</b></p></td> |
759 |
+</table> |
760 |
+<!-- INDENTATION --> |
761 |
+<table width="100%" border=0 rules="none" frame="void" |
762 |
+ cols="2" cellspacing="0" cellpadding="0"> |
763 |
+<tr valign="top" align="left"> |
764 |
+<td width="22%"></td> |
765 |
+<td width="78%"> |
766 |
+<p>Default: 0</p> |
767 |
+<!-- INDENTATION --> |
768 |
+<p>The maximum size, in bytes, of any message including the |
769 |
+headers. If this is set to zero, then no size checking is |
770 |
+done. This can also be the filename of a ruleset, so you can |
771 |
+have different settings for different users. You might want |
772 |
+to set this quite small for dialup users so their email |
773 |
+applications don’t time out downloading huge |
774 |
+messages.</p> |
775 |
+</td> |
776 |
+</table> |
777 |
+<!-- INDENTATION --> |
778 |
+<table width="100%" border=0 rules="none" frame="void" |
779 |
+ cols="2" cellspacing="0" cellpadding="0"> |
780 |
+<tr valign="top" align="left"> |
781 |
+<td width="11%"></td> |
782 |
+<td width="89%"> |
783 |
+<p><b>Maximum Attachment Size</b></p></td> |
784 |
+</table> |
785 |
+<!-- INDENTATION --> |
786 |
+<table width="100%" border=0 rules="none" frame="void" |
787 |
+ cols="2" cellspacing="0" cellpadding="0"> |
788 |
+<tr valign="top" align="left"> |
789 |
+<td width="22%"></td> |
790 |
+<td width="78%"> |
791 |
+<p>Default: −1</p> |
792 |
+<!-- INDENTATION --> |
793 |
+<p>The maximum size, in bytes, of any attachment in a |
794 |
+message. If this is set to zero, effectively no attachments |
795 |
+are allowed. If this is set less than zero, then no size |
796 |
+checking is done. This can also be the filename of a |
797 |
+ruleset, so you can have different settings for different |
798 |
+users. You might want to set this quite small for large |
799 |
+mailing lists so they don’t get deluged by large |
800 |
+attachments.</p> |
801 |
+</td> |
802 |
+</table> |
803 |
+<!-- INDENTATION --> |
804 |
+<table width="100%" border=0 rules="none" frame="void" |
805 |
+ cols="2" cellspacing="0" cellpadding="0"> |
806 |
+<tr valign="top" align="left"> |
807 |
+<td width="11%"></td> |
808 |
+<td width="89%"> |
809 |
+<p><b>Maximum Archive Depth</b></p></td> |
810 |
+</table> |
811 |
+<!-- INDENTATION --> |
812 |
+<table width="100%" border=0 rules="none" frame="void" |
813 |
+ cols="2" cellspacing="0" cellpadding="0"> |
814 |
+<tr valign="top" align="left"> |
815 |
+<td width="22%"></td> |
816 |
+<td width="78%"> |
817 |
+<p>Default: 3</p> |
818 |
+<!-- INDENTATION --> |
819 |
+<p>The maximum depth to which zip archives will be unpacked |
820 |
+to allow for checking filenames and filetypes within zip |
821 |
+archives. Setting this to 0 will disable |
822 |
+filename/−type checks within zip files while still |
823 |
+allowing to block password protected zip files.</p> |
824 |
+</td> |
825 |
+</table> |
826 |
+<!-- INDENTATION --> |
827 |
+<table width="100%" border=0 rules="none" frame="void" |
828 |
+ cols="2" cellspacing="0" cellpadding="0"> |
829 |
+<tr valign="top" align="left"> |
830 |
+<td width="11%"></td> |
831 |
+<td width="89%"> |
832 |
+<p><b>Find Archives By Content</b></p></td> |
833 |
+</table> |
834 |
+<!-- INDENTATION --> |
835 |
+<table width="100%" border=0 rules="none" frame="void" |
836 |
+ cols="2" cellspacing="0" cellpadding="0"> |
837 |
+<tr valign="top" align="left"> |
838 |
+<td width="22%"></td> |
839 |
+<td width="78%"> |
840 |
+<p>Default: yes</p> |
841 |
+<!-- INDENTATION --> |
842 |
+<p>Find zip archives by filename or by file contents? |
843 |
+Finding them by content is a far more reliable way of |
844 |
+finding them, but it does mean that you cannot tell your |
845 |
+users to avoid zip file checking by renaming the file from |
846 |
+".zip" to "_zip" and tricks like that. |
847 |
+Only set this to no (i.e. check by filename only) if you |
848 |
+don’t want to reliably check the contents of zip |
849 |
+files. Note this does not affect virus checking, but it will |
850 |
+affect all the other checks done on the contents of the zip |
851 |
+file. This can also be the filename of a ruleset.</p> |
852 |
+</td> |
853 |
+</table> |
854 |
+<a name="Options specific to Sophos Anti-Virus"></a> |
855 |
+<h2>Options specific to Sophos Anti-Virus</h2> |
856 |
+<!-- INDENTATION --> |
857 |
+<table width="100%" border=0 rules="none" frame="void" |
858 |
+ cols="2" cellspacing="0" cellpadding="0"> |
859 |
+<tr valign="top" align="left"> |
860 |
+<td width="11%"></td> |
861 |
+<td width="89%"> |
862 |
+<p><b>Allowed Sophos Error Messages</b></p></td> |
863 |
+</table> |
864 |
+<!-- INDENTATION --> |
865 |
+<table width="100%" border=0 rules="none" frame="void" |
866 |
+ cols="2" cellspacing="0" cellpadding="0"> |
867 |
+<tr valign="top" align="left"> |
868 |
+<td width="22%"></td> |
869 |
+<td width="78%"> |
870 |
+<p>Default:</p> |
871 |
+<!-- INDENTATION --> |
872 |
+<p>Anything on the next line that appears in brackets at the |
873 |
+end of a line of output from Sophos will cause the |
874 |
+error/infection to be ignored. Use of this option is |
875 |
+dangerous, and should only be used if you are having trouble |
876 |
+with lots of corrupt PDF files, for example. This option |
877 |
+allows for multiple strings as well. In this case, the |
878 |
+strings should be put in double quotes (") and each |
879 |
+string separated with commas. Examples:<br> |
880 |
+Allowed Sophos Error Messages = corrupt format not |
881 |
+supported<br> |
882 |
+Allowed Sophos Error Messages = "corrupt", |
883 |
+"format not supported"</p> |
884 |
+<!-- INDENTATION --> |
885 |
+<p>The first version will match "corrupt format not |
886 |
+supported" only. The second version will match |
887 |
+"corrupt" and "format not |
888 |
+supported".</p> |
889 |
+</td> |
890 |
+</table> |
891 |
+<!-- INDENTATION --> |
892 |
+<table width="100%" border=0 rules="none" frame="void" |
893 |
+ cols="2" cellspacing="0" cellpadding="0"> |
894 |
+<tr valign="top" align="left"> |
895 |
+<td width="11%"></td> |
896 |
+<td width="89%"> |
897 |
+<p><b>Sophos IDE Dir</b></p></td> |
898 |
+</table> |
899 |
+<!-- INDENTATION --> |
900 |
+<table width="100%" border=0 rules="none" frame="void" |
901 |
+ cols="2" cellspacing="0" cellpadding="0"> |
902 |
+<tr valign="top" align="left"> |
903 |
+<td width="22%"></td> |
904 |
+<td width="78%"> |
905 |
+<p>Default: /usr/local/Sophos/ide</p> |
906 |
+<!-- INDENTATION --> |
907 |
+<p>The directory (or a link to it) containing all the Sophos |
908 |
+*.ide files. This is only used by the "sophossavi" |
909 |
+virus scanner, and is irrelevant for all other scanners.</p> |
910 |
+</td> |
911 |
+</table> |
912 |
+<!-- INDENTATION --> |
913 |
+<table width="100%" border=0 rules="none" frame="void" |
914 |
+ cols="2" cellspacing="0" cellpadding="0"> |
915 |
+<tr valign="top" align="left"> |
916 |
+<td width="11%"></td> |
917 |
+<td width="89%"> |
918 |
+<p><b>Sophos Lib Dir</b></p></td> |
919 |
+</table> |
920 |
+<!-- INDENTATION --> |
921 |
+<table width="100%" border=0 rules="none" frame="void" |
922 |
+ cols="2" cellspacing="0" cellpadding="0"> |
923 |
+<tr valign="top" align="left"> |
924 |
+<td width="22%"></td> |
925 |
+<td width="78%"> |
926 |
+<p>Default: /usr/local/Sophos/lib</p> |
927 |
+<!-- INDENTATION --> |
928 |
+<p>The directory (or a link to it) containing all the Sophos |
929 |
+*.so libraries.This is only used by the |
930 |
+"sophossavi" virus scanner, and is irrelevant for |
931 |
+all other scanners.</p> |
932 |
+</td> |
933 |
+</table> |
934 |
+<!-- INDENTATION --> |
935 |
+<table width="100%" border=0 rules="none" frame="void" |
936 |
+ cols="2" cellspacing="0" cellpadding="0"> |
937 |
+<tr valign="top" align="left"> |
938 |
+<td width="11%"></td> |
939 |
+<td width="89%"> |
940 |
+<p><b>Monitors For Sophos Updates</b></p></td> |
941 |
+</table> |
942 |
+<!-- INDENTATION --> |
943 |
+<table width="100%" border=0 rules="none" frame="void" |
944 |
+ cols="2" cellspacing="0" cellpadding="0"> |
945 |
+<tr valign="top" align="left"> |
946 |
+<td width="22%"></td> |
947 |
+<td width="78%"> |
948 |
+<p>Default: /usr/local/Sophos/ide/*ides.zip</p> |
949 |
+<!-- INDENTATION --> |
950 |
+<p>SophosSAVI only: monitor each of these files for changes |
951 |
+in size to detect when a Sophos update has happened. The |
952 |
+date of the Sophos Lib Dir is also monitored. This is only |
953 |
+used by the "sophossavi" virus scanner, not the |
954 |
+"sophos" scanner setting.</p> |
955 |
+</td> |
956 |
+</table> |
957 |
+<a name="Virus scanning and vulnerability testing"></a> |
958 |
+<h2>Virus scanning and vulnerability testing</h2> |
959 |
+<!-- INDENTATION --> |
960 |
+<table width="100%" border=0 rules="none" frame="void" |
961 |
+ cols="2" cellspacing="0" cellpadding="0"> |
962 |
+<tr valign="top" align="left"> |
963 |
+<td width="11%"></td> |
964 |
+<td width="89%"> |
965 |
+<p><b>Virus Scanning</b></p></td> |
966 |
+</table> |
967 |
+<!-- INDENTATION --> |
968 |
+<table width="100%" border=0 rules="none" frame="void" |
969 |
+ cols="2" cellspacing="0" cellpadding="0"> |
970 |
+<tr valign="top" align="left"> |
971 |
+<td width="22%"></td> |
972 |
+<td width="78%"> |
973 |
+<p>Default: yes</p> |
974 |
+<!-- INDENTATION --> |
975 |
+<p>Do you want to scan email for viruses? A few people |
976 |
+don’t have virus scanner licence and so want to |
977 |
+disable all the virus scanning.<br> |
978 |
+NOTE: Switching this to no completely disables all |
979 |
+virus−scanning functionality. If you just want to |
980 |
+switch of actual virus scanning, then set "Virus |
981 |
+Scanners = none" instead.<br> |
982 |
+If you want to be able to switch scanning on/off for |
983 |
+different users or different domains, set this to the |
984 |
+filename of a ruleset.</p> |
985 |
+</td> |
986 |
+</table> |
987 |
+<!-- INDENTATION --> |
988 |
+<table width="100%" border=0 rules="none" frame="void" |
989 |
+ cols="2" cellspacing="0" cellpadding="0"> |
990 |
+<tr valign="top" align="left"> |
991 |
+<td width="11%"></td> |
992 |
+<td width="89%"> |
993 |
+<p><b>Virus Scanners</b></p></td> |
994 |
+</table> |
995 |
+<!-- INDENTATION --> |
996 |
+<table width="100%" border=0 rules="none" frame="void" |
997 |
+ cols="2" cellspacing="0" cellpadding="0"> |
998 |
+<tr valign="top" align="left"> |
999 |
+<td width="22%"></td> |
1000 |
+<td width="78%"> |
1001 |
+<p>Default: none</p> |
1002 |
+<!-- INDENTATION --> |
1003 |
+<p>Which Virus Scanning package to use. Possible choices are |
1004 |
+sophos, sophossavi, mcafee, command, bitdefender, kaspersky, |
1005 |
+kaspersky−4.5, kavdaemonclient, inoculate, inoculan, |
1006 |
+nod32, nod32−1.99, f−secure, f−prot, |
1007 |
+panda, rav, antivir, clamav, clamavmodule, css, trend, |
1008 |
+norman, avg, vexira, symscanengine, generic, none (no virus |
1009 |
+scanning at all). This *cannot* be the filename of a |
1010 |
+ruleset.</p> |
1011 |
+<!-- INDENTATION --> |
1012 |
+<p>Note for McAfee users: Do NOT use any symlinks with |
1013 |
+McAfee at all. It is very strange but McAfee may not detect |
1014 |
+all viruses when started from a symlink or scanning a |
1015 |
+directory path including symlinks.</p> |
1016 |
+<!-- INDENTATION --> |
1017 |
+<p>Note: If you want to use multiple virus scanners, then |
1018 |
+this should be a space−separated list of virus |
1019 |
+scanners.</p> |
1020 |
+<!-- INDENTATION --> |
1021 |
+<p>Note: Make sure that you check that the base installation |
1022 |
+directory in the 3rd column of virus.scanners.conf matches |
1023 |
+the location you have installed each of your virus scanners. |
1024 |
+The supplied virus.scanners.conf file assumes the default |
1025 |
+installation locations recommended by each of the virus |
1026 |
+scanner installation guides.</p> |
1027 |
+</td> |
1028 |
+</table> |
1029 |
+<!-- INDENTATION --> |
1030 |
+<table width="100%" border=0 rules="none" frame="void" |
1031 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1032 |
+<tr valign="top" align="left"> |
1033 |
+<td width="11%"></td> |
1034 |
+<td width="89%"> |
1035 |
+<p><b>Virus Scanner Timeout</b></p></td> |
1036 |
+</table> |
1037 |
+<!-- INDENTATION --> |
1038 |
+<table width="100%" border=0 rules="none" frame="void" |
1039 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1040 |
+<tr valign="top" align="left"> |
1041 |
+<td width="22%"></td> |
1042 |
+<td width="78%"> |
1043 |
+<p>Default: 300</p> |
1044 |
+<!-- INDENTATION --> |
1045 |
+<p>The maximum time (in seconds) that the cirus scanner is |
1046 |
+allowed to take to scan one batch of messages.</p> |
1047 |
+</td> |
1048 |
+</table> |
1049 |
+<!-- INDENTATION --> |
1050 |
+<table width="100%" border=0 rules="none" frame="void" |
1051 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1052 |
+<tr valign="top" align="left"> |
1053 |
+<td width="11%"></td> |
1054 |
+<td width="89%"> |
1055 |
+<p><b>Deliver Disinfected Files</b></p></td> |
1056 |
+</table> |
1057 |
+<!-- INDENTATION --> |
1058 |
+<table width="100%" border=0 rules="none" frame="void" |
1059 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1060 |
+<tr valign="top" align="left"> |
1061 |
+<td width="22%"></td> |
1062 |
+<td width="78%"> |
1063 |
+<p>Default: yes</p> |
1064 |
+<!-- INDENTATION --> |
1065 |
+<p>Should infected attached documents be automatically |
1066 |
+disinfected and sent on to the original recipients? Less |
1067 |
+than 1% of viruses in the wild can be successfully |
1068 |
+disinfected,as macro viruses are now a rare occurrence. So |
1069 |
+the default has been changed to "no" as it gives a |
1070 |
+significant performance improvement.</p> |
1071 |
+</td> |
1072 |
+</table> |
1073 |
+<!-- INDENTATION --> |
1074 |
+<table width="100%" border=0 rules="none" frame="void" |
1075 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1076 |
+<tr valign="top" align="left"> |
1077 |
+<td width="11%"></td> |
1078 |
+<td width="89%"> |
1079 |
+<p><b>Silent Viruses</b></p></td> |
1080 |
+</table> |
1081 |
+<!-- INDENTATION --> |
1082 |
+<table width="100%" border=0 rules="none" frame="void" |
1083 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1084 |
+<tr valign="top" align="left"> |
1085 |
+<td width="22%"></td> |
1086 |
+<td width="78%"> |
1087 |
+<p>Default: HTML−IFrame All−Viruses</p> |
1088 |
+<!-- INDENTATION --> |
1089 |
+<p>Messages whose virus reports contain any of the words |
1090 |
+listed here will be treated as "silent" viruses. |
1091 |
+No messages will be sent back to the senders of these |
1092 |
+viruses, and the delivery to the recipient of the message |
1093 |
+can be controlled by the next option "Still Deliver |
1094 |
+Silent Viruses". This is primarily designed for viruses |
1095 |
+such as "Klez" and "Bugbear" which put |
1096 |
+fake addresses on messages they send, so there is no point |
1097 |
+informing the sender of the message, as it won’t |
1098 |
+actually be them who sent it anyway. Other words that can be |
1099 |
+put in this list are the 5 special keywords</p> |
1100 |
+</td> |
1101 |
+</table> |
1102 |
+<!-- TABS --> |
1103 |
+<table width="100%" border=0 rules="none" frame="void" |
1104 |
+ cols="4" cellspacing="0" cellpadding="0"> |
1105 |
+<tr valign="top" align="left"> |
1106 |
+<td width="22%"></td> |
1107 |
+<td width="1%"> |
1108 |
+ |
1109 |
+<p>•</p> |
1110 |
+</td> |
1111 |
+<td width="5%"></td> |
1112 |
+<td width="72%"> |
1113 |
+ |
1114 |
+<p>HTML−IFrame: inserting this will stop senders |
1115 |
+being warned about HTML Iframe tags, when they are not |
1116 |
+allowed.</p> |
1117 |
+</td> |
1118 |
+<tr valign="top" align="left"> |
1119 |
+<td width="22%"></td> |
1120 |
+<td width="1%"> |
1121 |
+ |
1122 |
+<p>•</p> |
1123 |
+</td> |
1124 |
+<td width="5%"></td> |
1125 |
+<td width="72%"> |
1126 |
+ |
1127 |
+<p>HTML−Codebase: inserting this will stop senders |
1128 |
+being warned about HTML Object Codebase tags, when they are |
1129 |
+not allowed.</p> |
1130 |
+</td> |
1131 |
+<tr valign="top" align="left"> |
1132 |
+<td width="22%"></td> |
1133 |
+<td width="1%"> |
1134 |
+ |
1135 |
+<p>•</p> |
1136 |
+</td> |
1137 |
+<td width="5%"></td> |
1138 |
+<td width="72%"> |
1139 |
+ |
1140 |
+<p>Zip−Password: inserting this will stop senders |
1141 |
+being warned about password−protected zip files when |
1142 |
+they are not allowd. This keyword is not needed if you |
1143 |
+include All−Viruses.</p> |
1144 |
+</td> |
1145 |
+<tr valign="top" align="left"> |
1146 |
+<td width="22%"></td> |
1147 |
+<td width="1%"> |
1148 |
+ |
1149 |
+<p>•</p> |
1150 |
+</td> |
1151 |
+<td width="5%"></td> |
1152 |
+<td width="72%"> |
1153 |
+ |
1154 |
+<p>All−Viruses: inserting this will stop senders |
1155 |
+being warned about any virus, while still allowing you to |
1156 |
+warn senders about HTML−based attacks. This includes |
1157 |
+Zip−Password so you don’t need to include |
1158 |
+both.</p> |
1159 |
+</td> |
1160 |
+</table> |
1161 |
+<!-- INDENTATION --> |
1162 |
+<table width="100%" border=0 rules="none" frame="void" |
1163 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1164 |
+<tr valign="top" align="left"> |
1165 |
+<td width="28%"></td> |
1166 |
+<td width="72%"> |
1167 |
+<p>The default of "All−Viruses" means that |
1168 |
+no senders of viruses will be notified (as the sender |
1169 |
+address is always forged these days anyway), but anyone who |
1170 |
+sends a message that is blocked for other reasons will still |
1171 |
+be notified.</p></td> |
1172 |
+</table> |
1173 |
+<!-- INDENTATION --> |
1174 |
+<table width="100%" border=0 rules="none" frame="void" |
1175 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1176 |
+<tr valign="top" align="left"> |
1177 |
+<td width="11%"></td> |
1178 |
+<td width="89%"> |
1179 |
+<p><b>Still Deliver Silent Viruses</b></p></td> |
1180 |
+</table> |
1181 |
+<!-- INDENTATION --> |
1182 |
+<table width="100%" border=0 rules="none" frame="void" |
1183 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1184 |
+<tr valign="top" align="left"> |
1185 |
+<td width="22%"></td> |
1186 |
+<td width="78%"> |
1187 |
+<p>Default: no</p> |
1188 |
+<!-- INDENTATION --> |
1189 |
+<p>If this is set to yes then disinfected messsages that |
1190 |
+originally contained one of the "silent" viruses |
1191 |
+will still be delivered to the original recipients, even |
1192 |
+those addresses were chosen at random by the infected PC and |
1193 |
+do not correspond to anything a user intended to send. Set |
1194 |
+this to yes so that your users (and your management) |
1195 |
+appreciate how much MailScanner is doing to protect them, |
1196 |
+but set it to no if they complain a lot about receiving lots |
1197 |
+of virus warnings.</p> |
1198 |
+</td> |
1199 |
+</table> |
1200 |
+<!-- INDENTATION --> |
1201 |
+<table width="100%" border=0 rules="none" frame="void" |
1202 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1203 |
+<tr valign="top" align="left"> |
1204 |
+<td width="11%"></td> |
1205 |
+<td width="89%"> |
1206 |
+<p><b>Non−Forging Viruses</b></p></td> |
1207 |
+</table> |
1208 |
+<!-- INDENTATION --> |
1209 |
+<table width="100%" border=0 rules="none" frame="void" |
1210 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1211 |
+<tr valign="top" align="left"> |
1212 |
+<td width="22%"></td> |
1213 |
+<td width="78%"> |
1214 |
+<p>Default: Joke/ OF97/ WM97/ W97M/</p> |
1215 |
+<!-- INDENTATION --> |
1216 |
+<p>Strings listed here will be searched for in the output of |
1217 |
+the virus scanners. It works to achieve the opposite effect |
1218 |
+of the "Silent Viruses" listed above. If a string |
1219 |
+here is found in the output of the virus scanners, then the |
1220 |
+message will be treated as if it were not infected with a |
1221 |
+"Silent Virus". If a message is detected as both a |
1222 |
+silent virus and a non−forging virus, then the |
1223 |
+non−forging status will override the silent status. In |
1224 |
+simple terms, you should list virus names (or parts of them) |
1225 |
+that you know do *not* forge the From address. A good |
1226 |
+example of this is a document macro virus or a Joke program. |
1227 |
+Another word that can be put in this list is the special |
1228 |
+keyword "Zip−.Password". Inserting this will |
1229 |
+cause senders to be warned about password−protected |
1230 |
+zip files, whey they are not allowed.</p> |
1231 |
+</td> |
1232 |
+</table> |
1233 |
+<a name="Options specific to ClamAV Anti-Virus"></a> |
1234 |
+<h2>Options specific to ClamAV Anti-Virus</h2> |
1235 |
+<!-- INDENTATION --> |
1236 |
+<table width="100%" border=0 rules="none" frame="void" |
1237 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1238 |
+<tr valign="top" align="left"> |
1239 |
+<td width="11%"></td> |
1240 |
+<td width="89%"> |
1241 |
+<p><b>Monitors for ClamAV Updates</b></p></td> |
1242 |
+</table> |
1243 |
+<!-- INDENTATION --> |
1244 |
+<table width="100%" border=0 rules="none" frame="void" |
1245 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1246 |
+<tr valign="top" align="left"> |
1247 |
+<td width="22%"></td> |
1248 |
+<td width="78%"> |
1249 |
+<p>Default: /usr/local/share/clamav/*.cvd</p> |
1250 |
+<!-- INDENTATION --> |
1251 |
+<p>ClamAVModule only: monitor each of these files for |
1252 |
+changes in size to detect when a ClamAV update has happened. |
1253 |
+This is only used by the "clamavmodule" virus |
1254 |
+scanner, not the "clamav" scanner setting.</p> |
1255 |
+</td> |
1256 |
+</table> |
1257 |
+<a name="Removing/Logging dangerous or potentially offensive content"></a> |
1258 |
+<h2>Removing/Logging dangerous or potentially offensive content</h2> |
1259 |
+<!-- INDENTATION --> |
1260 |
+<table width="100%" border=0 rules="none" frame="void" |
1261 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1262 |
+<tr valign="top" align="left"> |
1263 |
+<td width="11%"></td> |
1264 |
+<td width="89%"> |
1265 |
+<p><b>Allow Partial Messages</b></p></td> |
1266 |
+</table> |
1267 |
+<!-- INDENTATION --> |
1268 |
+<table width="100%" border=0 rules="none" frame="void" |
1269 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1270 |
+<tr valign="top" align="left"> |
1271 |
+<td width="22%"></td> |
1272 |
+<td width="78%"> |
1273 |
+<p>Default: no</p> |
1274 |
+<!-- INDENTATION --> |
1275 |
+<p>Do you want to allow partial messages, which only contain |
1276 |
+a fraction of the attachments, not the whole thing? There is |
1277 |
+no way that "partial messages" can be scanned for |
1278 |
+viruses properly, as only a fragment of the message is ever |
1279 |
+processed, never the whole message at once.<br> |
1280 |
+Setting this option to yes is <b>very dangerous</b> as it |
1281 |
+can let viruses in. But you might want to use a ruleset to |
1282 |
+set it for some customers’ outgoing mail, for |
1283 |
+example.</p> |
1284 |
+</td> |
1285 |
+</table> |
1286 |
+<!-- INDENTATION --> |
1287 |
+<table width="100%" border=0 rules="none" frame="void" |
1288 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1289 |
+<tr valign="top" align="left"> |
1290 |
+<td width="11%"></td> |
1291 |
+<td width="89%"> |
1292 |
+<p><b>Allow External Message Bodies</b></p></td> |
1293 |
+</table> |
1294 |
+<!-- INDENTATION --> |
1295 |
+<table width="100%" border=0 rules="none" frame="void" |
1296 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1297 |
+<tr valign="top" align="left"> |
1298 |
+<td width="22%"></td> |
1299 |
+<td width="78%"> |
1300 |
+<p>Default: no</p> |
1301 |
+<!-- INDENTATION --> |
1302 |
+<p>There is a mechanism, very rarely used, in which the body |
1303 |
+of a message is contained on a remote server, which the |
1304 |
+user’s email application should download when it |
1305 |
+displays the message. Currently, I am only aware of this |
1306 |
+feature being supported by a few versions of Netscape, and |
1307 |
+the only people who use it are the IETF. There is no way to |
1308 |
+guarantee that the fetched file has no viruses in it, as |
1309 |
+MailScanner never sees it.<br> |
1310 |
+Setting this option to yes is <b>very dangerous</b> as it |
1311 |
+can let viruses in from remote "message body |
1312 |
+servers".</p> |
1313 |
+</td> |
1314 |
+</table> |
1315 |
+<!-- INDENTATION --> |
1316 |
+<table width="100%" border=0 rules="none" frame="void" |
1317 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1318 |
+<tr valign="top" align="left"> |
1319 |
+<td width="11%"></td> |
1320 |
+<td width="89%"> |
1321 |
+<p><b>Find Phishing Fraud</b></p></td> |
1322 |
+</table> |
1323 |
+<!-- INDENTATION --> |
1324 |
+<table width="100%" border=0 rules="none" frame="void" |
1325 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1326 |
+<tr valign="top" align="left"> |
1327 |
+<td width="22%"></td> |
1328 |
+<td width="78%"> |
1329 |
+<p>Default: yes</p> |
1330 |
+<!-- INDENTATION --> |
1331 |
+<p>Do you want to check for "Phishing" attacks? |
1332 |
+These are attacks that look like a genuine email message |
1333 |
+from your bank, which contain a link to click on to take you |
1334 |
+to the web site where you will be asked to type in personal |
1335 |
+information such as your account number or credit card |
1336 |
+details. Except it is not the real bank’s web site at |
1337 |
+all, it is a very good copy of it run by thieves who want to |
1338 |
+steal your personal information or credit card details. |
1339 |
+These can be spotted because the real address of the link in |
1340 |
+the message is not the same as the text that appears to be |
1341 |
+the link. Note: This does cause significant extra load, |
1342 |
+particularly on systems receiving lots of spam such as |
1343 |
+secondary MX hosts. This *cannot* be the filename of a |
1344 |
+ruleset, it must be ’yes’ or |
1345 |
+’no’.</p> |
1346 |
+</td> |
1347 |
+</table> |
1348 |
+<!-- INDENTATION --> |
1349 |
+<table width="100%" border=0 rules="none" frame="void" |
1350 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1351 |
+<tr valign="top" align="left"> |
1352 |
+<td width="11%"></td> |
1353 |
+<td width="89%"> |
1354 |
+<p><b>Also Find Numeric Phishing</b></p></td> |
1355 |
+</table> |
1356 |
+<!-- INDENTATION --> |
1357 |
+<table width="100%" border=0 rules="none" frame="void" |
1358 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1359 |
+<tr valign="top" align="left"> |
1360 |
+<td width="22%"></td> |
1361 |
+<td width="78%"> |
1362 |
+<p>Default: yes</p> |
1363 |
+<!-- INDENTATION --> |
1364 |
+<p>While detecting "Phishing" attacks, do you also |
1365 |
+want to point out links to numeric IP addresses. Genuine |
1366 |
+links to totally numeric IP addresses are very rare, so this |
1367 |
+option is set to "yes" by default. If a numeric IP |
1368 |
+address is found in a link, the same phishing warning |
1369 |
+message is used as in the Find Phishing Fraud option above. |
1370 |
+This value cannot be the name of a ruleset, only a simple |
1371 |
+yes or no.</p> |
1372 |
+</td> |
1373 |
+</table> |
1374 |
+<!-- INDENTATION --> |
1375 |
+<table width="100%" border=0 rules="none" frame="void" |
1376 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1377 |
+<tr valign="top" align="left"> |
1378 |
+<td width="11%"></td> |
1379 |
+<td width="89%"> |
1380 |
+<p><b>Allow IFrame Tags</b></p></td> |
1381 |
+</table> |
1382 |
+<!-- INDENTATION --> |
1383 |
+<table width="100%" border=0 rules="none" frame="void" |
1384 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1385 |
+<tr valign="top" align="left"> |
1386 |
+<td width="22%"></td> |
1387 |
+<td width="78%"> |
1388 |
+<p>Default: no</p> |
1389 |
+<!-- INDENTATION --> |
1390 |
+<p>Do you want to allow HTML <IFrame> tags in email |
1391 |
+messages? This is not a good idea as it allows various |
1392 |
+Microsoft Outlook security vulnerabilities to go |
1393 |
+unprotected, but if you have a load of mailing lists sending |
1394 |
+them, then you will want to allow them to keep your users |
1395 |
+happy. This can also be the filename of a ruleset, so you |
1396 |
+can allow them from known mailing lists but ban them from |
1397 |
+everywhere else. Possible Values:</p> |
1398 |
+</td> |
1399 |
+</table> |
1400 |
+<!-- TABS --> |
1401 |
+<table width="100%" border=0 rules="none" frame="void" |
1402 |
+ cols="4" cellspacing="0" cellpadding="0"> |
1403 |
+<tr valign="top" align="left"> |
1404 |
+<td width="22%"></td> |
1405 |
+<td width="1%"> |
1406 |
+ |
1407 |
+<p>•</p> |
1408 |
+</td> |
1409 |
+<td width="5%"></td> |
1410 |
+<td width="72%"> |
1411 |
+ |
1412 |
+<p>yes => Allow these tags to be in the message</p> |
1413 |
+</td> |
1414 |
+<tr valign="top" align="left"> |
1415 |
+<td width="22%"></td> |
1416 |
+<td width="1%"> |
1417 |
+ |
1418 |
+<p>•</p> |
1419 |
+</td> |
1420 |
+<td width="5%"></td> |
1421 |
+<td width="72%"> |
1422 |
+ |
1423 |
+<p>no => Ban messages containing these tags</p> |
1424 |
+</td> |
1425 |
+<tr valign="top" align="left"> |
1426 |
+<td width="22%"></td> |
1427 |
+<td width="1%"> |
1428 |
+ |
1429 |
+<p>•</p> |
1430 |
+</td> |
1431 |
+<td width="5%"></td> |
1432 |
+<td width="72%"> |
1433 |
+ |
1434 |
+<p>disarm => Allow these tags, but stop these tags from |
1435 |
+working</p> |
1436 |
+</td> |
1437 |
+</table> |
1438 |
+<!-- INDENTATION --> |
1439 |
+<table width="100%" border=0 rules="none" frame="void" |
1440 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1441 |
+<tr valign="top" align="left"> |
1442 |
+<td width="11%"></td> |
1443 |
+<td width="89%"> |
1444 |
+<p><b>Log IFrame Tags</b></p></td> |
1445 |
+</table> |
1446 |
+<!-- INDENTATION --> |
1447 |
+<table width="100%" border=0 rules="none" frame="void" |
1448 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1449 |
+<tr valign="top" align="left"> |
1450 |
+<td width="22%"></td> |
1451 |
+<td width="78%"> |
1452 |
+<p>Default: no</p></td> |
1453 |
+</table> |
1454 |
+<!-- INDENTATION --> |
1455 |
+<table width="100%" border=0 rules="none" frame="void" |
1456 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1457 |
+<tr valign="top" align="left"> |
1458 |
+<td width="28%"></td> |
1459 |
+<td width="72%"> |
1460 |
+<p>You may receive complaints from your users that HTML |
1461 |
+mailing lists they subscribe to have been stopped by the |
1462 |
+"Allow IFrame Tags" option above. So before you |
1463 |
+use the option above, set this option to "yes" and |
1464 |
+MailScanner will log the senders all messages which contain |
1465 |
+IFrame tags. You can then setup a ruleset for the option |
1466 |
+above which will allow IFrame tags in messages sent by well |
1467 |
+known (and trusted) mailing lists, while banning them from |
1468 |
+everywhere else.</p> |
1469 |
+</td> |
1470 |
+</table> |
1471 |
+<!-- INDENTATION --> |
1472 |
+<table width="100%" border=0 rules="none" frame="void" |
1473 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1474 |
+<tr valign="top" align="left"> |
1475 |
+<td width="11%"></td> |
1476 |
+<td width="89%"> |
1477 |
+<p><b>Allow Form Tags</b></p></td> |
1478 |
+</table> |
1479 |
+<!-- INDENTATION --> |
1480 |
+<table width="100%" border=0 rules="none" frame="void" |
1481 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1482 |
+<tr valign="top" align="left"> |
1483 |
+<td width="22%"></td> |
1484 |
+<td width="78%"> |
1485 |
+<p>Default: disarm</p> |
1486 |
+<!-- INDENTATION --> |
1487 |
+<p>Do you want to allow <Form> tags in email messages? |
1488 |
+This is a bad idea as these are used as scams to persuade |
1489 |
+people to part with credit card information and other |
1490 |
+personal data. This can also be the filename of a ruleset. |
1491 |
+Possible values:</p> |
1492 |
+</td> |
1493 |
+</table> |
1494 |
+<!-- TABS --> |
1495 |
+<table width="100%" border=0 rules="none" frame="void" |
1496 |
+ cols="4" cellspacing="0" cellpadding="0"> |
1497 |
+<tr valign="top" align="left"> |
1498 |
+<td width="22%"></td> |
1499 |
+<td width="1%"> |
1500 |
+ |
1501 |
+<p>•</p> |
1502 |
+</td> |
1503 |
+<td width="5%"></td> |
1504 |
+<td width="72%"> |
1505 |
+ |
1506 |
+<p>yes => Allow these tags to be in the message</p> |
1507 |
+</td> |
1508 |
+<tr valign="top" align="left"> |
1509 |
+<td width="22%"></td> |
1510 |
+<td width="1%"> |
1511 |
+ |
1512 |
+<p>•</p> |
1513 |
+</td> |
1514 |
+<td width="5%"></td> |
1515 |
+<td width="72%"> |
1516 |
+ |
1517 |
+<p>no => Ban messages containing these tags</p> |
1518 |
+</td> |
1519 |
+<tr valign="top" align="left"> |
1520 |
+<td width="22%"></td> |
1521 |
+<td width="1%"> |
1522 |
+ |
1523 |
+<p>•</p> |
1524 |
+</td> |
1525 |
+<td width="5%"></td> |
1526 |
+<td width="72%"> |
1527 |
+ |
1528 |
+<p>disarm => Allow these tags, but stop these tags from |
1529 |
+working</p> |
1530 |
+</td> |
1531 |
+</table> |
1532 |
+<!-- INDENTATION --> |
1533 |
+<table width="100%" border=0 rules="none" frame="void" |
1534 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1535 |
+<tr valign="top" align="left"> |
1536 |
+<td width="11%"></td> |
1537 |
+<td width="89%"> |
1538 |
+<p><b>Allow Script Tags</b></p></td> |
1539 |
+</table> |
1540 |
+<!-- INDENTATION --> |
1541 |
+<table width="100%" border=0 rules="none" frame="void" |
1542 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1543 |
+<tr valign="top" align="left"> |
1544 |
+<td width="22%"></td> |
1545 |
+<td width="78%"> |
1546 |
+<p>Default: no</p></td> |
1547 |
+</table> |
1548 |
+<!-- INDENTATION --> |
1549 |
+<table width="100%" border=0 rules="none" frame="void" |
1550 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1551 |
+<tr valign="top" align="left"> |
1552 |
+<td width="28%"></td> |
1553 |
+<td width="72%"> |
1554 |
+<p>Do you want to allow <Script> tags in email |
1555 |
+messages? This is a bad idea as these are used to exploit |
1556 |
+vulnerabilities in email applications and web browsers. This |
1557 |
+can also be the filename of a ruleset. Possible |
1558 |
+values:</p></td> |
1559 |
+</table> |
1560 |
+<!-- TABS --> |
1561 |
+<table width="100%" border=0 rules="none" frame="void" |
1562 |
+ cols="4" cellspacing="0" cellpadding="0"> |
1563 |
+<tr valign="top" align="left"> |
1564 |
+<td width="22%"></td> |
1565 |
+<td width="1%"> |
1566 |
+ |
1567 |
+<p>•</p> |
1568 |
+</td> |
1569 |
+<td width="5%"></td> |
1570 |
+<td width="72%"> |
1571 |
+ |
1572 |
+<p>yes => Allow these tags to be in the message</p> |
1573 |
+</td> |
1574 |
+<tr valign="top" align="left"> |
1575 |
+<td width="22%"></td> |
1576 |
+<td width="1%"> |
1577 |
+ |
1578 |
+<p>•</p> |
1579 |
+</td> |
1580 |
+<td width="5%"></td> |
1581 |
+<td width="72%"> |
1582 |
+ |
1583 |
+<p>no => Ban messages containing these tags</p> |
1584 |
+</td> |
1585 |
+<tr valign="top" align="left"> |
1586 |
+<td width="22%"></td> |
1587 |
+<td width="1%"> |
1588 |
+ |
1589 |
+<p>•</p> |
1590 |
+</td> |
1591 |
+<td width="5%"></td> |
1592 |
+<td width="72%"> |
1593 |
+ |
1594 |
+<p>disarm => Allow these tags, but stop these tags from |
1595 |
+working</p> |
1596 |
+</td> |
1597 |
+</table> |
1598 |
+<!-- INDENTATION --> |
1599 |
+<table width="100%" border=0 rules="none" frame="void" |
1600 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1601 |
+<tr valign="top" align="left"> |
1602 |
+<td width="11%"></td> |
1603 |
+<td width="89%"> |
1604 |
+<p><b>Allow WebBugs</b></p></td> |
1605 |
+</table> |
1606 |
+<!-- INDENTATION --> |
1607 |
+<table width="100%" border=0 rules="none" frame="void" |
1608 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1609 |
+<tr valign="top" align="left"> |
1610 |
+<td width="22%"></td> |
1611 |
+<td width="78%"> |
1612 |
+<p>Default: disarm</p></td> |
1613 |
+</table> |
1614 |
+<!-- INDENTATION --> |
1615 |
+<table width="100%" border=0 rules="none" frame="void" |
1616 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1617 |
+<tr valign="top" align="left"> |
1618 |
+<td width="28%"></td> |
1619 |
+<td width="72%"> |
1620 |
+<p>Do you want to allow <Img> tags with very small |
1621 |
+images in email messages? This is a bad idea as these are |
1622 |
+used as ’web bugs’ to find out if a message has |
1623 |
+been read. It is not dangerous, it is just used to make you |
1624 |
+give away information. This can also be the filename of a |
1625 |
+ruleset. Possible values:</p></td> |
1626 |
+</table> |
1627 |
+<!-- TABS --> |
1628 |
+<table width="100%" border=0 rules="none" frame="void" |
1629 |
+ cols="4" cellspacing="0" cellpadding="0"> |
1630 |
+<tr valign="top" align="left"> |
1631 |
+<td width="22%"></td> |
1632 |
+<td width="1%"> |
1633 |
+ |
1634 |
+<p>•</p> |
1635 |
+</td> |
1636 |
+<td width="5%"></td> |
1637 |
+<td width="72%"> |
1638 |
+ |
1639 |
+<p>yes => Allow these tags to be in the message</p> |
1640 |
+</td> |
1641 |
+<tr valign="top" align="left"> |
1642 |
+<td width="22%"></td> |
1643 |
+<td width="1%"> |
1644 |
+ |
1645 |
+<p>•</p> |
1646 |
+</td> |
1647 |
+<td width="5%"></td> |
1648 |
+<td width="72%"> |
1649 |
+ |
1650 |
+<p>no => Ban messages containing these tags</p> |
1651 |
+</td> |
1652 |
+<tr valign="top" align="left"> |
1653 |
+<td width="22%"></td> |
1654 |
+<td width="1%"> |
1655 |
+ |
1656 |
+<p>•</p> |
1657 |
+</td> |
1658 |
+<td width="5%"></td> |
1659 |
+<td width="72%"> |
1660 |
+ |
1661 |
+<p>disarm => Allow these tags, but stop these tags from |
1662 |
+working</p> |
1663 |
+</td> |
1664 |
+</table> |
1665 |
+<!-- INDENTATION --> |
1666 |
+<table width="100%" border=0 rules="none" frame="void" |
1667 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1668 |
+<tr valign="top" align="left"> |
1669 |
+<td width="11%"></td> |
1670 |
+<td width="89%"> |
1671 |
+<p><b>Allow Object Codebase Tags</b></p></td> |
1672 |
+</table> |
1673 |
+<!-- INDENTATION --> |
1674 |
+<table width="100%" border=0 rules="none" frame="void" |
1675 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1676 |
+<tr valign="top" align="left"> |
1677 |
+<td width="22%"></td> |
1678 |
+<td width="78%"> |
1679 |
+<p>Default: no</p></td> |
1680 |
+</table> |
1681 |
+<!-- INDENTATION --> |
1682 |
+<table width="100%" border=0 rules="none" frame="void" |
1683 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1684 |
+<tr valign="top" align="left"> |
1685 |
+<td width="28%"></td> |
1686 |
+<td width="72%"> |
1687 |
+<p>Do you want to allow <Object Codebase=...> tags in |
1688 |
+email messages? This is a bad idea as it leaves you |
1689 |
+unprotected against various Microsoft−specific |
1690 |
+security vulnerabilities. But if your users demand it, you |
1691 |
+can do it. This can also be the filename of a ruleset. |
1692 |
+Possible values:</p></td> |
1693 |
+</table> |
1694 |
+<!-- TABS --> |
1695 |
+<table width="100%" border=0 rules="none" frame="void" |
1696 |
+ cols="4" cellspacing="0" cellpadding="0"> |
1697 |
+<tr valign="top" align="left"> |
1698 |
+<td width="22%"></td> |
1699 |
+<td width="1%"> |
1700 |
+ |
1701 |
+<p>•</p> |
1702 |
+</td> |
1703 |
+<td width="5%"></td> |
1704 |
+<td width="72%"> |
1705 |
+ |
1706 |
+<p>yes => Allow these tags to be in the message</p> |
1707 |
+</td> |
1708 |
+<tr valign="top" align="left"> |
1709 |
+<td width="22%"></td> |
1710 |
+<td width="1%"> |
1711 |
+ |
1712 |
+<p>•</p> |
1713 |
+</td> |
1714 |
+<td width="5%"></td> |
1715 |
+<td width="72%"> |
1716 |
+ |
1717 |
+<p>no => Ban messages containing these tags</p> |
1718 |
+</td> |
1719 |
+<tr valign="top" align="left"> |
1720 |
+<td width="22%"></td> |
1721 |
+<td width="1%"> |
1722 |
+ |
1723 |
+<p>•</p> |
1724 |
+</td> |
1725 |
+<td width="5%"></td> |
1726 |
+<td width="72%"> |
1727 |
+ |
1728 |
+<p>disarm => Allow these tags, but stop these tags from |
1729 |
+working</p> |
1730 |
+</td> |
1731 |
+</table> |
1732 |
+<!-- INDENTATION --> |
1733 |
+<table width="100%" border=0 rules="none" frame="void" |
1734 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1735 |
+<tr valign="top" align="left"> |
1736 |
+<td width="11%"></td> |
1737 |
+<td width="89%"> |
1738 |
+<p><b>Convert Dangerous HTML To Text</b></p></td> |
1739 |
+</table> |
1740 |
+<!-- INDENTATION --> |
1741 |
+<table width="100%" border=0 rules="none" frame="void" |
1742 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1743 |
+<tr valign="top" align="left"> |
1744 |
+<td width="22%"></td> |
1745 |
+<td width="78%"> |
1746 |
+<p>Default: no</p></td> |
1747 |
+</table> |
1748 |
+<!-- INDENTATION --> |
1749 |
+<table width="100%" border=0 rules="none" frame="void" |
1750 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1751 |
+<tr valign="top" align="left"> |
1752 |
+<td width="28%"></td> |
1753 |
+<td width="72%"> |
1754 |
+<p>This option interacts with the "Allow ... Tags" |
1755 |
+options above like this:</p> |
1756 |
+<!-- INDENTATION --> |
1757 |
+<p>Allow...Tags Convert Danger... Action<br> |
1758 |
+============ ================= |
1759 |
+============================<br> |
1760 |
+no no Blocked<br> |
1761 |
+no yes Blocked<br> |
1762 |
+disarm no Specified HTML tags disarmed<br> |
1763 |
+disarm yes Specified HTML tags disarmed<br> |
1764 |
+yes no Nothing<br> |
1765 |
+yes yes All HTML tags stripped</p> |
1766 |
+<!-- INDENTATION --> |
1767 |
+<p>If an "Allow ... Tags = yes" is triggered by a |
1768 |
+message, and this "Convert Dangerous HTML To Text" |
1769 |
+is set to "yes", then the HTML message will be |
1770 |
+converted to plain text. This makes the HTML harmless, while |
1771 |
+still allowing your users to see the text content of the |
1772 |
+messages. Note that all graphical content will be |
1773 |
+removed.</p> |
1774 |
+</td> |
1775 |
+</table> |
1776 |
+<!-- INDENTATION --> |
1777 |
+<table width="100%" border=0 rules="none" frame="void" |
1778 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1779 |
+<tr valign="top" align="left"> |
1780 |
+<td width="11%"></td> |
1781 |
+<td width="89%"> |
1782 |
+<p><b>Convert HTML To Text</b></p></td> |
1783 |
+</table> |
1784 |
+<!-- INDENTATION --> |
1785 |
+<table width="100%" border=0 rules="none" frame="void" |
1786 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1787 |
+<tr valign="top" align="left"> |
1788 |
+<td width="22%"></td> |
1789 |
+<td width="78%"> |
1790 |
+<p>Default: no</p> |
1791 |
+<!-- INDENTATION --> |
1792 |
+<p>If you have users who are children, or who are offended |
1793 |
+by things like pornographic spam email, you can protect them |
1794 |
+by converting incoming HTML email messages into plain text. |
1795 |
+HTML attachments will not be affected. You could set this to |
1796 |
+be a ruleset so you only convert messages addressed to some |
1797 |
+of your users, or not convert messages from some known |
1798 |
+trusted sources. This can be essential if you have a |
1799 |
+"duty of care" for some of your users.</p> |
1800 |
+</td> |
1801 |
+</table> |
1802 |
+<!-- INDENTATION --> |
1803 |
+<table width="100%" border=0 rules="none" frame="void" |
1804 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1805 |
+<tr valign="top" align="left"> |
1806 |
+<td width="11%"></td> |
1807 |
+<td width="89%"> |
1808 |
+<p><b>Allow Form Tags</b></p></td> |
1809 |
+</table> |
1810 |
+<!-- INDENTATION --> |
1811 |
+<table width="100%" border=0 rules="none" frame="void" |
1812 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1813 |
+<tr valign="top" align="left"> |
1814 |
+<td width="22%"></td> |
1815 |
+<td width="78%"> |
1816 |
+<p>Default: no</p> |
1817 |
+<!-- INDENTATION --> |
1818 |
+<p>Do you want to allow <Form> tags in email messages? |
1819 |
+This is a bad idea as these are used as scams to pursuade |
1820 |
+people to part with credit card information and other |
1821 |
+personal data. This can also be the filename of a |
1822 |
+ruleset.</p> |
1823 |
+</td> |
1824 |
+</table> |
1825 |
+<a name="Attachment filename checking"></a> |
1826 |
+<h2>Attachment filename checking</h2> |
1827 |
+<!-- INDENTATION --> |
1828 |
+<table width="100%" border=0 rules="none" frame="void" |
1829 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1830 |
+<tr valign="top" align="left"> |
1831 |
+<td width="11%"></td> |
1832 |
+<td width="89%"> |
1833 |
+<p><b>Filename Rules</b></p></td> |
1834 |
+</table> |
1835 |
+<!-- INDENTATION --> |
1836 |
+<table width="100%" border=0 rules="none" frame="void" |
1837 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1838 |
+<tr valign="top" align="left"> |
1839 |
+<td width="22%"></td> |
1840 |
+<td width="78%"> |
1841 |
+<p>Default: %etc−dir%/filename.rules.conf</p> |
1842 |
+<!-- INDENTATION --> |
1843 |
+<p>File in which to store the attachment filename ruleset. |
1844 |
+This can be a ruleset allowing different filename rules to |
1845 |
+apply to different users or domains. The syntax of this file |
1846 |
+is described in section "Attachment Filename |
1847 |
+Ruleset".</p> |
1848 |
+</td> |
1849 |
+</table> |
1850 |
+<!-- INDENTATION --> |
1851 |
+<table width="100%" border=0 rules="none" frame="void" |
1852 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1853 |
+<tr valign="top" align="left"> |
1854 |
+<td width="11%"></td> |
1855 |
+<td width="89%"> |
1856 |
+<p><b>Filetype Rules</b></p></td> |
1857 |
+</table> |
1858 |
+<!-- INDENTATION --> |
1859 |
+<table width="100%" border=0 rules="none" frame="void" |
1860 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1861 |
+<tr valign="top" align="left"> |
1862 |
+<td width="22%"></td> |
1863 |
+<td width="78%"> |
1864 |
+<p>Default: %etc−dir%/filetype.rules.conf</p> |
1865 |
+<!-- INDENTATION --> |
1866 |
+<p>Set where to find the attachment filetype ruleset. The |
1867 |
+structure of this file is explained elsewhere, but it is |
1868 |
+used to accept or reject file attachments based on their |
1869 |
+content as determined by the "file" command, |
1870 |
+regardless of whether they are infected or not. This can |
1871 |
+also point to a ruleset, but the ruleset filename must end |
1872 |
+in ".rules" so that MailScanner can determine if |
1873 |
+the filename given a ruleset or not!</p> |
1874 |
+</td> |
1875 |
+</table> |
1876 |
+<a name="Reports and responses"></a> |
1877 |
+<h2>Reports and responses</h2> |
1878 |
+<!-- INDENTATION --> |
1879 |
+<table width="100%" border=0 rules="none" frame="void" |
1880 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1881 |
+<tr valign="top" align="left"> |
1882 |
+<td width="11%"></td> |
1883 |
+<td width="89%"> |
1884 |
+<p><b>Quarantine Infections</b></p></td> |
1885 |
+</table> |
1886 |
+<!-- INDENTATION --> |
1887 |
+<table width="100%" border=0 rules="none" frame="void" |
1888 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1889 |
+<tr valign="top" align="left"> |
1890 |
+<td width="22%"></td> |
1891 |
+<td width="78%"> |
1892 |
+<p>Default: yes</p> |
1893 |
+<!-- INDENTATION --> |
1894 |
+<p>Set this to store infected / dangerous attachments in |
1895 |
+directories created under the quarantine directory. Without |
1896 |
+this, they will be deleted. Due to laws on privacy and data |
1897 |
+protection in your country, you may be forced to set this to |
1898 |
+"no".</p> |
1899 |
+</td> |
1900 |
+</table> |
1901 |
+<!-- INDENTATION --> |
1902 |
+<table width="100%" border=0 rules="none" frame="void" |
1903 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1904 |
+<tr valign="top" align="left"> |
1905 |
+<td width="11%"></td> |
1906 |
+<td width="89%"> |
1907 |
+<p><b>Quarantine Silent Viruses</b></p></td> |
1908 |
+</table> |
1909 |
+<!-- INDENTATION --> |
1910 |
+<table width="100%" border=0 rules="none" frame="void" |
1911 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1912 |
+<tr valign="top" align="left"> |
1913 |
+<td width="22%"></td> |
1914 |
+<td width="78%"> |
1915 |
+<p>Default: yes</p> |
1916 |
+<!-- INDENTATION --> |
1917 |
+<p>There is no point quarantining most viruses these days, |
1918 |
+so if you set this to "no" then no infections |
1919 |
+listed in your "Silent Viruses" setting will be |
1920 |
+quarantined, even if you have chosen to quarantine |
1921 |
+infections in general. This is currently set to |
1922 |
+"yes" so the behaviour is the same as it was in in |
1923 |
+previous versions. This can also be the filename of a |
1924 |
+ruleset.</p> |
1925 |
+</td> |
1926 |
+</table> |
1927 |
+<!-- INDENTATION --> |
1928 |
+<table width="100%" border=0 rules="none" frame="void" |
1929 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1930 |
+<tr valign="top" align="left"> |
1931 |
+<td width="11%"></td> |
1932 |
+<td width="89%"> |
1933 |
+<p><b>Quarantine Whole Message</b></p></td> |
1934 |
+</table> |
1935 |
+<!-- INDENTATION --> |
1936 |
+<table width="100%" border=0 rules="none" frame="void" |
1937 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1938 |
+<tr valign="top" align="left"> |
1939 |
+<td width="22%"></td> |
1940 |
+<td width="78%"> |
1941 |
+<p>Default: no</p> |
1942 |
+<!-- INDENTATION --> |
1943 |
+<p>When an infected message is stored in the quarantine, a |
1944 |
+copy of the entire message will be saved, in addition to |
1945 |
+copies of the infected attachments.</p> |
1946 |
+</td> |
1947 |
+</table> |
1948 |
+<!-- INDENTATION --> |
1949 |
+<table width="100%" border=0 rules="none" frame="void" |
1950 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1951 |
+<tr valign="top" align="left"> |
1952 |
+<td width="11%"></td> |
1953 |
+<td width="89%"> |
1954 |
+<p><b>Quarantine Whole Messages As Queue Files</b></p></td> |
1955 |
+</table> |
1956 |
+<!-- INDENTATION --> |
1957 |
+<table width="100%" border=0 rules="none" frame="void" |
1958 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1959 |
+<tr valign="top" align="left"> |
1960 |
+<td width="22%"></td> |
1961 |
+<td width="78%"> |
1962 |
+<p>Default: no</p> |
1963 |
+<!-- INDENTATION --> |
1964 |
+<p>When an entire message is saved in the quarantine for any |
1965 |
+reason, do you want to save it as the raw data files out of |
1966 |
+the mail queue (which can be processed with the df2mbox |
1967 |
+script, and which is easier to send to its original |
1968 |
+recipients), or do you want a conventional message file |
1969 |
+consisting of the header followed by the body of the |
1970 |
+message. If the previous option is switched off, then this |
1971 |
+will only affect archived mail and quarantined spam. If the |
1972 |
+previous option is on, then this also affects quarantined |
1973 |
+infections.</p> |
1974 |
+</td> |
1975 |
+</table> |
1976 |
+<!-- INDENTATION --> |
1977 |
+<table width="100%" border=0 rules="none" frame="void" |
1978 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1979 |
+<tr valign="top" align="left"> |
1980 |
+<td width="11%"></td> |
1981 |
+<td width="89%"> |
1982 |
+<p><b>Keep Spam And MCP Archive Clean</b></p></td> |
1983 |
+</table> |
1984 |
+<!-- INDENTATION --> |
1985 |
+<table width="100%" border=0 rules="none" frame="void" |
1986 |
+ cols="2" cellspacing="0" cellpadding="0"> |
1987 |
+<tr valign="top" align="left"> |
1988 |
+<td width="22%"></td> |
1989 |
+<td width="78%"> |
1990 |
+<p>Default: no</p> |
1991 |
+<!-- INDENTATION --> |
1992 |
+<p>Do you want to stop any virus−infected spam getting |
1993 |
+into the spam or MCP archives? If you have a system where |
1994 |
+users can release messages from the spam or MCP archives, |
1995 |
+then you probably want to stop them being able to release |
1996 |
+any infected messages, so set this to yes. It is set to no |
1997 |
+by default as it causes a small hit in performance, and many |
1998 |
+people don’t allow users to access the spam |
1999 |
+quarantine, so don’t need it. This can also be the |
2000 |
+filename of a ruleset.</p> |
2001 |
+</td> |
2002 |
+</table> |
2003 |
+<!-- INDENTATION --> |
2004 |
+<table width="100%" border=0 rules="none" frame="void" |
2005 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2006 |
+<tr valign="top" align="left"> |
2007 |
+<td width="11%"></td> |
2008 |
+<td width="89%"> |
2009 |
+<p><b>Language Strings</b></p></td> |
2010 |
+</table> |
2011 |
+<!-- INDENTATION --> |
2012 |
+<table width="100%" border=0 rules="none" frame="void" |
2013 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2014 |
+<tr valign="top" align="left"> |
2015 |
+<td width="22%"></td> |
2016 |
+<td width="78%"> |
2017 |
+<p>Default: %reports−dir%/languages.conf</p> |
2018 |
+<!-- INDENTATION --> |
2019 |
+<p>Set where to find all the strings used so they can be |
2020 |
+translated into your local language. This can also be the |
2021 |
+filename of a ruleset so you can produce different languages |
2022 |
+for different messages.</p> |
2023 |
+</td> |
2024 |
+</table> |
2025 |
+<!-- INDENTATION --> |
2026 |
+<table width="100%" border=0 rules="none" frame="void" |
2027 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2028 |
+<tr valign="top" align="left"> |
2029 |
+<td width="11%"></td> |
2030 |
+<td width="89%"> |
2031 |
+<p><b>Deleted Bad Filename Message Report</b></p></td> |
2032 |
+</table> |
2033 |
+<!-- INDENTATION --> |
2034 |
+<table width="100%" border=0 rules="none" frame="void" |
2035 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2036 |
+<tr valign="top" align="left"> |
2037 |
+<td width="22%"></td> |
2038 |
+<td width="78%"> |
2039 |
+<p>Default: |
2040 |
+%reports−dir%/deleted.filename.message.txt</p> |
2041 |
+<!-- INDENTATION --> |
2042 |
+<p>When an attachment is deleted from a message because the |
2043 |
+filename failed the filename rules in force for the message, |
2044 |
+it is replaced by the contents of this file. A few variable |
2045 |
+substitutions can be made in this file, an example of each |
2046 |
+of which is contained in the supplied sample file.</p> |
2047 |
+</td> |
2048 |
+</table> |
2049 |
+<!-- INDENTATION --> |
2050 |
+<table width="100%" border=0 rules="none" frame="void" |
2051 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2052 |
+<tr valign="top" align="left"> |
2053 |
+<td width="11%"></td> |
2054 |
+<td width="89%"> |
2055 |
+<p><b>Deleted Virus Message Report</b></p></td> |
2056 |
+</table> |
2057 |
+<!-- INDENTATION --> |
2058 |
+<table width="100%" border=0 rules="none" frame="void" |
2059 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2060 |
+<tr valign="top" align="left"> |
2061 |
+<td width="22%"></td> |
2062 |
+<td width="78%"> |
2063 |
+<p>Default: |
2064 |
+%reports−dir%/deleted.virus.message.txt</p> |
2065 |
+<!-- INDENTATION --> |
2066 |
+<p>When an attachment is deleted from a message because the |
2067 |
+attachment contained a virus or other dangerous content, it |
2068 |
+is replaced by the contents of this file. A few variable |
2069 |
+substitutions can be made in this file, an example of each |
2070 |
+of which is contained in the supplied sample file.</p> |
2071 |
+</td> |
2072 |
+</table> |
2073 |
+<!-- INDENTATION --> |
2074 |
+<table width="100%" border=0 rules="none" frame="void" |
2075 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2076 |
+<tr valign="top" align="left"> |
2077 |
+<td width="11%"></td> |
2078 |
+<td width="89%"> |
2079 |
+<p><b>Stored Bad Filename Message Report</b></p></td> |
2080 |
+</table> |
2081 |
+<!-- INDENTATION --> |
2082 |
+<table width="100%" border=0 rules="none" frame="void" |
2083 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2084 |
+<tr valign="top" align="left"> |
2085 |
+<td width="22%"></td> |
2086 |
+<td width="78%"> |
2087 |
+<p>Default: |
2088 |
+%reports−dir%/stored.filename.message.txt</p> |
2089 |
+<!-- INDENTATION --> |
2090 |
+<p>When an attachment is deleted and stored from a message |
2091 |
+(and the attachment has been stored in the quarantine) |
2092 |
+because the filename failed the filename rules in force for |
2093 |
+the message, it is replaced by the contents of this file. A |
2094 |
+few variable substitutions can be made in this file, an |
2095 |
+example of each of which is contained in the supplied sample |
2096 |
+file.</p> |
2097 |
+</td> |
2098 |
+</table> |
2099 |
+<!-- INDENTATION --> |
2100 |
+<table width="100%" border=0 rules="none" frame="void" |
2101 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2102 |
+<tr valign="top" align="left"> |
2103 |
+<td width="11%"></td> |
2104 |
+<td width="89%"> |
2105 |
+<p><b>Deleted Bad Content Message Report</b></p></td> |
2106 |
+</table> |
2107 |
+<!-- INDENTATION --> |
2108 |
+<table width="100%" border=0 rules="none" frame="void" |
2109 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2110 |
+<tr valign="top" align="left"> |
2111 |
+<td width="22%"></td> |
2112 |
+<td width="78%"> |
2113 |
+<p>Default: |
2114 |
+/%reports−dir%/deleted.content.message.txt</p> |
2115 |
+<!-- INDENTATION --> |
2116 |
+<p>This report is sent when a message is deleted because it |
2117 |
+contained bad or dangerous content. A few variable |
2118 |
+substitutions can be made in this file, an example of each |
2119 |
+of which is contained in the supplied sample file.</p> |
2120 |
+</td> |
2121 |
+</table> |
2122 |
+<!-- INDENTATION --> |
2123 |
+<table width="100%" border=0 rules="none" frame="void" |
2124 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2125 |
+<tr valign="top" align="left"> |
2126 |
+<td width="11%"></td> |
2127 |
+<td width="89%"> |
2128 |
+<p><b>Stored Bad Content Message Report</b></p></td> |
2129 |
+</table> |
2130 |
+<!-- INDENTATION --> |
2131 |
+<table width="100%" border=0 rules="none" frame="void" |
2132 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2133 |
+<tr valign="top" align="left"> |
2134 |
+<td width="22%"></td> |
2135 |
+<td width="78%"> |
2136 |
+<p>Default: |
2137 |
+%reports−dir%/stored.content.message.txt</p> |
2138 |
+<!-- INDENTATION --> |
2139 |
+<p>This report is sent when a message is stored because it |
2140 |
+contained bad or dangerous content. A few variable |
2141 |
+substitutions can be made in this file, an example of each |
2142 |
+of which is contained in the supplied sample file.</p> |
2143 |
+</td> |
2144 |
+</table> |
2145 |
+<!-- INDENTATION --> |
2146 |
+<table width="100%" border=0 rules="none" frame="void" |
2147 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2148 |
+<tr valign="top" align="left"> |
2149 |
+<td width="11%"></td> |
2150 |
+<td width="89%"> |
2151 |
+<p><b>Disinfected Report</b></p></td> |
2152 |
+</table> |
2153 |
+<!-- INDENTATION --> |
2154 |
+<table width="100%" border=0 rules="none" frame="void" |
2155 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2156 |
+<tr valign="top" align="left"> |
2157 |
+<td width="22%"></td> |
2158 |
+<td width="78%"> |
2159 |
+<p>Default: %reports−dir%/disinfected.report.txt</p> |
2160 |
+<!-- INDENTATION --> |
2161 |
+<p>When, for example, a Microsoft Word macro virus has been |
2162 |
+safely removed from a document, leaving the original |
2163 |
+document intact, it is delivered on to the original |
2164 |
+recipient. The contents of this text file will be put in the |
2165 |
+body of the new message, explaining to the user what has |
2166 |
+happened.</p> |
2167 |
+</td> |
2168 |
+</table> |
2169 |
+<!-- INDENTATION --> |
2170 |
+<table width="100%" border=0 rules="none" frame="void" |
2171 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2172 |
+<tr valign="top" align="left"> |
2173 |
+<td width="11%"></td> |
2174 |
+<td width="89%"> |
2175 |
+<p><b>Inline HTML Signature</b></p></td> |
2176 |
+</table> |
2177 |
+<!-- INDENTATION --> |
2178 |
+<table width="100%" border=0 rules="none" frame="void" |
2179 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2180 |
+<tr valign="top" align="left"> |
2181 |
+<td width="22%"></td> |
2182 |
+<td width="78%"> |
2183 |
+<p>Default: %reports−dir%/inline.sig.html</p> |
2184 |
+<!-- INDENTATION --> |
2185 |
+<p>If the "Sign Clean Messages" option is set, |
2186 |
+then the contents of this file will be appended to the end |
2187 |
+of the body of every message that is scanned by MailScanner. |
2188 |
+You can use this to inform your users that MailScanner has |
2189 |
+scanned it, and you can also add any disclaimers you feel |
2190 |
+should be on mail travelling through your servers. This |
2191 |
+option corresponds to the contents that is appended to HTML |
2192 |
+messages.</p> |
2193 |
+</td> |
2194 |
+</table> |
2195 |
+<!-- INDENTATION --> |
2196 |
+<table width="100%" border=0 rules="none" frame="void" |
2197 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2198 |
+<tr valign="top" align="left"> |
2199 |
+<td width="11%"></td> |
2200 |
+<td width="89%"> |
2201 |
+<p><b>Inline Text Signature</b></p></td> |
2202 |
+</table> |
2203 |
+<!-- INDENTATION --> |
2204 |
+<table width="100%" border=0 rules="none" frame="void" |
2205 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2206 |
+<tr valign="top" align="left"> |
2207 |
+<td width="22%"></td> |
2208 |
+<td width="78%"> |
2209 |
+<p>Default: %reports−dir%/inline.sig.txt</p> |
2210 |
+<!-- INDENTATION --> |
2211 |
+<p>If the "Sign Clean Messages" option is set, |
2212 |
+then the contents of this file will be appended to the end |
2213 |
+of the body of every message that is scanned by MailScanner. |
2214 |
+You can use this to inform your users that MailScanner has |
2215 |
+scanned it, and you can also add any disclaimers you feel |
2216 |
+should be on mail travelling through your servers. This |
2217 |
+option corresponds to the contents that is appended to text |
2218 |
+messages.</p> |
2219 |
+</td> |
2220 |
+</table> |
2221 |
+<!-- INDENTATION --> |
2222 |
+<table width="100%" border=0 rules="none" frame="void" |
2223 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2224 |
+<tr valign="top" align="left"> |
2225 |
+<td width="11%"></td> |
2226 |
+<td width="89%"> |
2227 |
+<p><b>Sender Error Report</b></p></td> |
2228 |
+</table> |
2229 |
+<!-- INDENTATION --> |
2230 |
+<table width="100%" border=0 rules="none" frame="void" |
2231 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2232 |
+<tr valign="top" align="left"> |
2233 |
+<td width="22%"></td> |
2234 |
+<td width="78%"> |
2235 |
+<p>Default: %reports−dir%/sender.error.report.txt</p> |
2236 |
+<!-- INDENTATION --> |
2237 |
+<p>When a message could not be processed completely for some |
2238 |
+reason, such as bad message structure or unreadable |
2239 |
+winmail.dat TNEF attachments, this message is sent back to |
2240 |
+the sender. Read the example file supplied for a |
2241 |
+demonstration of what variables can be used inside the |
2242 |
+file.</p> |
2243 |
+</td> |
2244 |
+</table> |
2245 |
+<!-- INDENTATION --> |
2246 |
+<table width="100%" border=0 rules="none" frame="void" |
2247 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2248 |
+<tr valign="top" align="left"> |
2249 |
+<td width="11%"></td> |
2250 |
+<td width="89%"> |
2251 |
+<p><b>Sender Bad Filename Report</b></p></td> |
2252 |
+</table> |
2253 |
+<!-- INDENTATION --> |
2254 |
+<table width="100%" border=0 rules="none" frame="void" |
2255 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2256 |
+<tr valign="top" align="left"> |
2257 |
+<td width="22%"></td> |
2258 |
+<td width="78%"> |
2259 |
+<p>Default: |
2260 |
+%reports−dir%/sender.filename.report.txt</p> |
2261 |
+<!-- INDENTATION --> |
2262 |
+<p>When an attachment is trapped by the filename rules, this |
2263 |
+message is sent back to the sender.</p> |
2264 |
+</td> |
2265 |
+</table> |
2266 |
+<!-- INDENTATION --> |
2267 |
+<table width="100%" border=0 rules="none" frame="void" |
2268 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2269 |
+<tr valign="top" align="left"> |
2270 |
+<td width="11%"></td> |
2271 |
+<td width="89%"> |
2272 |
+<p><b>Sender Virus Report</b></p></td> |
2273 |
+</table> |
2274 |
+<!-- INDENTATION --> |
2275 |
+<table width="100%" border=0 rules="none" frame="void" |
2276 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2277 |
+<tr valign="top" align="left"> |
2278 |
+<td width="22%"></td> |
2279 |
+<td width="78%"> |
2280 |
+<p>Default: %reports−dir%/sender.virus.report.txt</p> |
2281 |
+<!-- INDENTATION --> |
2282 |
+<p>When an attachment is removed because of a virus, this |
2283 |
+message is sent back to the sender.</p> |
2284 |
+</td> |
2285 |
+</table> |
2286 |
+<!-- INDENTATION --> |
2287 |
+<table width="100%" border=0 rules="none" frame="void" |
2288 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2289 |
+<tr valign="top" align="left"> |
2290 |
+<td width="11%"></td> |
2291 |
+<td width="89%"> |
2292 |
+<p><b>Hide Incoming Work Dir</b></p></td> |
2293 |
+</table> |
2294 |
+<!-- INDENTATION --> |
2295 |
+<table width="100%" border=0 rules="none" frame="void" |
2296 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2297 |
+<tr valign="top" align="left"> |
2298 |
+<td width="22%"></td> |
2299 |
+<td width="78%"> |
2300 |
+<p>Default: yes</p> |
2301 |
+<!-- INDENTATION --> |
2302 |
+<p>When this option is set, the full directory in which the |
2303 |
+virus was found will be removed from report messages sent to |
2304 |
+users. This makes the infection reports a lot easier to |
2305 |
+understand.</p> |
2306 |
+</td> |
2307 |
+</table> |
2308 |
+<!-- INDENTATION --> |
2309 |
+<table width="100%" border=0 rules="none" frame="void" |
2310 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2311 |
+<tr valign="top" align="left"> |
2312 |
+<td width="11%"></td> |
2313 |
+<td width="89%"> |
2314 |
+<p><b>Include Scanner Name in Reports</b></p></td> |
2315 |
+</table> |
2316 |
+<!-- INDENTATION --> |
2317 |
+<table width="100%" border=0 rules="none" frame="void" |
2318 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2319 |
+<tr valign="top" align="left"> |
2320 |
+<td width="22%"></td> |
2321 |
+<td width="78%"> |
2322 |
+<p>Default: yes</p> |
2323 |
+<!-- INDENTATION --> |
2324 |
+<p>Include the name of the virus scanner in each of the |
2325 |
+scanner reports. This also includes the translation of |
2326 |
+"MailScanner" in each of the report lines |
2327 |
+resulting from one of MailScanner’s own checks such as |
2328 |
+filename, filetype or dangerous HTML content. To change the |
2329 |
+name "MailScanner", look in |
2330 |
+reports/...../languages.conf.<br> |
2331 |
+Very useful if you use several virus scanners, but a bad |
2332 |
+idea if you don’t want to let your customers know |
2333 |
+which scanners you use.</p> |
2334 |
+</td> |
2335 |
+</table> |
2336 |
+<a name="Changes to message headers"></a> |
2337 |
+<h2>Changes to message headers</h2> |
2338 |
+<!-- INDENTATION --> |
2339 |
+<table width="100%" border=0 rules="none" frame="void" |
2340 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2341 |
+<tr valign="top" align="left"> |
2342 |
+<td width="11%"></td> |
2343 |
+<td width="89%"> |
2344 |
+<p><b>Mail Header</b></p></td> |
2345 |
+</table> |
2346 |
+<!-- INDENTATION --> |
2347 |
+<table width="100%" border=0 rules="none" frame="void" |
2348 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2349 |
+<tr valign="top" align="left"> |
2350 |
+<td width="22%"></td> |
2351 |
+<td width="78%"> |
2352 |
+<p>Default: X−MailScanner:</p> |
2353 |
+<!-- INDENTATION --> |
2354 |
+<p>Extra header that should be added to all scanned messages |
2355 |
+to show they have been scanned. You might want to add an |
2356 |
+abbreviation of your site name to this, so that you can find |
2357 |
+headers that are added by your MailScanner server.</p> |
2358 |
+</td> |
2359 |
+</table> |
2360 |
+<!-- INDENTATION --> |
2361 |
+<table width="100%" border=0 rules="none" frame="void" |
2362 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2363 |
+<tr valign="top" align="left"> |
2364 |
+<td width="11%"></td> |
2365 |
+<td width="89%"> |
2366 |
+<p><b>Spam Header</b></p></td> |
2367 |
+</table> |
2368 |
+<!-- INDENTATION --> |
2369 |
+<table width="100%" border=0 rules="none" frame="void" |
2370 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2371 |
+<tr valign="top" align="left"> |
2372 |
+<td width="22%"></td> |
2373 |
+<td width="78%"> |
2374 |
+<p>Default: X−MailScanner−SpamCheck:</p> |
2375 |
+<!-- INDENTATION --> |
2376 |
+<p>Name of the header to add to mail detected as spam. The |
2377 |
+text of the header is a list of the causes that think the |
2378 |
+message is spam.</p> |
2379 |
+</td> |
2380 |
+</table> |
2381 |
+<!-- INDENTATION --> |
2382 |
+<table width="100%" border=0 rules="none" frame="void" |
2383 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2384 |
+<tr valign="top" align="left"> |
2385 |
+<td width="11%"></td> |
2386 |
+<td width="89%"> |
2387 |
+<p><b>Spam Score Header</b></p></td> |
2388 |
+</table> |
2389 |
+<!-- INDENTATION --> |
2390 |
+<table width="100%" border=0 rules="none" frame="void" |
2391 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2392 |
+<tr valign="top" align="left"> |
2393 |
+<td width="22%"></td> |
2394 |
+<td width="78%"> |
2395 |
+<p>Default: X−MailScanner−SpamScore:</p> |
2396 |
+<!-- INDENTATION --> |
2397 |
+<p>If the option "Spam Score" is set, this is the |
2398 |
+name of the header that is used to contain the list of |
2399 |
+characters.</p> |
2400 |
+</td> |
2401 |
+</table> |
2402 |
+<!-- INDENTATION --> |
2403 |
+<table width="100%" border=0 rules="none" frame="void" |
2404 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2405 |
+<tr valign="top" align="left"> |
2406 |
+<td width="11%"></td> |
2407 |
+<td width="89%"> |
2408 |
+<p><b>Information Header</b></p></td> |
2409 |
+</table> |
2410 |
+<!-- INDENTATION --> |
2411 |
+<table width="100%" border=0 rules="none" frame="void" |
2412 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2413 |
+<tr valign="top" align="left"> |
2414 |
+<td width="22%"></td> |
2415 |
+<td width="78%"> |
2416 |
+<p>Default: X−MailScanner−Information:</p> |
2417 |
+<!-- INDENTATION --> |
2418 |
+<p>Name of the header to add to all messages, to be used for |
2419 |
+simply providing a URL or contact information for anyone |
2420 |
+receiving mail that has gone through MailScanner. If you do |
2421 |
+not want this header, simply set it blank.</p> |
2422 |
+</td> |
2423 |
+</table> |
2424 |
+<!-- INDENTATION --> |
2425 |
+<table width="100%" border=0 rules="none" frame="void" |
2426 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2427 |
+<tr valign="top" align="left"> |
2428 |
+<td width="11%"></td> |
2429 |
+<td width="89%"> |
2430 |
+<p><b>Add Envelope From Header</b></p></td> |
2431 |
+</table> |
2432 |
+<!-- INDENTATION --> |
2433 |
+<table width="100%" border=0 rules="none" frame="void" |
2434 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2435 |
+<tr valign="top" align="left"> |
2436 |
+<td width="22%"></td> |
2437 |
+<td width="78%"> |
2438 |
+<p>Default: yes</p> |
2439 |
+<!-- INDENTATION --> |
2440 |
+<p>Do you want to add the Envelope−From: header? This |
2441 |
+is very useful for tracking where spam came from as it |
2442 |
+contains the envelope sender address. This can also be the |
2443 |
+filename of a ruleset.</p> |
2444 |
+</td> |
2445 |
+</table> |
2446 |
+<!-- INDENTATION --> |
2447 |
+<table width="100%" border=0 rules="none" frame="void" |
2448 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2449 |
+<tr valign="top" align="left"> |
2450 |
+<td width="11%"></td> |
2451 |
+<td width="89%"> |
2452 |
+<p><b>Add Envelope To Header</b></p></td> |
2453 |
+</table> |
2454 |
+<!-- INDENTATION --> |
2455 |
+<table width="100%" border=0 rules="none" frame="void" |
2456 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2457 |
+<tr valign="top" align="left"> |
2458 |
+<td width="22%"></td> |
2459 |
+<td width="78%"> |
2460 |
+<p>Default: no</p> |
2461 |
+<!-- INDENTATION --> |
2462 |
+<p>Do you want to add the Envelope−To: header? This |
2463 |
+can be useful for tracking span destinations, but should be |
2464 |
+used with care due to possible privacy concerns with the use |
2465 |
+of Bcc: headers by users. This can also be the filename of a |
2466 |
+ruleset.</p> |
2467 |
+</td> |
2468 |
+</table> |
2469 |
+<!-- INDENTATION --> |
2470 |
+<table width="100%" border=0 rules="none" frame="void" |
2471 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2472 |
+<tr valign="top" align="left"> |
2473 |
+<td width="11%"></td> |
2474 |
+<td width="89%"> |
2475 |
+<p><b>Evelope From Header</b></p></td> |
2476 |
+</table> |
2477 |
+<!-- INDENTATION --> |
2478 |
+<table width="100%" border=0 rules="none" frame="void" |
2479 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2480 |
+<tr valign="top" align="left"> |
2481 |
+<td width="22%"></td> |
2482 |
+<td width="78%"> |
2483 |
+<p>Default: |
2484 |
+X−%org−name%−MailScanner−From:</p> |
2485 |
+<!-- INDENTATION --> |
2486 |
+<p>This is the name of the Envelope From header controlled |
2487 |
+by the option above. This can also be the filename of a |
2488 |
+ruleset.</p> |
2489 |
+</td> |
2490 |
+</table> |
2491 |
+<!-- INDENTATION --> |
2492 |
+<table width="100%" border=0 rules="none" frame="void" |
2493 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2494 |
+<tr valign="top" align="left"> |
2495 |
+<td width="11%"></td> |
2496 |
+<td width="89%"> |
2497 |
+<p><b>Evelope To Header</b></p></td> |
2498 |
+</table> |
2499 |
+<!-- INDENTATION --> |
2500 |
+<table width="100%" border=0 rules="none" frame="void" |
2501 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2502 |
+<tr valign="top" align="left"> |
2503 |
+<td width="22%"></td> |
2504 |
+<td width="78%"> |
2505 |
+<p>Default: |
2506 |
+X−%org−name%−MailScanner−To:</p> |
2507 |
+<!-- INDENTATION --> |
2508 |
+<p>This is the name of the Envelope To header controlled by |
2509 |
+the option above. This can also be the filename of a |
2510 |
+ruleset.</p> |
2511 |
+</td> |
2512 |
+</table> |
2513 |
+<!-- INDENTATION --> |
2514 |
+<table width="100%" border=0 rules="none" frame="void" |
2515 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2516 |
+<tr valign="top" align="left"> |
2517 |
+<td width="11%"></td> |
2518 |
+<td width="89%"> |
2519 |
+<p><b>Detailed Spam Report</b></p></td> |
2520 |
+</table> |
2521 |
+<!-- INDENTATION --> |
2522 |
+<table width="100%" border=0 rules="none" frame="void" |
2523 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2524 |
+<tr valign="top" align="left"> |
2525 |
+<td width="22%"></td> |
2526 |
+<td width="78%"> |
2527 |
+<p>Default: yes</p> |
2528 |
+<!-- INDENTATION --> |
2529 |
+<p>If this is set to yes then you get the normal fully |
2530 |
+detailed spam report in spam messages. If this is set to no |
2531 |
+then you simply get a "spam" or "not |
2532 |
+spam" report. The exact text inserted can be configured |
2533 |
+in the languages.conf file for your language.</p> |
2534 |
+</td> |
2535 |
+</table> |
2536 |
+<!-- INDENTATION --> |
2537 |
+<table width="100%" border=0 rules="none" frame="void" |
2538 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2539 |
+<tr valign="top" align="left"> |
2540 |
+<td width="11%"></td> |
2541 |
+<td width="89%"> |
2542 |
+<p><b>Include Scores In SpamAssassin Report</b></p></td> |
2543 |
+</table> |
2544 |
+<!-- INDENTATION --> |
2545 |
+<table width="100%" border=0 rules="none" frame="void" |
2546 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2547 |
+<tr valign="top" align="left"> |
2548 |
+<td width="22%"></td> |
2549 |
+<td width="78%"> |
2550 |
+<p>Default: yes</p> |
2551 |
+<!-- INDENTATION --> |
2552 |
+<p>Do you want to include the numerical scores in the |
2553 |
+detailed SpamAssassin report, or just list the names of the |
2554 |
+scores?</p> |
2555 |
+</td> |
2556 |
+</table> |
2557 |
+<!-- INDENTATION --> |
2558 |
+<table width="100%" border=0 rules="none" frame="void" |
2559 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2560 |
+<tr valign="top" align="left"> |
2561 |
+<td width="11%"></td> |
2562 |
+<td width="89%"> |
2563 |
+<p><b>Spam Score Character</b></p></td> |
2564 |
+</table> |
2565 |
+<!-- INDENTATION --> |
2566 |
+<table width="100%" border=0 rules="none" frame="void" |
2567 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2568 |
+<tr valign="top" align="left"> |
2569 |
+<td width="22%"></td> |
2570 |
+<td width="78%"> |
2571 |
+<p>Default: s</p> |
2572 |
+<!-- INDENTATION --> |
2573 |
+<p>If the option "Spam Score" is set, this is the |
2574 |
+character that will be repeated in the "Spam Score |
2575 |
+Header", one letter for each point in the SpamAssassin |
2576 |
+score.</p> |
2577 |
+</td> |
2578 |
+</table> |
2579 |
+<!-- INDENTATION --> |
2580 |
+<table width="100%" border=0 rules="none" frame="void" |
2581 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2582 |
+<tr valign="top" align="left"> |
2583 |
+<td width="11%"></td> |
2584 |
+<td width="89%"> |
2585 |
+<p><b>SpamScore Number Instead Of Stars</b></p></td> |
2586 |
+</table> |
2587 |
+<!-- INDENTATION --> |
2588 |
+<table width="100%" border=0 rules="none" frame="void" |
2589 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2590 |
+<tr valign="top" align="left"> |
2591 |
+<td width="22%"></td> |
2592 |
+<td width="78%"> |
2593 |
+<p>Default: no</p> |
2594 |
+<!-- INDENTATION --> |
2595 |
+<p>If this option is set to yes, you will get a |
2596 |
+spam−score header saying just the value of the spam |
2597 |
+score, instead of the row of characters representing the |
2598 |
+score. This can also be the filename of a ruleset.</p> |
2599 |
+</td> |
2600 |
+</table> |
2601 |
+<!-- INDENTATION --> |
2602 |
+<table width="100%" border=0 rules="none" frame="void" |
2603 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2604 |
+<tr valign="top" align="left"> |
2605 |
+<td width="11%"></td> |
2606 |
+<td width="89%"> |
2607 |
+<p><b>Minimum Stars If on Spam List</b></p></td> |
2608 |
+</table> |
2609 |
+<!-- INDENTATION --> |
2610 |
+<table width="100%" border=0 rules="none" frame="void" |
2611 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2612 |
+<tr valign="top" align="left"> |
2613 |
+<td width="22%"></td> |
2614 |
+<td width="78%"> |
2615 |
+<p>Default: 0</p> |
2616 |
+<!-- INDENTATION --> |
2617 |
+<p>This sets the minimum number of "Spam Score |
2618 |
+Characters" which will appear if a message triggered |
2619 |
+the "Spam List" setting but received a very low |
2620 |
+SpamAssassin score. This means that people who only filter |
2621 |
+on the "Spam Stars" will still be able to catch |
2622 |
+messages which receive a very low SpamAssassin score. Set |
2623 |
+this value to 0 to disable it. This can also be the filename |
2624 |
+of a ruleset.</p> |
2625 |
+</td> |
2626 |
+</table> |
2627 |
+<!-- INDENTATION --> |
2628 |
+<table width="100%" border=0 rules="none" frame="void" |
2629 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2630 |
+<tr valign="top" align="left"> |
2631 |
+<td width="11%"></td> |
2632 |
+<td width="89%"> |
2633 |
+<p><b>Clean header Value</b></p></td> |
2634 |
+</table> |
2635 |
+<!-- INDENTATION --> |
2636 |
+<table width="100%" border=0 rules="none" frame="void" |
2637 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2638 |
+<tr valign="top" align="left"> |
2639 |
+<td width="22%"></td> |
2640 |
+<td width="78%"> |
2641 |
+<p>Default: Found to be clean</p> |
2642 |
+<!-- INDENTATION --> |
2643 |
+<p>This is the text that is added to the "Mail |
2644 |
+Header" when a message is found to be clean and free of |
2645 |
+viruses and other dangerous content.</p> |
2646 |
+</td> |
2647 |
+</table> |
2648 |
+<!-- INDENTATION --> |
2649 |
+<table width="100%" border=0 rules="none" frame="void" |
2650 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2651 |
+<tr valign="top" align="left"> |
2652 |
+<td width="11%"></td> |
2653 |
+<td width="89%"> |
2654 |
+<p><b>Infected Header Value</b></p></td> |
2655 |
+</table> |
2656 |
+<!-- INDENTATION --> |
2657 |
+<table width="100%" border=0 rules="none" frame="void" |
2658 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2659 |
+<tr valign="top" align="left"> |
2660 |
+<td width="22%"></td> |
2661 |
+<td width="78%"> |
2662 |
+<p>Default: Found to be infected</p> |
2663 |
+<!-- INDENTATION --> |
2664 |
+<p>This is the text that is added to the "Mail |
2665 |
+Header" when a message is found to be infected with a |
2666 |
+virus or other dangerous content.</p> |
2667 |
+</td> |
2668 |
+</table> |
2669 |
+<!-- INDENTATION --> |
2670 |
+<table width="100%" border=0 rules="none" frame="void" |
2671 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2672 |
+<tr valign="top" align="left"> |
2673 |
+<td width="11%"></td> |
2674 |
+<td width="89%"> |
2675 |
+<p><b>Disinfected Header Value</b></p></td> |
2676 |
+</table> |
2677 |
+<!-- INDENTATION --> |
2678 |
+<table width="100%" border=0 rules="none" frame="void" |
2679 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2680 |
+<tr valign="top" align="left"> |
2681 |
+<td width="22%"></td> |
2682 |
+<td width="78%"> |
2683 |
+<p>Default: Disinfected</p> |
2684 |
+<!-- INDENTATION --> |
2685 |
+<p>This is the text that is added to the "Mail |
2686 |
+Header" of a message that is created by MailScanner to |
2687 |
+contain disinfected documents containing macro viruses that |
2688 |
+could be completely removed, leaving the original document |
2689 |
+intact.</p> |
2690 |
+</td> |
2691 |
+</table> |
2692 |
+<!-- INDENTATION --> |
2693 |
+<table width="100%" border=0 rules="none" frame="void" |
2694 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2695 |
+<tr valign="top" align="left"> |
2696 |
+<td width="11%"></td> |
2697 |
+<td width="89%"> |
2698 |
+<p><b>Information Header Value</b></p></td> |
2699 |
+</table> |
2700 |
+<!-- INDENTATION --> |
2701 |
+<table width="100%" border=0 rules="none" frame="void" |
2702 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2703 |
+<tr valign="top" align="left"> |
2704 |
+<td width="22%"></td> |
2705 |
+<td width="78%"> |
2706 |
+<p>Default: Please contact the ISP for more information</p> |
2707 |
+<!-- INDENTATION --> |
2708 |
+<p>This is the text that is added to the "Information |
2709 |
+Header" of a message that has passed through |
2710 |
+MailScanner at all. It could be used to provide a URL or |
2711 |
+contact address for recipients if they have any queries |
2712 |
+about the messages they have received. If the setting |
2713 |
+"Information Header" is blank, this message will |
2714 |
+not be added to the Mail Header.</p> |
2715 |
+</td> |
2716 |
+</table> |
2717 |
+<!-- INDENTATION --> |
2718 |
+<table width="100%" border=0 rules="none" frame="void" |
2719 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2720 |
+<tr valign="top" align="left"> |
2721 |
+<td width="11%"></td> |
2722 |
+<td width="89%"> |
2723 |
+<p><b>Multiple Headers</b></p></td> |
2724 |
+</table> |
2725 |
+<!-- INDENTATION --> |
2726 |
+<table width="100%" border=0 rules="none" frame="void" |
2727 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2728 |
+<tr valign="top" align="left"> |
2729 |
+<td width="22%"></td> |
2730 |
+<td width="78%"> |
2731 |
+<p>Default: append</p> |
2732 |
+<!-- INDENTATION --> |
2733 |
+<p>When a message passes through more than one MailScanner |
2734 |
+server on your site, they will each try to add their own |
2735 |
+headers. This option controls what should happen when trying |
2736 |
+to add a MailScanner header that already exists in the |
2737 |
+message. Valid options are append (append the new data to |
2738 |
+the existing header), add (add a new header) and replace |
2739 |
+(replace the old data with the new data).</p> |
2740 |
+</td> |
2741 |
+</table> |
2742 |
+<!-- INDENTATION --> |
2743 |
+<table width="100%" border=0 rules="none" frame="void" |
2744 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2745 |
+<tr valign="top" align="left"> |
2746 |
+<td width="11%"></td> |
2747 |
+<td width="89%"> |
2748 |
+<p><b>Hostname</b></p></td> |
2749 |
+</table> |
2750 |
+<!-- INDENTATION --> |
2751 |
+<table width="100%" border=0 rules="none" frame="void" |
2752 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2753 |
+<tr valign="top" align="left"> |
2754 |
+<td width="22%"></td> |
2755 |
+<td width="78%"> |
2756 |
+<p>Default: the MailScanner</p> |
2757 |
+<!-- INDENTATION --> |
2758 |
+<p>This is the name of the MailScanner server that is put in |
2759 |
+messages to users. If you have more than one MailScanner |
2760 |
+server on your site, you will want to change this on each |
2761 |
+server so that you can tell them apart.</p> |
2762 |
+</td> |
2763 |
+</table> |
2764 |
+<!-- INDENTATION --> |
2765 |
+<table width="100%" border=0 rules="none" frame="void" |
2766 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2767 |
+<tr valign="top" align="left"> |
2768 |
+<td width="11%"></td> |
2769 |
+<td width="89%"> |
2770 |
+<p><b>Sign Messages Already Processed</b></p></td> |
2771 |
+</table> |
2772 |
+<!-- INDENTATION --> |
2773 |
+<table width="100%" border=0 rules="none" frame="void" |
2774 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2775 |
+<tr valign="top" align="left"> |
2776 |
+<td width="22%"></td> |
2777 |
+<td width="78%"> |
2778 |
+<p>Default: no</p> |
2779 |
+<!-- INDENTATION --> |
2780 |
+<p>If a message has already been processed by another |
2781 |
+MailScanner server on your site, then the "Inline |
2782 |
+HTML/Text Signature" is not added to the message again |
2783 |
+if this option is set. Without it, you will get one |
2784 |
+signature added for every MailScanner server that processes |
2785 |
+the message.</p> |
2786 |
+</td> |
2787 |
+</table> |
2788 |
+<!-- INDENTATION --> |
2789 |
+<table width="100%" border=0 rules="none" frame="void" |
2790 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2791 |
+<tr valign="top" align="left"> |
2792 |
+<td width="11%"></td> |
2793 |
+<td width="89%"> |
2794 |
+<p><b>Sign Clean Messages</b></p></td> |
2795 |
+</table> |
2796 |
+<!-- INDENTATION --> |
2797 |
+<table width="100%" border=0 rules="none" frame="void" |
2798 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2799 |
+<tr valign="top" align="left"> |
2800 |
+<td width="22%"></td> |
2801 |
+<td width="78%"> |
2802 |
+<p>Default: no</p> |
2803 |
+<!-- INDENTATION --> |
2804 |
+<p>If this option is set, then the "Inline HTML/Text |
2805 |
+Signature" will be added to the end of every clean |
2806 |
+message processed by MailScanner. You can use this to inform |
2807 |
+the recipient that the message has been checked, and also to |
2808 |
+add any legal disclaimer or copyright statement you want to |
2809 |
+add to every message. Using a ruleset for this option, you |
2810 |
+could very simply set it so that only messages leaving your |
2811 |
+site are signed, for example.</p> |
2812 |
+</td> |
2813 |
+</table> |
2814 |
+<!-- INDENTATION --> |
2815 |
+<table width="100%" border=0 rules="none" frame="void" |
2816 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2817 |
+<tr valign="top" align="left"> |
2818 |
+<td width="11%"></td> |
2819 |
+<td width="89%"> |
2820 |
+<p><b>Mark Infected Messages</b></p></td> |
2821 |
+</table> |
2822 |
+<!-- INDENTATION --> |
2823 |
+<table width="100%" border=0 rules="none" frame="void" |
2824 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2825 |
+<tr valign="top" align="left"> |
2826 |
+<td width="22%"></td> |
2827 |
+<td width="78%"> |
2828 |
+<p>Default: yes</p> |
2829 |
+<!-- INDENTATION --> |
2830 |
+<p>If this option is set, then the "Inline HTML/Text |
2831 |
+Warning" is added to the start of every message that is |
2832 |
+found to be infected or has had attachments removed for any |
2833 |
+reason. This can be used to guide the recipients to read the |
2834 |
+infection reports contained in the replacement |
2835 |
+attachments.</p> |
2836 |
+</td> |
2837 |
+</table> |
2838 |
+<!-- INDENTATION --> |
2839 |
+<table width="100%" border=0 rules="none" frame="void" |
2840 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2841 |
+<tr valign="top" align="left"> |
2842 |
+<td width="11%"></td> |
2843 |
+<td width="89%"> |
2844 |
+<p><b>Mark Unscanned Messages</b></p></td> |
2845 |
+</table> |
2846 |
+<!-- INDENTATION --> |
2847 |
+<table width="100%" border=0 rules="none" frame="void" |
2848 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2849 |
+<tr valign="top" align="left"> |
2850 |
+<td width="22%"></td> |
2851 |
+<td width="78%"> |
2852 |
+<p>Default: yes</p> |
2853 |
+<!-- INDENTATION --> |
2854 |
+<p>If this option is set, then any message which is not |
2855 |
+scanned by MailScanner gets the "Mail Header" |
2856 |
+added to it with the string contained in the "Unscanned |
2857 |
+Header Value" option. This can be used to advertise |
2858 |
+your MailScanner service to customers/clients who are |
2859 |
+currently not using it.</p> |
2860 |
+</td> |
2861 |
+</table> |
2862 |
+<!-- INDENTATION --> |
2863 |
+<table width="100%" border=0 rules="none" frame="void" |
2864 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2865 |
+<tr valign="top" align="left"> |
2866 |
+<td width="11%"></td> |
2867 |
+<td width="89%"> |
2868 |
+<p><b>Unscanned Header Value</b></p></td> |
2869 |
+</table> |
2870 |
+<!-- INDENTATION --> |
2871 |
+<table width="100%" border=0 rules="none" frame="void" |
2872 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2873 |
+<tr valign="top" align="left"> |
2874 |
+<td width="22%"></td> |
2875 |
+<td width="78%"> |
2876 |
+<p>Default: Not scanned: please contact your Internet |
2877 |
+E−Mail Service Provider for details</p> |
2878 |
+<!-- INDENTATION --> |
2879 |
+<p>This supplies the text that is placed in the "Mail |
2880 |
+Header" of messages that have not been scanned, if the |
2881 |
+option "Mark Unscanned Messages" is set. It is a |
2882 |
+useful place to advertise your MailScanner service to new |
2883 |
+customers/clients.</p> |
2884 |
+</td> |
2885 |
+</table> |
2886 |
+<!-- INDENTATION --> |
2887 |
+<table width="100%" border=0 rules="none" frame="void" |
2888 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2889 |
+<tr valign="top" align="left"> |
2890 |
+<td width="11%"></td> |
2891 |
+<td width="89%"> |
2892 |
+<p><b>Remove These Headers</b></p></td> |
2893 |
+</table> |
2894 |
+<!-- INDENTATION --> |
2895 |
+<table width="100%" border=0 rules="none" frame="void" |
2896 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2897 |
+<tr valign="top" align="left"> |
2898 |
+<td width="22%"></td> |
2899 |
+<td width="78%"> |
2900 |
+<p>Default:</p> |
2901 |
+<!-- INDENTATION --> |
2902 |
+<p>If any of these headers are included in a a message, they |
2903 |
+will be deleted. This is very useful for removing |
2904 |
+return−receipt requests and any headers which mean |
2905 |
+special things to your email client application, such as # |
2906 |
+X−Mozilla−Status. Each header should end in a |
2907 |
+":", but MailScanner will add it if you forget. |
2908 |
+Headers should be separated by commas or spaces. This can |
2909 |
+also be the filename of a ruleset.</p> |
2910 |
+</td> |
2911 |
+</table> |
2912 |
+<!-- INDENTATION --> |
2913 |
+<table width="100%" border=0 rules="none" frame="void" |
2914 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2915 |
+<tr valign="top" align="left"> |
2916 |
+<td width="11%"></td> |
2917 |
+<td width="89%"> |
2918 |
+<p><b>Deliver Cleaned Messages</b></p></td> |
2919 |
+</table> |
2920 |
+<!-- INDENTATION --> |
2921 |
+<table width="100%" border=0 rules="none" frame="void" |
2922 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2923 |
+<tr valign="top" align="left"> |
2924 |
+<td width="22%"></td> |
2925 |
+<td width="78%"> |
2926 |
+<p>Default: yes</p> |
2927 |
+<!-- INDENTATION --> |
2928 |
+<p>Once a message has had all viruses and dangerous content |
2929 |
+removed from it, it will then be delivered to the original |
2930 |
+recipients if this option is set. If you want the behaviour |
2931 |
+from previous versions of MailScanner that had the |
2932 |
+"Deliver From Local Domains" keyword, then you |
2933 |
+should set this to be a ruleset that only returns |
2934 |
+"yes" for messages destined for inside your site, |
2935 |
+and "no" for messages going out of your site.</p> |
2936 |
+</td> |
2937 |
+</table> |
2938 |
+<a name="Notifications back to the senders of blocked messages"></a> |
2939 |
+<h2>Notifications back to the senders of blocked messages</h2> |
2940 |
+<!-- INDENTATION --> |
2941 |
+<table width="100%" border=0 rules="none" frame="void" |
2942 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2943 |
+<tr valign="top" align="left"> |
2944 |
+<td width="11%"></td> |
2945 |
+<td width="89%"> |
2946 |
+<p><b>Notifiy Senders</b></p></td> |
2947 |
+</table> |
2948 |
+<!-- INDENTATION --> |
2949 |
+<table width="100%" border=0 rules="none" frame="void" |
2950 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2951 |
+<tr valign="top" align="left"> |
2952 |
+<td width="22%"></td> |
2953 |
+<td width="78%"> |
2954 |
+<p>Default: yes</p> |
2955 |
+<!-- INDENTATION --> |
2956 |
+<p>Do you want to notify the people who sent you messages |
2957 |
+containing viruses or badly−named filenames? The |
2958 |
+default value has been changed to "no" as most |
2959 |
+viruses now fake sender addresses and therefore should be on |
2960 |
+the "Silent Viruses" list. This can also be the |
2961 |
+filename of a ruleset.</p> |
2962 |
+</td> |
2963 |
+</table> |
2964 |
+<!-- INDENTATION --> |
2965 |
+<table width="100%" border=0 rules="none" frame="void" |
2966 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2967 |
+<tr valign="top" align="left"> |
2968 |
+<td width="11%"></td> |
2969 |
+<td width="89%"> |
2970 |
+<p><b>Notify Senders Of Blocked Filenames Or |
2971 |
+Filetypes</b></p></td> |
2972 |
+</table> |
2973 |
+<!-- INDENTATION --> |
2974 |
+<table width="100%" border=0 rules="none" frame="void" |
2975 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2976 |
+<tr valign="top" align="left"> |
2977 |
+<td width="22%"></td> |
2978 |
+<td width="78%"> |
2979 |
+<p>Default: yes</p> |
2980 |
+<!-- INDENTATION --> |
2981 |
+<p>*If* "Notify Senders" is set to yes, do you |
2982 |
+want to notify people who sent you messages containing |
2983 |
+attachments that are blocked due to their filename or file |
2984 |
+contents? This can also be the filename of a ruleset.</p> |
2985 |
+</td> |
2986 |
+</table> |
2987 |
+<!-- INDENTATION --> |
2988 |
+<table width="100%" border=0 rules="none" frame="void" |
2989 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2990 |
+<tr valign="top" align="left"> |
2991 |
+<td width="11%"></td> |
2992 |
+<td width="89%"> |
2993 |
+<p><b>Notify Senders Of Other Blocked Content</b></p></td> |
2994 |
+</table> |
2995 |
+<!-- INDENTATION --> |
2996 |
+<table width="100%" border=0 rules="none" frame="void" |
2997 |
+ cols="2" cellspacing="0" cellpadding="0"> |
2998 |
+<tr valign="top" align="left"> |
2999 |
+<td width="22%"></td> |
3000 |
+<td width="78%"> |
3001 |
+<p>Default: yes</p> |
3002 |
+<!-- INDENTATION --> |
3003 |
+<p>*If* "Notify Senders" is set to yes, do you |
3004 |
+want to notify people who sent you messages containing other |
3005 |
+blocked content, such as partial messages or messages with |
3006 |
+external bodies? This can also be the filename of a |
3007 |
+ruleset.</p> |
3008 |
+</td> |
3009 |
+</table> |
3010 |
+<!-- INDENTATION --> |
3011 |
+<table width="100%" border=0 rules="none" frame="void" |
3012 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3013 |
+<tr valign="top" align="left"> |
3014 |
+<td width="11%"></td> |
3015 |
+<td width="89%"> |
3016 |
+<p><b>Notify Senders Of Viruses</b></p></td> |
3017 |
+</table> |
3018 |
+<!-- INDENTATION --> |
3019 |
+<table width="100%" border=0 rules="none" frame="void" |
3020 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3021 |
+<tr valign="top" align="left"> |
3022 |
+<td width="22%"></td> |
3023 |
+<td width="78%"> |
3024 |
+<p>Default: no</p> |
3025 |
+<!-- INDENTATION --> |
3026 |
+<p>*If* "Notify Senders" is set to yes, do you |
3027 |
+want to notify people who sent you messages containing |
3028 |
+viruses? This can also be the filename of a ruleset.</p> |
3029 |
+</td> |
3030 |
+</table> |
3031 |
+<!-- INDENTATION --> |
3032 |
+<table width="100%" border=0 rules="none" frame="void" |
3033 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3034 |
+<tr valign="top" align="left"> |
3035 |
+<td width="11%"></td> |
3036 |
+<td width="89%"> |
3037 |
+<p><b>Never Notify Senders Of Precedence</b></p></td> |
3038 |
+</table> |
3039 |
+<!-- INDENTATION --> |
3040 |
+<table width="100%" border=0 rules="none" frame="void" |
3041 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3042 |
+<tr valign="top" align="left"> |
3043 |
+<td width="22%"></td> |
3044 |
+<td width="78%"> |
3045 |
+<p>Default: list bulk</p> |
3046 |
+<!-- INDENTATION --> |
3047 |
+<p>If you supply a space−separated list of message |
3048 |
+"precedence" settings, then senders of those |
3049 |
+messages will not be warned about anything you rejected. |
3050 |
+This is particularly suitable for mailing lists, so that any |
3051 |
+MailScanner responses do not get sent to the entire |
3052 |
+list.</p> |
3053 |
+</td> |
3054 |
+</table> |
3055 |
+<a name="Changes to subject line"></a> |
3056 |
+<h2>Changes to subject line</h2> |
3057 |
+<!-- INDENTATION --> |
3058 |
+<table width="100%" border=0 rules="none" frame="void" |
3059 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3060 |
+<tr valign="top" align="left"> |
3061 |
+<td width="11%"></td> |
3062 |
+<td width="89%"> |
3063 |
+<p><b>Scanned Modify Subject</b></p></td> |
3064 |
+</table> |
3065 |
+<!-- INDENTATION --> |
3066 |
+<table width="100%" border=0 rules="none" frame="void" |
3067 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3068 |
+<tr valign="top" align="left"> |
3069 |
+<td width="22%"></td> |
3070 |
+<td width="78%"> |
3071 |
+<p>Default: no # end</p> |
3072 |
+<!-- INDENTATION --> |
3073 |
+<p>If this is set to "start" or "end" |
3074 |
+then the "Scanned Subject Text" is inserted at the |
3075 |
+start or the end of the Subject: line. This only happens if |
3076 |
+the Subject: line has not already been modified for any |
3077 |
+other reason.</p> |
3078 |
+</td> |
3079 |
+</table> |
3080 |
+<!-- INDENTATION --> |
3081 |
+<table width="100%" border=0 rules="none" frame="void" |
3082 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3083 |
+<tr valign="top" align="left"> |
3084 |
+<td width="11%"></td> |
3085 |
+<td width="89%"> |
3086 |
+<p><b>Scanned Subject Text</b></p></td> |
3087 |
+</table> |
3088 |
+<!-- INDENTATION --> |
3089 |
+<table width="100%" border=0 rules="none" frame="void" |
3090 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3091 |
+<tr valign="top" align="left"> |
3092 |
+<td width="22%"></td> |
3093 |
+<td width="78%"> |
3094 |
+<p>Default: {Scanned}</p> |
3095 |
+<!-- INDENTATION --> |
3096 |
+<p>This is the text inserted at the start or the end of the |
3097 |
+Subject: line if the "Scanned Modify Subject" |
3098 |
+option above is in effect.</p> |
3099 |
+</td> |
3100 |
+</table> |
3101 |
+<!-- INDENTATION --> |
3102 |
+<table width="100%" border=0 rules="none" frame="void" |
3103 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3104 |
+<tr valign="top" align="left"> |
3105 |
+<td width="11%"></td> |
3106 |
+<td width="89%"> |
3107 |
+<p><b>Virus Modify Subject</b></p></td> |
3108 |
+</table> |
3109 |
+<!-- INDENTATION --> |
3110 |
+<table width="100%" border=0 rules="none" frame="void" |
3111 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3112 |
+<tr valign="top" align="left"> |
3113 |
+<td width="22%"></td> |
3114 |
+<td width="78%"> |
3115 |
+<p>Default: yes</p> |
3116 |
+<!-- INDENTATION --> |
3117 |
+<p>If this is set, then the "Subject:" line of a |
3118 |
+message that was infected with a virus will have the |
3119 |
+"Virus Subject Text" text inserted at the |
3120 |
+start.</p> |
3121 |
+</td> |
3122 |
+</table> |
3123 |
+<!-- INDENTATION --> |
3124 |
+<table width="100%" border=0 rules="none" frame="void" |
3125 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3126 |
+<tr valign="top" align="left"> |
3127 |
+<td width="11%"></td> |
3128 |
+<td width="89%"> |
3129 |
+<p><b>Virus Subject Text</b></p></td> |
3130 |
+</table> |
3131 |
+<!-- INDENTATION --> |
3132 |
+<table width="100%" border=0 rules="none" frame="void" |
3133 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3134 |
+<tr valign="top" align="left"> |
3135 |
+<td width="22%"></td> |
3136 |
+<td width="78%"> |
3137 |
+<p>Default: {Virus?}</p> |
3138 |
+<!-- INDENTATION --> |
3139 |
+<p>This is the text inserted at the start of the |
3140 |
+"Subject:" line if the "Virus Modify |
3141 |
+Subject" option is set.</p> |
3142 |
+</td> |
3143 |
+</table> |
3144 |
+<!-- INDENTATION --> |
3145 |
+<table width="100%" border=0 rules="none" frame="void" |
3146 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3147 |
+<tr valign="top" align="left"> |
3148 |
+<td width="11%"></td> |
3149 |
+<td width="89%"> |
3150 |
+<p><b>Filename Modify Subject</b></p></td> |
3151 |
+</table> |
3152 |
+<!-- INDENTATION --> |
3153 |
+<table width="100%" border=0 rules="none" frame="void" |
3154 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3155 |
+<tr valign="top" align="left"> |
3156 |
+<td width="22%"></td> |
3157 |
+<td width="78%"> |
3158 |
+<p>Default: yes</p> |
3159 |
+<!-- INDENTATION --> |
3160 |
+<p>If this is set, then the "Subject:" line of a |
3161 |
+message that had an attachment with a dangerous filename |
3162 |
+will have the "Filename Subject Text" text |
3163 |
+inserted at the start.</p> |
3164 |
+</td> |
3165 |
+</table> |
3166 |
+<!-- INDENTATION --> |
3167 |
+<table width="100%" border=0 rules="none" frame="void" |
3168 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3169 |
+<tr valign="top" align="left"> |
3170 |
+<td width="11%"></td> |
3171 |
+<td width="89%"> |
3172 |
+<p><b>Filename Subject Text</b></p></td> |
3173 |
+</table> |
3174 |
+<!-- INDENTATION --> |
3175 |
+<table width="100%" border=0 rules="none" frame="void" |
3176 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3177 |
+<tr valign="top" align="left"> |
3178 |
+<td width="22%"></td> |
3179 |
+<td width="78%"> |
3180 |
+<p>Default: {Virus?}</p> |
3181 |
+<!-- INDENTATION --> |
3182 |
+<p>This is the text inserted at the start of the |
3183 |
+"Subject:" line if the "Filename Modify |
3184 |
+Subject" option is set.</p> |
3185 |
+</td> |
3186 |
+</table> |
3187 |
+<!-- INDENTATION --> |
3188 |
+<table width="100%" border=0 rules="none" frame="void" |
3189 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3190 |
+<tr valign="top" align="left"> |
3191 |
+<td width="11%"></td> |
3192 |
+<td width="89%"> |
3193 |
+<p><b>Content Modify Subject</b></p></td> |
3194 |
+</table> |
3195 |
+<!-- INDENTATION --> |
3196 |
+<table width="100%" border=0 rules="none" frame="void" |
3197 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3198 |
+<tr valign="top" align="left"> |
3199 |
+<td width="22%"></td> |
3200 |
+<td width="78%"> |
3201 |
+<p>Default: yes</p> |
3202 |
+<!-- INDENTATION --> |
3203 |
+<p>If this is set, then the "Subject:" line of a |
3204 |
+message that triggered a content check without anything else |
3205 |
+wrong in the message will have the "Content Subject |
3206 |
+Text" text inserted at the start.</p> |
3207 |
+</td> |
3208 |
+</table> |
3209 |
+<!-- INDENTATION --> |
3210 |
+<table width="100%" border=0 rules="none" frame="void" |
3211 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3212 |
+<tr valign="top" align="left"> |
3213 |
+<td width="11%"></td> |
3214 |
+<td width="89%"> |
3215 |
+<p><b>Content Subject Text</b></p></td> |
3216 |
+</table> |
3217 |
+<!-- INDENTATION --> |
3218 |
+<table width="100%" border=0 rules="none" frame="void" |
3219 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3220 |
+<tr valign="top" align="left"> |
3221 |
+<td width="22%"></td> |
3222 |
+<td width="78%"> |
3223 |
+<p>Default: {Filename?}</p> |
3224 |
+<!-- INDENTATION --> |
3225 |
+<p>This is the text inserted at the start of the |
3226 |
+"Subject:" line if the "Content Modify |
3227 |
+Subject" option is set.</p> |
3228 |
+</td> |
3229 |
+</table> |
3230 |
+<!-- INDENTATION --> |
3231 |
+<table width="100%" border=0 rules="none" frame="void" |
3232 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3233 |
+<tr valign="top" align="left"> |
3234 |
+<td width="11%"></td> |
3235 |
+<td width="89%"> |
3236 |
+<p><b>Spam Modify Subject</b></p></td> |
3237 |
+</table> |
3238 |
+<!-- INDENTATION --> |
3239 |
+<table width="100%" border=0 rules="none" frame="void" |
3240 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3241 |
+<tr valign="top" align="left"> |
3242 |
+<td width="22%"></td> |
3243 |
+<td width="78%"> |
3244 |
+<p>Default: yes</p> |
3245 |
+<!-- INDENTATION --> |
3246 |
+<p>If this is set, then the "Subject:" line of a |
3247 |
+message that was determined to be spam will have the |
3248 |
+"Spam Subject Text" text inserted at the |
3249 |
+start.</p> |
3250 |
+</td> |
3251 |
+</table> |
3252 |
+<!-- INDENTATION --> |
3253 |
+<table width="100%" border=0 rules="none" frame="void" |
3254 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3255 |
+<tr valign="top" align="left"> |
3256 |
+<td width="11%"></td> |
3257 |
+<td width="89%"> |
3258 |
+<p><b>Spam Subject Text</b></p></td> |
3259 |
+</table> |
3260 |
+<!-- INDENTATION --> |
3261 |
+<table width="100%" border=0 rules="none" frame="void" |
3262 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3263 |
+<tr valign="top" align="left"> |
3264 |
+<td width="22%"></td> |
3265 |
+<td width="78%"> |
3266 |
+<p>Default: {Spam?}</p> |
3267 |
+<!-- INDENTATION --> |
3268 |
+<p>This is the text to add to the start of the subject if |
3269 |
+the "Spam Modify Subject" option is set. The exact |
3270 |
+string "_SCORE_" will be replaced by the numeric |
3271 |
+SpamAssassin score. This can also be the filename of a |
3272 |
+ruleset.</p> |
3273 |
+</td> |
3274 |
+</table> |
3275 |
+<!-- INDENTATION --> |
3276 |
+<table width="100%" border=0 rules="none" frame="void" |
3277 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3278 |
+<tr valign="top" align="left"> |
3279 |
+<td width="11%"></td> |
3280 |
+<td width="89%"> |
3281 |
+<p><b>High Scroing Spam Modify Subject</b></p></td> |
3282 |
+</table> |
3283 |
+<!-- INDENTATION --> |
3284 |
+<table width="100%" border=0 rules="none" frame="void" |
3285 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3286 |
+<tr valign="top" align="left"> |
3287 |
+<td width="22%"></td> |
3288 |
+<td width="78%"> |
3289 |
+<p>Default: yes</p> |
3290 |
+<!-- INDENTATION --> |
3291 |
+<p>If this is set, then the "Subject:" line of a |
3292 |
+message that was determined to be spam, and had a |
3293 |
+SpamAssassin score greater than the "High SpamAssassin |
3294 |
+Score" will have the "High Scoring Spam Subject |
3295 |
+Text" text inserted at the start.</p> |
3296 |
+</td> |
3297 |
+</table> |
3298 |
+<!-- INDENTATION --> |
3299 |
+<table width="100%" border=0 rules="none" frame="void" |
3300 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3301 |
+<tr valign="top" align="left"> |
3302 |
+<td width="11%"></td> |
3303 |
+<td width="89%"> |
3304 |
+<p><b>High Scoring Spam Subject Text</b></p></td> |
3305 |
+</table> |
3306 |
+<!-- INDENTATION --> |
3307 |
+<table width="100%" border=0 rules="none" frame="void" |
3308 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3309 |
+<tr valign="top" align="left"> |
3310 |
+<td width="22%"></td> |
3311 |
+<td width="78%"> |
3312 |
+<p>Default: {Spam?}</p> |
3313 |
+<!-- INDENTATION --> |
3314 |
+<p>This is just like the "Spam Subject Text" |
3315 |
+option above, except that it applies then the score from |
3316 |
+SpamAssassin is higher than the "High SpamAssassin |
3317 |
+Score" value. The exact string "_SCORE_" will |
3318 |
+be replaced by the numeric SpamAssassin score. This can also |
3319 |
+be the filename of a ruleset.</p> |
3320 |
+</td> |
3321 |
+</table> |
3322 |
+<a name="Changes to the message body"></a> |
3323 |
+<h2>Changes to the message body</h2> |
3324 |
+<!-- INDENTATION --> |
3325 |
+<table width="100%" border=0 rules="none" frame="void" |
3326 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3327 |
+<tr valign="top" align="left"> |
3328 |
+<td width="11%"></td> |
3329 |
+<td width="89%"> |
3330 |
+<p><b>Warning Is Attachment</b></p></td> |
3331 |
+</table> |
3332 |
+<!-- INDENTATION --> |
3333 |
+<table width="100%" border=0 rules="none" frame="void" |
3334 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3335 |
+<tr valign="top" align="left"> |
3336 |
+<td width="22%"></td> |
3337 |
+<td width="78%"> |
3338 |
+<p>Default: yes</p> |
3339 |
+<!-- INDENTATION --> |
3340 |
+<p>When an infected or dangerous attachment is replaced with |
3341 |
+a text message containing the infection report, should the |
3342 |
+replacement be an attachment (yes) or should it be included |
3343 |
+inline in the main text of the message (no).</p> |
3344 |
+</td> |
3345 |
+</table> |
3346 |
+<!-- INDENTATION --> |
3347 |
+<table width="100%" border=0 rules="none" frame="void" |
3348 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3349 |
+<tr valign="top" align="left"> |
3350 |
+<td width="11%"></td> |
3351 |
+<td width="89%"> |
3352 |
+<p><b>Attachment Warning Filename</b></p></td> |
3353 |
+</table> |
3354 |
+<!-- INDENTATION --> |
3355 |
+<table width="100%" border=0 rules="none" frame="void" |
3356 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3357 |
+<tr valign="top" align="left"> |
3358 |
+<td width="22%"></td> |
3359 |
+<td width="78%"> |
3360 |
+<p>Default: |
3361 |
+%org−name%−Attachment−Warning.txt</p> |
3362 |
+<!-- INDENTATION --> |
3363 |
+<p>What an infected or dangerous attachment is replaced with |
3364 |
+a text message containing the infection report, this is the |
3365 |
+filename of the attachment that appears in the message.</p> |
3366 |
+</td> |
3367 |
+</table> |
3368 |
+<!-- INDENTATION --> |
3369 |
+<table width="100%" border=0 rules="none" frame="void" |
3370 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3371 |
+<tr valign="top" align="left"> |
3372 |
+<td width="11%"></td> |
3373 |
+<td width="89%"> |
3374 |
+<p><b>Attachment Encoding Charset</b></p></td> |
3375 |
+</table> |
3376 |
+<!-- INDENTATION --> |
3377 |
+<table width="100%" border=0 rules="none" frame="void" |
3378 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3379 |
+<tr valign="top" align="left"> |
3380 |
+<td width="22%"></td> |
3381 |
+<td width="78%"> |
3382 |
+<p>Default: ISO−8859−1</p> |
3383 |
+<!-- INDENTATION --> |
3384 |
+<p>This is the name of the encoding character set used for |
3385 |
+the contents of "VirusWarning.txt" |
3386 |
+attachments.</p> |
3387 |
+</td> |
3388 |
+</table> |
3389 |
+<a name="Mail archiving and monitoring"></a> |
3390 |
+<h2>Mail archiving and monitoring</h2> |
3391 |
+<!-- INDENTATION --> |
3392 |
+<table width="100%" border=0 rules="none" frame="void" |
3393 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3394 |
+<tr valign="top" align="left"> |
3395 |
+<td width="11%"></td> |
3396 |
+<td width="89%"> |
3397 |
+<p><b>Archive Mail</b></p></td> |
3398 |
+</table> |
3399 |
+<!-- INDENTATION --> |
3400 |
+<table width="100%" border=0 rules="none" frame="void" |
3401 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3402 |
+<tr valign="top" align="left"> |
3403 |
+<td width="22%"></td> |
3404 |
+<td width="78%"> |
3405 |
+<p>Default:</p> |
3406 |
+<!-- INDENTATION --> |
3407 |
+<p>Space−separated list of any combination of</p></td> |
3408 |
+</table> |
3409 |
+<!-- TABS --> |
3410 |
+<table width="100%" border=0 rules="none" frame="void" |
3411 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3412 |
+<tr valign="top" align="left"> |
3413 |
+<td width="29%"></td> |
3414 |
+<td width="71%"> |
3415 |
+ |
3416 |
+<p>1. email addresses to which mail should be |
3417 |
+forwarded,</p> |
3418 |
+</td> |
3419 |
+<tr valign="top" align="left"> |
3420 |
+<td width="29%"></td> |
3421 |
+<td width="71%"> |
3422 |
+ |
3423 |
+<p>2. directory names where you want mail to be stored,</p> |
3424 |
+</td> |
3425 |
+<tr valign="top" align="left"> |
3426 |
+<td width="29%"></td> |
3427 |
+<td width="71%"> |
3428 |
+ |
3429 |
+<p>3. file names to which mail will be appended.</p> |
3430 |
+</td> |
3431 |
+</table> |
3432 |
+<!-- INDENTATION --> |
3433 |
+<table width="100%" border=0 rules="none" frame="void" |
3434 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3435 |
+<tr valign="top" align="left"> |
3436 |
+<td width="22%"></td> |
3437 |
+<td width="78%"> |
3438 |
+<p>The files (option 3) are using the "mbox" |
3439 |
+format suitable for most Unix mail systems. These files must |
3440 |
+already exist since MailScanner will not create them!</p> |
3441 |
+<!-- INDENTATION --> |
3442 |
+<p>If you give this option a ruleset, you can control |
3443 |
+exactly whose mail is archived or forwarded. If you do this, |
3444 |
+beware of the legal implications as this could be deemed to |
3445 |
+be illegal interception unless the police have asked you to |
3446 |
+do this.</p> |
3447 |
+<!-- INDENTATION --> |
3448 |
+<p>Any of the items above can contain the magic string |
3449 |
+_DATE_ in them which will be replaced with the current date |
3450 |
+in yyyymmdd format. This will make archive−rolling and |
3451 |
+maintenance much easier, as you can guarantee that |
3452 |
+yesterday’s mail archive will not be in active use |
3453 |
+today.</p> |
3454 |
+</td> |
3455 |
+</table> |
3456 |
+<a name="Notices to system administrators"></a> |
3457 |
+<h2>Notices to system administrators</h2> |
3458 |
+<!-- INDENTATION --> |
3459 |
+<table width="100%" border=0 rules="none" frame="void" |
3460 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3461 |
+<tr valign="top" align="left"> |
3462 |
+<td width="11%"></td> |
3463 |
+<td width="89%"> |
3464 |
+<p><b>Send Notices</b></p></td> |
3465 |
+</table> |
3466 |
+<!-- INDENTATION --> |
3467 |
+<table width="100%" border=0 rules="none" frame="void" |
3468 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3469 |
+<tr valign="top" align="left"> |
3470 |
+<td width="22%"></td> |
3471 |
+<td width="78%"> |
3472 |
+<p>Default: yes</p> |
3473 |
+<!-- INDENTATION --> |
3474 |
+<p>Should system administrators listed in the "Notices |
3475 |
+To" option be notified of every infection found?</p> |
3476 |
+</td> |
3477 |
+</table> |
3478 |
+<!-- INDENTATION --> |
3479 |
+<table width="100%" border=0 rules="none" frame="void" |
3480 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3481 |
+<tr valign="top" align="left"> |
3482 |
+<td width="11%"></td> |
3483 |
+<td width="89%"> |
3484 |
+<p><b>Notices Include Full Headers</b></p></td> |
3485 |
+</table> |
3486 |
+<!-- INDENTATION --> |
3487 |
+<table width="100%" border=0 rules="none" frame="void" |
3488 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3489 |
+<tr valign="top" align="left"> |
3490 |
+<td width="22%"></td> |
3491 |
+<td width="78%"> |
3492 |
+<p>Default: no</p> |
3493 |
+<!-- INDENTATION --> |
3494 |
+<p>If this option is set, then the system administrator |
3495 |
+notices will include the full headers of every infected |
3496 |
+message. If this option is set to "no" then only a |
3497 |
+restricted set of headers is included in the notices.</p> |
3498 |
+</td> |
3499 |
+</table> |
3500 |
+<!-- INDENTATION --> |
3501 |
+<table width="100%" border=0 rules="none" frame="void" |
3502 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3503 |
+<tr valign="top" align="left"> |
3504 |
+<td width="11%"></td> |
3505 |
+<td width="89%"> |
3506 |
+<p><b>Hide Incoming Work Dir in Notices</b></p></td> |
3507 |
+</table> |
3508 |
+<!-- INDENTATION --> |
3509 |
+<table width="100%" border=0 rules="none" frame="void" |
3510 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3511 |
+<tr valign="top" align="left"> |
3512 |
+<td width="22%"></td> |
3513 |
+<td width="78%"> |
3514 |
+<p>Default: no</p> |
3515 |
+<!-- INDENTATION --> |
3516 |
+<p>When this option is set, the full directory in which the |
3517 |
+virus was found will be removed from report messages sent to |
3518 |
+administrators. This makes the infection reports a lot |
3519 |
+easier to understand. It is also very useful if your notices |
3520 |
+go to your customer sites.</p> |
3521 |
+</td> |
3522 |
+</table> |
3523 |
+<!-- INDENTATION --> |
3524 |
+<table width="100%" border=0 rules="none" frame="void" |
3525 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3526 |
+<tr valign="top" align="left"> |
3527 |
+<td width="11%"></td> |
3528 |
+<td width="89%"> |
3529 |
+<p><b>Notice Signature</b></p></td> |
3530 |
+</table> |
3531 |
+<!-- INDENTATION --> |
3532 |
+<table width="100%" border=0 rules="none" frame="void" |
3533 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3534 |
+<tr valign="top" align="left"> |
3535 |
+<td width="22%"></td> |
3536 |
+<td width="78%"> |
3537 |
+<p>Default: −− \nMailScanner\nEmail Virus |
3538 |
+Scanner\nwww.mailscanner.info</p> |
3539 |
+<!-- INDENTATION --> |
3540 |
+<p>This string is added to the bottom of all system |
3541 |
+administrator notices, and is intended to be the signature |
3542 |
+of your MailScanner system. To insert |
3543 |
+"line−breaks" or "newline" |
3544 |
+characters, use the sequence 0</p> |
3545 |
+</td> |
3546 |
+</table> |
3547 |
+<!-- INDENTATION --> |
3548 |
+<table width="100%" border=0 rules="none" frame="void" |
3549 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3550 |
+<tr valign="top" align="left"> |
3551 |
+<td width="11%"></td> |
3552 |
+<td width="89%"> |
3553 |
+<p><b>Notices From</b></p></td> |
3554 |
+</table> |
3555 |
+<!-- INDENTATION --> |
3556 |
+<table width="100%" border=0 rules="none" frame="void" |
3557 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3558 |
+<tr valign="top" align="left"> |
3559 |
+<td width="22%"></td> |
3560 |
+<td width="78%"> |
3561 |
+<p>Default: MailScanner</p> |
3562 |
+<!-- INDENTATION --> |
3563 |
+<p>The visible part of the email address used in the |
3564 |
+"From:" line of the notices. The |
3565 |
+<user@domain> part of the email address is set to the |
3566 |
+"Local Postmaster" setting.</p> |
3567 |
+</td> |
3568 |
+</table> |
3569 |
+<!-- INDENTATION --> |
3570 |
+<table width="100%" border=0 rules="none" frame="void" |
3571 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3572 |
+<tr valign="top" align="left"> |
3573 |
+<td width="11%"></td> |
3574 |
+<td width="89%"> |
3575 |
+<p><b>Notices To</b></p></td> |
3576 |
+</table> |
3577 |
+<!-- INDENTATION --> |
3578 |
+<table width="100%" border=0 rules="none" frame="void" |
3579 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3580 |
+<tr valign="top" align="left"> |
3581 |
+<td width="22%"></td> |
3582 |
+<td width="78%"> |
3583 |
+<p>Default: postmaster</p> |
3584 |
+<!-- INDENTATION --> |
3585 |
+<p>This option provides a list of the addresses to which |
3586 |
+virus notices should be sent. You may want to set this to be |
3587 |
+a ruleset, providing different notification addresses for |
3588 |
+different domains that you administer.</p> |
3589 |
+</td> |
3590 |
+</table> |
3591 |
+<!-- INDENTATION --> |
3592 |
+<table width="100%" border=0 rules="none" frame="void" |
3593 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3594 |
+<tr valign="top" align="left"> |
3595 |
+<td width="11%"></td> |
3596 |
+<td width="89%"> |
3597 |
+<p><b>Local Postmaster</b></p></td> |
3598 |
+</table> |
3599 |
+<!-- INDENTATION --> |
3600 |
+<table width="100%" border=0 rules="none" frame="void" |
3601 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3602 |
+<tr valign="top" align="left"> |
3603 |
+<td width="22%"></td> |
3604 |
+<td width="78%"> |
3605 |
+<p>Default: postmaster</p> |
3606 |
+<!-- INDENTATION --> |
3607 |
+<p>When virus warnings are sent to any users, this is the |
3608 |
+email address used as the "From:" header in the |
3609 |
+messages.</p> |
3610 |
+</td> |
3611 |
+</table> |
3612 |
+<a name="Definitions of virus scanners and spam detectors"></a> |
3613 |
+<h2>Definitions of virus scanners and spam detectors</h2> |
3614 |
+<!-- INDENTATION --> |
3615 |
+<table width="100%" border=0 rules="none" frame="void" |
3616 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3617 |
+<tr valign="top" align="left"> |
3618 |
+<td width="11%"></td> |
3619 |
+<td width="89%"> |
3620 |
+<p><b>Spam List Definitions</b></p></td> |
3621 |
+</table> |
3622 |
+<!-- INDENTATION --> |
3623 |
+<table width="100%" border=0 rules="none" frame="void" |
3624 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3625 |
+<tr valign="top" align="left"> |
3626 |
+<td width="22%"></td> |
3627 |
+<td width="78%"> |
3628 |
+<p>Default: %etc−dir%/spam.lists.conf</p> |
3629 |
+<!-- INDENTATION --> |
3630 |
+<p>This file contains all the definitions of the "Spam |
3631 |
+Lists" (also known as RBL’s or DNSBL’s) |
3632 |
+which can be used to try to detect spam based on where each |
3633 |
+message came from. Many more spam lists can be added to this |
3634 |
+file, but it contains the most popular ones to get you |
3635 |
+started.</p> |
3636 |
+</td> |
3637 |
+</table> |
3638 |
+<!-- INDENTATION --> |
3639 |
+<table width="100%" border=0 rules="none" frame="void" |
3640 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3641 |
+<tr valign="top" align="left"> |
3642 |
+<td width="11%"></td> |
3643 |
+<td width="89%"> |
3644 |
+<p><b>Virus Scanner Definitions</b></p></td> |
3645 |
+</table> |
3646 |
+<!-- INDENTATION --> |
3647 |
+<table width="100%" border=0 rules="none" frame="void" |
3648 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3649 |
+<tr valign="top" align="left"> |
3650 |
+<td width="22%"></td> |
3651 |
+<td width="78%"> |
3652 |
+<p>Default: %etc−dir%/virus.scanners.conf</p> |
3653 |
+<!-- INDENTATION --> |
3654 |
+<p>This file contains the locations of all the commands that |
3655 |
+are run for each virus scanner. Check this file before |
3656 |
+starting MailScanner to make sure it will run the correct |
3657 |
+command or wrapper script.</p> |
3658 |
+</td> |
3659 |
+</table> |
3660 |
+<a name="Spam detection and spam lists (DNS blocklists)"></a> |
3661 |
+<h2>Spam detection and spam lists (DNS blocklists)</h2> |
3662 |
+<!-- INDENTATION --> |
3663 |
+<table width="100%" border=0 rules="none" frame="void" |
3664 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3665 |
+<tr valign="top" align="left"> |
3666 |
+<td width="11%"></td> |
3667 |
+<td width="89%"> |
3668 |
+<p><b>Spam Checks</b></p></td> |
3669 |
+</table> |
3670 |
+<!-- INDENTATION --> |
3671 |
+<table width="100%" border=0 rules="none" frame="void" |
3672 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3673 |
+<tr valign="top" align="left"> |
3674 |
+<td width="22%"></td> |
3675 |
+<td width="78%"> |
3676 |
+<p>Default: yes</p> |
3677 |
+<!-- INDENTATION --> |
3678 |
+<p>If this option is set, messages will be checked to see if |
3679 |
+they are spam.</p> |
3680 |
+</td> |
3681 |
+</table> |
3682 |
+<!-- INDENTATION --> |
3683 |
+<table width="100%" border=0 rules="none" frame="void" |
3684 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3685 |
+<tr valign="top" align="left"> |
3686 |
+<td width="11%"></td> |
3687 |
+<td width="89%"> |
3688 |
+<p><b>Spam List</b></p></td> |
3689 |
+</table> |
3690 |
+<!-- INDENTATION --> |
3691 |
+<table width="100%" border=0 rules="none" frame="void" |
3692 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3693 |
+<tr valign="top" align="left"> |
3694 |
+<td width="22%"></td> |
3695 |
+<td width="78%"> |
3696 |
+<p>Default: ORDB−RBL Infinite−Monkeys</p> |
3697 |
+<!-- INDENTATION --> |
3698 |
+<p>This provides a space−separated list of "Spam |
3699 |
+Lists" (or RBL’s or DNSBL’s) which are |
3700 |
+checked for each message. These lists are based on the |
3701 |
+numeric IP address of the server that sent the message to |
3702 |
+your MailScanner server. Every list used here must be |
3703 |
+defined in the "Spam List Definitions" file |
3704 |
+mentioned above.</p> |
3705 |
+</td> |
3706 |
+</table> |
3707 |
+<!-- INDENTATION --> |
3708 |
+<table width="100%" border=0 rules="none" frame="void" |
3709 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3710 |
+<tr valign="top" align="left"> |
3711 |
+<td width="11%"></td> |
3712 |
+<td width="89%"> |
3713 |
+<p><b>Spam Domain List</b></p></td> |
3714 |
+</table> |
3715 |
+<!-- INDENTATION --> |
3716 |
+<table width="100%" border=0 rules="none" frame="void" |
3717 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3718 |
+<tr valign="top" align="left"> |
3719 |
+<td width="22%"></td> |
3720 |
+<td width="78%"> |
3721 |
+<p>Default:</p> |
3722 |
+<!-- INDENTATION --> |
3723 |
+<p>This provides a space−separated list of "Spam |
3724 |
+Lists" (or RBL’s or DNSBL’s) which are |
3725 |
+checked for each message. These lists are based on the |
3726 |
+domain name of the sender address of each message. Every |
3727 |
+list used here must be defined in the "Spam List |
3728 |
+Definitions" file mentioned above.</p> |
3729 |
+</td> |
3730 |
+</table> |
3731 |
+<!-- INDENTATION --> |
3732 |
+<table width="100%" border=0 rules="none" frame="void" |
3733 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3734 |
+<tr valign="top" align="left"> |
3735 |
+<td width="11%"></td> |
3736 |
+<td width="89%"> |
3737 |
+<p><b>Spam Lists To Reach High Score</b></p></td> |
3738 |
+</table> |
3739 |
+<!-- INDENTATION --> |
3740 |
+<table width="100%" border=0 rules="none" frame="void" |
3741 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3742 |
+<tr valign="top" align="left"> |
3743 |
+<td width="22%"></td> |
3744 |
+<td width="78%"> |
3745 |
+<p>Default: 5</p> |
3746 |
+<!-- INDENTATION --> |
3747 |
+<p>If a message appears in at least this number of |
3748 |
+"Spam Lists" (as defined above), then the message |
3749 |
+will be treated as "High Scoring Spam" and so the |
3750 |
+"High Scoring Spam Actions" will happen. You |
3751 |
+probably want to set this to 2 if you are actually using |
3752 |
+this feature. 5 is high enough that it will never happen |
3753 |
+unless you use lots of "Spam Lists". This can also |
3754 |
+be the filename of a ruleset.</p> |
3755 |
+</td> |
3756 |
+</table> |
3757 |
+<!-- INDENTATION --> |
3758 |
+<table width="100%" border=0 rules="none" frame="void" |
3759 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3760 |
+<tr valign="top" align="left"> |
3761 |
+<td width="11%"></td> |
3762 |
+<td width="89%"> |
3763 |
+<p><b>Spam List Timeout</b></p></td> |
3764 |
+</table> |
3765 |
+<!-- INDENTATION --> |
3766 |
+<table width="100%" border=0 rules="none" frame="void" |
3767 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3768 |
+<tr valign="top" align="left"> |
3769 |
+<td width="22%"></td> |
3770 |
+<td width="78%"> |
3771 |
+<p>Default: 10</p> |
3772 |
+<!-- INDENTATION --> |
3773 |
+<p>This is the number of seconds to wait for each "Spam |
3774 |
+List" lookup to complete. If the lookup takes longer |
3775 |
+than this, it is killed and ignored.</p> |
3776 |
+</td> |
3777 |
+</table> |
3778 |
+<!-- INDENTATION --> |
3779 |
+<table width="100%" border=0 rules="none" frame="void" |
3780 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3781 |
+<tr valign="top" align="left"> |
3782 |
+<td width="11%"></td> |
3783 |
+<td width="89%"> |
3784 |
+<p><b>Max Spam List Timeouts</b></p></td> |
3785 |
+</table> |
3786 |
+<!-- INDENTATION --> |
3787 |
+<table width="100%" border=0 rules="none" frame="void" |
3788 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3789 |
+<tr valign="top" align="left"> |
3790 |
+<td width="22%"></td> |
3791 |
+<td width="78%"> |
3792 |
+<p>Default: 7</p> |
3793 |
+<!-- INDENTATION --> |
3794 |
+<p>If a "Spam List" lookup times out for this many |
3795 |
+consecutive checks without ever succeeding, then the |
3796 |
+particular "Spam List" entry will not be used any |
3797 |
+more, as it appears to be unreachable. When MailScanner |
3798 |
+restarts itself after a few hours, MailScanner will try to |
3799 |
+use the entry again, in case service has resumed |
3800 |
+properly.</p> |
3801 |
+</td> |
3802 |
+</table> |
3803 |
+<!-- INDENTATION --> |
3804 |
+<table width="100%" border=0 rules="none" frame="void" |
3805 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3806 |
+<tr valign="top" align="left"> |
3807 |
+<td width="11%"></td> |
3808 |
+<td width="89%"> |
3809 |
+<p><b>Spam List Timeouts History</b></p></td> |
3810 |
+</table> |
3811 |
+<!-- INDENTATION --> |
3812 |
+<table width="100%" border=0 rules="none" frame="void" |
3813 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3814 |
+<tr valign="top" align="left"> |
3815 |
+<td width="22%"></td> |
3816 |
+<td width="78%"> |
3817 |
+<p>Default: 10</p> |
3818 |
+<!-- INDENTATION --> |
3819 |
+<p>The total number of Spam List attempts during which |
3820 |
+"Max Spam List Timeouts" will cause the spam list |
3821 |
+fo be marked as "unavailable". See the previous |
3822 |
+comment for more information. The default values of 5 and 10 |
3823 |
+mean that 5 timeouts in any sequence of 10 attempts will |
3824 |
+cause the list to be marked as "unavailable" until |
3825 |
+the next periodic restart (see "Restart |
3826 |
+Every").</p> |
3827 |
+</td> |
3828 |
+</table> |
3829 |
+<!-- INDENTATION --> |
3830 |
+<table width="100%" border=0 rules="none" frame="void" |
3831 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3832 |
+<tr valign="top" align="left"> |
3833 |
+<td width="11%"></td> |
3834 |
+<td width="89%"> |
3835 |
+<p><b>Is Definitely Not Spam</b></p></td> |
3836 |
+</table> |
3837 |
+<!-- INDENTATION --> |
3838 |
+<table width="100%" border=0 rules="none" frame="void" |
3839 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3840 |
+<tr valign="top" align="left"> |
3841 |
+<td width="22%"></td> |
3842 |
+<td width="78%"> |
3843 |
+<p>Default: %rules−dir%/spam.whitelist.rules</p> |
3844 |
+<!-- INDENTATION --> |
3845 |
+<p>This option would normally be a ruleset. Any messages for |
3846 |
+which the ruleset result is "yes" will never be |
3847 |
+marked as spam. This is used to create a spam |
3848 |
+"whitelist" of addresses which are never spam. You |
3849 |
+will probably want to include your own site (or your own |
3850 |
+site’s IP addresses) in this ruleset.</p> |
3851 |
+</td> |
3852 |
+</table> |
3853 |
+<!-- INDENTATION --> |
3854 |
+<table width="100%" border=0 rules="none" frame="void" |
3855 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3856 |
+<tr valign="top" align="left"> |
3857 |
+<td width="11%"></td> |
3858 |
+<td width="89%"> |
3859 |
+<p><b>Is Definitely Spam</b></p></td> |
3860 |
+</table> |
3861 |
+<!-- INDENTATION --> |
3862 |
+<table width="100%" border=0 rules="none" frame="void" |
3863 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3864 |
+<tr valign="top" align="left"> |
3865 |
+<td width="22%"></td> |
3866 |
+<td width="78%"> |
3867 |
+<p>Default: no</p> |
3868 |
+<!-- INDENTATION --> |
3869 |
+<p>This option would normally be a ruleset. Any messages for |
3870 |
+which the ruleset result is "yes" will always be |
3871 |
+marked as spam. This is used to create a spam |
3872 |
+"blacklist" of addresses of known spammers.</p> |
3873 |
+</td> |
3874 |
+</table> |
3875 |
+<!-- INDENTATION --> |
3876 |
+<table width="100%" border=0 rules="none" frame="void" |
3877 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3878 |
+<tr valign="top" align="left"> |
3879 |
+<td width="11%"></td> |
3880 |
+<td width="89%"> |
3881 |
+<p><b>Definite Spam Is High Scoring</b></p></td> |
3882 |
+</table> |
3883 |
+<!-- INDENTATION --> |
3884 |
+<table width="100%" border=0 rules="none" frame="void" |
3885 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3886 |
+<tr valign="top" align="left"> |
3887 |
+<td width="22%"></td> |
3888 |
+<td width="78%"> |
3889 |
+<p>Default: no</p> |
3890 |
+<!-- INDENTATION --> |
3891 |
+<p>Setting this to yes means that spam found in the |
3892 |
+blacklist is treated as "High Scoring Spam" in the |
3893 |
+"Spam Actions" section below. Setting it to no |
3894 |
+means that it will be treated as "normal" spam. |
3895 |
+This can also be the filename of a ruleset.</p> |
3896 |
+</td> |
3897 |
+</table> |
3898 |
+<!-- INDENTATION --> |
3899 |
+<table width="100%" border=0 rules="none" frame="void" |
3900 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3901 |
+<tr valign="top" align="left"> |
3902 |
+<td width="11%"></td> |
3903 |
+<td width="89%"> |
3904 |
+<p><b>Ignore Spam Whitelist If Recipients |
3905 |
+Exceed</b></p></td> |
3906 |
+</table> |
3907 |
+<!-- INDENTATION --> |
3908 |
+<table width="100%" border=0 rules="none" frame="void" |
3909 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3910 |
+<tr valign="top" align="left"> |
3911 |
+<td width="22%"></td> |
3912 |
+<td width="78%"> |
3913 |
+<p>Default: 20</p> |
3914 |
+<!-- INDENTATION --> |
3915 |
+<p>Spammers have learnt that they can get their message |
3916 |
+through by sending a message with lots of recipients, one of |
3917 |
+which chooses to whitelist everything coming to them, |
3918 |
+including the spammer. So if a message arrives with more |
3919 |
+than this number of recipients, ignore the "Is |
3920 |
+Definitely Not Spam" whitelist.</p> |
3921 |
+</td> |
3922 |
+</table> |
3923 |
+<a name="SpamAssassin"></a> |
3924 |
+<h2>SpamAssassin</h2> |
3925 |
+<!-- INDENTATION --> |
3926 |
+<table width="100%" border=0 rules="none" frame="void" |
3927 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3928 |
+<tr valign="top" align="left"> |
3929 |
+<td width="11%"></td> |
3930 |
+<td width="89%"> |
3931 |
+<p><b>Use SpamAssassin</b></p></td> |
3932 |
+</table> |
3933 |
+<!-- INDENTATION --> |
3934 |
+<table width="100%" border=0 rules="none" frame="void" |
3935 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3936 |
+<tr valign="top" align="left"> |
3937 |
+<td width="22%"></td> |
3938 |
+<td width="78%"> |
3939 |
+<p>Default: no</p> |
3940 |
+<!-- INDENTATION --> |
3941 |
+<p>Do you want to detect spam using the very good |
3942 |
+SpamAssassin package? You must have installed SpamAssassin |
3943 |
+before using this option, otherwise MailScanner will not |
3944 |
+start properly.<br> |
3945 |
+NOTE for FreeBSD port user: The SpamAssassin port is not |
3946 |
+automatically installed with the MailScanner port. You can |
3947 |
+find it at |
3948 |
+/usr/ports/mail/p5−Mail−SpamAssassin.</p> |
3949 |
+</td> |
3950 |
+</table> |
3951 |
+<!-- INDENTATION --> |
3952 |
+<table width="100%" border=0 rules="none" frame="void" |
3953 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3954 |
+<tr valign="top" align="left"> |
3955 |
+<td width="11%"></td> |
3956 |
+<td width="89%"> |
3957 |
+<p><b>Max SpamAssassin Size</b></p></td> |
3958 |
+</table> |
3959 |
+<!-- INDENTATION --> |
3960 |
+<table width="100%" border=0 rules="none" frame="void" |
3961 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3962 |
+<tr valign="top" align="left"> |
3963 |
+<td width="22%"></td> |
3964 |
+<td width="78%"> |
3965 |
+<p>Default: 90000</p> |
3966 |
+<!-- INDENTATION --> |
3967 |
+<p>SpamAssassin is quite slow when processing very large |
3968 |
+messages. To work round this problem, this option provides a |
3969 |
+maximum size for messages that are processed with |
3970 |
+SpamAssassin. Most real spam is usually less than about |
3971 |
+50,000 bytes per message.</p> |
3972 |
+</td> |
3973 |
+</table> |
3974 |
+<!-- INDENTATION --> |
3975 |
+<table width="100%" border=0 rules="none" frame="void" |
3976 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3977 |
+<tr valign="top" align="left"> |
3978 |
+<td width="11%"></td> |
3979 |
+<td width="89%"> |
3980 |
+<p><b>Required Spam Assassin Score</b></p></td> |
3981 |
+</table> |
3982 |
+<!-- INDENTATION --> |
3983 |
+<table width="100%" border=0 rules="none" frame="void" |
3984 |
+ cols="2" cellspacing="0" cellpadding="0"> |
3985 |
+<tr valign="top" align="left"> |
3986 |
+<td width="22%"></td> |
3987 |
+<td width="78%"> |
3988 |
+<p>Default: 6</p> |
3989 |
+<!-- INDENTATION --> |
3990 |
+<p>This gives the minimum SpamAssassin score value above |
3991 |
+which messages are spam. This replaces SpamAssassin’s |
3992 |
+own "required_hits" value, so that it can be a |
3993 |
+ruleset and set to different values for different |
3994 |
+users/domains.</p> |
3995 |
+</td> |
3996 |
+</table> |
3997 |
+<!-- INDENTATION --> |
3998 |
+<table width="100%" border=0 rules="none" frame="void" |
3999 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4000 |
+<tr valign="top" align="left"> |
4001 |
+<td width="11%"></td> |
4002 |
+<td width="89%"> |
4003 |
+<p><b>High SpamAssassin Score</b></p></td> |
4004 |
+</table> |
4005 |
+<!-- INDENTATION --> |
4006 |
+<table width="100%" border=0 rules="none" frame="void" |
4007 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4008 |
+<tr valign="top" align="left"> |
4009 |
+<td width="22%"></td> |
4010 |
+<td width="78%"> |
4011 |
+<p>Default: 20</p> |
4012 |
+<!-- INDENTATION --> |
4013 |
+<p>Messages with a SpamAssassin score greater than this |
4014 |
+value are labelled as being "High Scoring Spam", |
4015 |
+and a different set of "Spam Actions" are applied |
4016 |
+to messages scoring at least this value.</p> |
4017 |
+</td> |
4018 |
+</table> |
4019 |
+<!-- INDENTATION --> |
4020 |
+<table width="100%" border=0 rules="none" frame="void" |
4021 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4022 |
+<tr valign="top" align="left"> |
4023 |
+<td width="11%"></td> |
4024 |
+<td width="89%"> |
4025 |
+<p><b>SpamAssassin Auto Whitelist</b></p></td> |
4026 |
+</table> |
4027 |
+<!-- INDENTATION --> |
4028 |
+<table width="100%" border=0 rules="none" frame="void" |
4029 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4030 |
+<tr valign="top" align="left"> |
4031 |
+<td width="22%"></td> |
4032 |
+<td width="78%"> |
4033 |
+<p>Default: no</p> |
4034 |
+<!-- INDENTATION --> |
4035 |
+<p>SpamAssassin has a feature which measures the ratio of |
4036 |
+spam to non−spam originating from different addresses, |
4037 |
+and will automatically add addresses to its own internal |
4038 |
+"whitelist" if most of the messages from an |
4039 |
+address is not spam. This option enables this feature of |
4040 |
+SpamAssassin. Please read their documentation for more |
4041 |
+information.</p> |
4042 |
+</td> |
4043 |
+</table> |
4044 |
+<!-- INDENTATION --> |
4045 |
+<table width="100%" border=0 rules="none" frame="void" |
4046 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4047 |
+<tr valign="top" align="left"> |
4048 |
+<td width="11%"></td> |
4049 |
+<td width="89%"> |
4050 |
+<p><b>SpamAssassin Prefs File</b></p></td> |
4051 |
+</table> |
4052 |
+<!-- INDENTATION --> |
4053 |
+<table width="100%" border=0 rules="none" frame="void" |
4054 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4055 |
+<tr valign="top" align="left"> |
4056 |
+<td width="22%"></td> |
4057 |
+<td width="78%"> |
4058 |
+<p>Default: %etc−dir%/spam.assassin.prefs.conf</p> |
4059 |
+<!-- INDENTATION --> |
4060 |
+<p>SpamAssassin uses a "user preferences" file |
4061 |
+which can be used to set the values of various SpamAssassin |
4062 |
+options. This is the name of that file. Its most useful |
4063 |
+feature is that the RBL/DNSBL/"Spam List" checks |
4064 |
+done by SpamAssassin can be disabled as MailScanner already |
4065 |
+does them and there is little to be gained by doing these |
4066 |
+checks twice for every message.</p> |
4067 |
+</td> |
4068 |
+</table> |
4069 |
+<!-- INDENTATION --> |
4070 |
+<table width="100%" border=0 rules="none" frame="void" |
4071 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4072 |
+<tr valign="top" align="left"> |
4073 |
+<td width="11%"></td> |
4074 |
+<td width="89%"> |
4075 |
+<p><b>SpamAssassin Timeout</b></p></td> |
4076 |
+</table> |
4077 |
+<!-- INDENTATION --> |
4078 |
+<table width="100%" border=0 rules="none" frame="void" |
4079 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4080 |
+<tr valign="top" align="left"> |
4081 |
+<td width="22%"></td> |
4082 |
+<td width="78%"> |
4083 |
+<p>Default: 30</p> |
4084 |
+<!-- INDENTATION --> |
4085 |
+<p>This option sets the maximum number of seconds to wait |
4086 |
+for SpamAssassin to process a message. This is a useful |
4087 |
+protection against occasional bugs in SpamAssassin that can |
4088 |
+cause it to take hours to process a single message.</p> |
4089 |
+</td> |
4090 |
+</table> |
4091 |
+<!-- INDENTATION --> |
4092 |
+<table width="100%" border=0 rules="none" frame="void" |
4093 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4094 |
+<tr valign="top" align="left"> |
4095 |
+<td width="11%"></td> |
4096 |
+<td width="89%"> |
4097 |
+<p><b>Max SpamAssasin Timeouts</b></p></td> |
4098 |
+</table> |
4099 |
+<!-- INDENTATION --> |
4100 |
+<table width="100%" border=0 rules="none" frame="void" |
4101 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4102 |
+<tr valign="top" align="left"> |
4103 |
+<td width="22%"></td> |
4104 |
+<td width="78%"> |
4105 |
+<p>Default: 20</p> |
4106 |
+<!-- INDENTATION --> |
4107 |
+<p>If several consecutive calls to SpamAssassin time out, |
4108 |
+then MailScanner decides that there is something stopping |
4109 |
+SpamAssassin from working properly. It will therefore be |
4110 |
+disabled for the next few hours until MailScanner restarts |
4111 |
+itself, at which point it will be tried again.</p> |
4112 |
+</td> |
4113 |
+</table> |
4114 |
+<!-- INDENTATION --> |
4115 |
+<table width="100%" border=0 rules="none" frame="void" |
4116 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4117 |
+<tr valign="top" align="left"> |
4118 |
+<td width="11%"></td> |
4119 |
+<td width="89%"> |
4120 |
+<p><b>SpamAssassin Timeouts History</b></p></td> |
4121 |
+</table> |
4122 |
+<!-- INDENTATION --> |
4123 |
+<table width="100%" border=0 rules="none" frame="void" |
4124 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4125 |
+<tr valign="top" align="left"> |
4126 |
+<td width="22%"></td> |
4127 |
+<td width="78%"> |
4128 |
+<p>Default: 30</p> |
4129 |
+<!-- INDENTATION --> |
4130 |
+<p>The total number of SpamAssassin attempts during which |
4131 |
+"Max SpamAssassin Timeouts" will cause |
4132 |
+SpamAssassin to be marked as "unavailable". See |
4133 |
+the previous comment for more information. The default |
4134 |
+values of 10 and 20 mean that 10 timeouts in any sequence of |
4135 |
+20 attempts will trigger the behaviour described above, |
4136 |
+until the next periodic restart (see "Restart |
4137 |
+Every").</p> |
4138 |
+</td> |
4139 |
+</table> |
4140 |
+<!-- INDENTATION --> |
4141 |
+<table width="100%" border=0 rules="none" frame="void" |
4142 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4143 |
+<tr valign="top" align="left"> |
4144 |
+<td width="11%"></td> |
4145 |
+<td width="89%"> |
4146 |
+<p><b>Check SpamAssassin If On Spam List</b></p></td> |
4147 |
+</table> |
4148 |
+<!-- INDENTATION --> |
4149 |
+<table width="100%" border=0 rules="none" frame="void" |
4150 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4151 |
+<tr valign="top" align="left"> |
4152 |
+<td width="22%"></td> |
4153 |
+<td width="78%"> |
4154 |
+<p>Default: yes</p> |
4155 |
+<!-- INDENTATION --> |
4156 |
+<p>If a message has already triggered any of the "Spam |
4157 |
+List" checks, the SpamAssassin check will be skipped if |
4158 |
+this option is set to "no". This can help reduce |
4159 |
+the load on your server if SpamAssassin checks take a long |
4160 |
+time for some reason.</p> |
4161 |
+</td> |
4162 |
+</table> |
4163 |
+<!-- INDENTATION --> |
4164 |
+<table width="100%" border=0 rules="none" frame="void" |
4165 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4166 |
+<tr valign="top" align="left"> |
4167 |
+<td width="11%"></td> |
4168 |
+<td width="89%"> |
4169 |
+<p><b>Always Include SpamAssasin Report</b></p></td> |
4170 |
+</table> |
4171 |
+<!-- INDENTATION --> |
4172 |
+<table width="100%" border=0 rules="none" frame="void" |
4173 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4174 |
+<tr valign="top" align="left"> |
4175 |
+<td width="22%"></td> |
4176 |
+<td width="78%"> |
4177 |
+<p>Default: no</p> |
4178 |
+<!-- INDENTATION --> |
4179 |
+<p>If this option is set, then the "Spam Header" |
4180 |
+will be included in the header of every message, so its |
4181 |
+presence cannot be used to filter out spam by your |
4182 |
+users’ e−mail applications.</p> |
4183 |
+</td> |
4184 |
+</table> |
4185 |
+<!-- INDENTATION --> |
4186 |
+<table width="100%" border=0 rules="none" frame="void" |
4187 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4188 |
+<tr valign="top" align="left"> |
4189 |
+<td width="11%"></td> |
4190 |
+<td width="89%"> |
4191 |
+<p><b>Spam Score</b></p></td> |
4192 |
+</table> |
4193 |
+<!-- INDENTATION --> |
4194 |
+<table width="100%" border=0 rules="none" frame="void" |
4195 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4196 |
+<tr valign="top" align="left"> |
4197 |
+<td width="22%"></td> |
4198 |
+<td width="78%"> |
4199 |
+<p>Default: yes</p> |
4200 |
+<!-- INDENTATION --> |
4201 |
+<p>If a message is spam, and this option is set, then a |
4202 |
+header will be added to the message containing 1 character |
4203 |
+for each point in the SpamAssassin score. This allows users |
4204 |
+to choose for themselves the SpamAssassin scores at which |
4205 |
+they want to do different things with the message, such as |
4206 |
+file it or delete it.</p> |
4207 |
+</td> |
4208 |
+</table> |
4209 |
+<!-- INDENTATION --> |
4210 |
+<table width="100%" border=0 rules="none" frame="void" |
4211 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4212 |
+<tr valign="top" align="left"> |
4213 |
+<td width="11%"></td> |
4214 |
+<td width="89%"> |
4215 |
+<p><b>Rebuild Bayes Every</b></p></td> |
4216 |
+</table> |
4217 |
+<!-- INDENTATION --> |
4218 |
+<table width="100%" border=0 rules="none" frame="void" |
4219 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4220 |
+<tr valign="top" align="left"> |
4221 |
+<td width="22%"></td> |
4222 |
+<td width="78%"> |
4223 |
+<p>Default: 0</p> |
4224 |
+<!-- INDENTATION --> |
4225 |
+<p>If you are using the Bayesian statistics engine on a busy |
4226 |
+server, you may well need to force a Bayesian database |
4227 |
+rebuild and expiry at regular intervals. This is measures in |
4228 |
+seconds. 24 hours = 86400 seconds. To disable this feature |
4229 |
+set this to 0.</p> |
4230 |
+</td> |
4231 |
+</table> |
4232 |
+<!-- INDENTATION --> |
4233 |
+<table width="100%" border=0 rules="none" frame="void" |
4234 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4235 |
+<tr valign="top" align="left"> |
4236 |
+<td width="11%"></td> |
4237 |
+<td width="89%"> |
4238 |
+<p><b>Wait During Bayes Rebuild</b></p></td> |
4239 |
+</table> |
4240 |
+<!-- INDENTATION --> |
4241 |
+<table width="100%" border=0 rules="none" frame="void" |
4242 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4243 |
+<tr valign="top" align="left"> |
4244 |
+<td width="22%"></td> |
4245 |
+<td width="78%"> |
4246 |
+<p>Default: no</p> |
4247 |
+<!-- INDENTATION --> |
4248 |
+<p># The Bayesian database rebuild and expiry may take a 2 |
4249 |
+or 3 minutes # to complete. During this time you can either |
4250 |
+wait, or simply # disable SpamAssassin checks until it has |
4251 |
+completed. WaitDuringBayesRebuild = no</p> |
4252 |
+</td> |
4253 |
+</table> |
4254 |
+<a name="What to do with spam"></a> |
4255 |
+<h2>What to do with spam</h2> |
4256 |
+<!-- INDENTATION --> |
4257 |
+<table width="100%" border=0 rules="none" frame="void" |
4258 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4259 |
+<tr valign="top" align="left"> |
4260 |
+<td width="11%"></td> |
4261 |
+<td width="89%"> |
4262 |
+<p><b>Spam Actions</b></p></td> |
4263 |
+</table> |
4264 |
+<!-- INDENTATION --> |
4265 |
+<table width="100%" border=0 rules="none" frame="void" |
4266 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4267 |
+<tr valign="top" align="left"> |
4268 |
+<td width="22%"></td> |
4269 |
+<td width="78%"> |
4270 |
+<p>Default: deliver</p> |
4271 |
+<!-- INDENTATION --> |
4272 |
+<p>This can be any combination of 1 or more of the following |
4273 |
+keywords, and these actions are applied to any message which |
4274 |
+is spam.</p> |
4275 |
+</td> |
4276 |
+</table> |
4277 |
+<!-- TABS --> |
4278 |
+<table width="100%" border=0 rules="none" frame="void" |
4279 |
+ cols="4" cellspacing="0" cellpadding="0"> |
4280 |
+<tr valign="top" align="left"> |
4281 |
+<td width="22%"></td> |
4282 |
+<td width="1%"> |
4283 |
+ |
4284 |
+<p>•</p> |
4285 |
+</td> |
4286 |
+<td width="5%"></td> |
4287 |
+<td width="72%"> |
4288 |
+ |
4289 |
+<p>deliver − the message is delivered to the |
4290 |
+recipient as normal</p> |
4291 |
+</td> |
4292 |
+<tr valign="top" align="left"> |
4293 |
+<td width="22%"></td> |
4294 |
+<td width="1%"> |
4295 |
+ |
4296 |
+<p>•</p> |
4297 |
+</td> |
4298 |
+<td width="5%"></td> |
4299 |
+<td width="72%"> |
4300 |
+ |
4301 |
+<p>delete − the message is deleted</p> |
4302 |
+</td> |
4303 |
+<tr valign="top" align="left"> |
4304 |
+<td width="22%"></td> |
4305 |
+<td width="1%"> |
4306 |
+ |
4307 |
+<p>•</p> |
4308 |
+</td> |
4309 |
+<td width="5%"></td> |
4310 |
+<td width="72%"> |
4311 |
+ |
4312 |
+<p>store − the message is stored in the |
4313 |
+quarantine</p> |
4314 |
+</td> |
4315 |
+<tr valign="top" align="left"> |
4316 |
+<td width="22%"></td> |
4317 |
+<td width="1%"> |
4318 |
+ |
4319 |
+<p>•</p> |
4320 |
+</td> |
4321 |
+<td width="5%"></td> |
4322 |
+<td width="72%"> |
4323 |
+ |
4324 |
+<p>forward − an email address is supplied, to which |
4325 |
+the message is forwarded</p> |
4326 |
+</td> |
4327 |
+<tr valign="top" align="left"> |
4328 |
+<td width="22%"></td> |
4329 |
+<td width="1%"> |
4330 |
+ |
4331 |
+<p>•</p> |
4332 |
+</td> |
4333 |
+<td width="5%"></td> |
4334 |
+<td width="72%"> |
4335 |
+ |
4336 |
+<p>notify − Send the recipients a short notification |
4337 |
+that spam addressed to them was not delivered. They can then |
4338 |
+take action to request retrieval of the orginal message if |
4339 |
+they think it was not spam.</p> |
4340 |
+</td> |
4341 |
+<tr valign="top" align="left"> |
4342 |
+<td width="22%"></td> |
4343 |
+<td width="1%"> |
4344 |
+ |
4345 |
+<p>•</p> |
4346 |
+</td> |
4347 |
+<td width="5%"></td> |
4348 |
+<td width="72%"> |
4349 |
+ |
4350 |
+<p>striphtml − convert all in−line HTML content |
4351 |
+in the message to be stripped to plain text, which removes |
4352 |
+all images and scripts and so can be used to protect your |
4353 |
+users from offensive spam. Note that using this action on |
4354 |
+its own does not imply that the message will be delivered, |
4355 |
+you will need to specify "deliver" or |
4356 |
+"forward" to actually deliver the message.</p> |
4357 |
+</td> |
4358 |
+<tr valign="top" align="left"> |
4359 |
+<td width="22%"></td> |
4360 |
+<td width="1%"> |
4361 |
+ |
4362 |
+<p>•</p> |
4363 |
+</td> |
4364 |
+<td width="5%"></td> |
4365 |
+<td width="72%"> |
4366 |
+ |
4367 |
+<p>attachment − Convert the original message into an |
4368 |
+attachment of the message. This means the user has to take |
4369 |
+an extra step to open the spam, and stops "web |
4370 |
+bugs" very effectively.</p> |
4371 |
+</td> |
4372 |
+<tr valign="top" align="left"> |
4373 |
+<td width="22%"></td> |
4374 |
+<td width="1%"> |
4375 |
+ |
4376 |
+<p>•</p> |
4377 |
+</td> |
4378 |
+<td width="5%"></td> |
4379 |
+<td width="72%"> |
4380 |
+ |
4381 |
+<p>bounce − bounce the spam message. This option |
4382 |
+should not be used and must be enabled with the "Enable |
4383 |
+Spam Bounce" option first.</p> |
4384 |
+</td> |
4385 |
+<tr valign="top" align="left"> |
4386 |
+<td width="22%"></td> |
4387 |
+<td width="1%"> |
4388 |
+ |
4389 |
+<p>•</p> |
4390 |
+</td> |
4391 |
+<td width="5%"></td> |
4392 |
+<td width="72%"> |
4393 |
+ |
4394 |
+<p>header "name: value" − Add the header |
4395 |
+"name: value" to the message. name must not |
4396 |
+contain any spaces.</p> |
4397 |
+</td> |
4398 |
+</table> |
4399 |
+<!-- INDENTATION --> |
4400 |
+<table width="100%" border=0 rules="none" frame="void" |
4401 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4402 |
+<tr valign="top" align="left"> |
4403 |
+<td width="11%"></td> |
4404 |
+<td width="89%"> |
4405 |
+<p><b>High Scoring Spam Actions</b></p></td> |
4406 |
+</table> |
4407 |
+<!-- INDENTATION --> |
4408 |
+<table width="100%" border=0 rules="none" frame="void" |
4409 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4410 |
+<tr valign="top" align="left"> |
4411 |
+<td width="22%"></td> |
4412 |
+<td width="78%"> |
4413 |
+<p>Default: deliver</p></td> |
4414 |
+</table> |
4415 |
+<!-- INDENTATION --> |
4416 |
+<table width="100%" border=0 rules="none" frame="void" |
4417 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4418 |
+<tr valign="top" align="left"> |
4419 |
+<td width="28%"></td> |
4420 |
+<td width="72%"> |
4421 |
+<p>This is the same as the "Spam Actions" option |
4422 |
+above, but it gives the actions to apply to any message |
4423 |
+whose SpamAssassin score is above the "High |
4424 |
+Scoring" threshold described above.</p> |
4425 |
+</td> |
4426 |
+</table> |
4427 |
+<!-- INDENTATION --> |
4428 |
+<table width="100%" border=0 rules="none" frame="void" |
4429 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4430 |
+<tr valign="top" align="left"> |
4431 |
+<td width="11%"></td> |
4432 |
+<td width="89%"> |
4433 |
+<p><b>Non Spam Actions</b></p></td> |
4434 |
+</table> |
4435 |
+<!-- INDENTATION --> |
4436 |
+<table width="100%" border=0 rules="none" frame="void" |
4437 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4438 |
+<tr valign="top" align="left"> |
4439 |
+<td width="22%"></td> |
4440 |
+<td width="78%"> |
4441 |
+<p>Default: deliver</p> |
4442 |
+<!-- INDENTATION --> |
4443 |
+<p>This is the same as the "Spam Actions" option |
4444 |
+above, except that it applies to messages that are NOT spam. |
4445 |
+The bounce option does not make much sense here so do not |
4446 |
+use it.</p> |
4447 |
+</td> |
4448 |
+</table> |
4449 |
+<!-- INDENTATION --> |
4450 |
+<table width="100%" border=0 rules="none" frame="void" |
4451 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4452 |
+<tr valign="top" align="left"> |
4453 |
+<td width="11%"></td> |
4454 |
+<td width="89%"> |
4455 |
+<p><b>Sender Spam Report</b></p></td> |
4456 |
+</table> |
4457 |
+<!-- INDENTATION --> |
4458 |
+<table width="100%" border=0 rules="none" frame="void" |
4459 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4460 |
+<tr valign="top" align="left"> |
4461 |
+<td width="22%"></td> |
4462 |
+<td width="78%"> |
4463 |
+<p>Default: %reports−dir%/sender.spam.report.txt</p> |
4464 |
+<!-- INDENTATION --> |
4465 |
+<p>When the "bounce" spam action is applied to a |
4466 |
+message that triggered both a "Spam List" check |
4467 |
+and SpamAssassin, this file gives the text to put in that |
4468 |
+message.</p> |
4469 |
+</td> |
4470 |
+</table> |
4471 |
+<!-- INDENTATION --> |
4472 |
+<table width="100%" border=0 rules="none" frame="void" |
4473 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4474 |
+<tr valign="top" align="left"> |
4475 |
+<td width="11%"></td> |
4476 |
+<td width="89%"> |
4477 |
+<p><b>Sender Spam List Report</b></p></td> |
4478 |
+</table> |
4479 |
+<!-- INDENTATION --> |
4480 |
+<table width="100%" border=0 rules="none" frame="void" |
4481 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4482 |
+<tr valign="top" align="left"> |
4483 |
+<td width="22%"></td> |
4484 |
+<td width="78%"> |
4485 |
+<p>Default: |
4486 |
+%reports−dir%/sender.spam.rbl.report.txt</p> |
4487 |
+<!-- INDENTATION --> |
4488 |
+<p>When the "bounce" spam action is applied to a |
4489 |
+message that triggered a "Spam List" check, this |
4490 |
+file gives the text to put in that message.</p> |
4491 |
+</td> |
4492 |
+</table> |
4493 |
+<!-- INDENTATION --> |
4494 |
+<table width="100%" border=0 rules="none" frame="void" |
4495 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4496 |
+<tr valign="top" align="left"> |
4497 |
+<td width="11%"></td> |
4498 |
+<td width="89%"> |
4499 |
+<p><b>Sender SpamAssassin Report</b></p></td> |
4500 |
+</table> |
4501 |
+<!-- INDENTATION --> |
4502 |
+<table width="100%" border=0 rules="none" frame="void" |
4503 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4504 |
+<tr valign="top" align="left"> |
4505 |
+<td width="22%"></td> |
4506 |
+<td width="78%"> |
4507 |
+<p>Default: |
4508 |
+%reports−dir%/sender.spam.sa.report.txt</p> |
4509 |
+<!-- INDENTATION --> |
4510 |
+<p>When the "bounce" spam action is applied to a |
4511 |
+message that triggered SpamAssassin, this file gives the |
4512 |
+text to put in that message.</p> |
4513 |
+</td> |
4514 |
+</table> |
4515 |
+<!-- INDENTATION --> |
4516 |
+<table width="100%" border=0 rules="none" frame="void" |
4517 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4518 |
+<tr valign="top" align="left"> |
4519 |
+<td width="11%"></td> |
4520 |
+<td width="89%"> |
4521 |
+<p><b>Inline Spam Warning</b></p></td> |
4522 |
+</table> |
4523 |
+<!-- INDENTATION --> |
4524 |
+<table width="100%" border=0 rules="none" frame="void" |
4525 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4526 |
+<tr valign="top" align="left"> |
4527 |
+<td width="22%"></td> |
4528 |
+<td width="78%"> |
4529 |
+<p>Default: %reports−dir%/inline.spam.warning.txt</p> |
4530 |
+<!-- INDENTATION --> |
4531 |
+<p>If you use the ’attachment’ Spam Action or |
4532 |
+High Scoring Spam Action then this is the location of inline |
4533 |
+spam report that is inserted at the top of the message.</p> |
4534 |
+</td> |
4535 |
+</table> |
4536 |
+<!-- INDENTATION --> |
4537 |
+<table width="100%" border=0 rules="none" frame="void" |
4538 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4539 |
+<tr valign="top" align="left"> |
4540 |
+<td width="11%"></td> |
4541 |
+<td width="89%"> |
4542 |
+<p><b>Recipient Spam Report</b></p></td> |
4543 |
+</table> |
4544 |
+<!-- INDENTATION --> |
4545 |
+<table width="100%" border=0 rules="none" frame="void" |
4546 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4547 |
+<tr valign="top" align="left"> |
4548 |
+<td width="22%"></td> |
4549 |
+<td width="78%"> |
4550 |
+<p>Default: |
4551 |
+%reports−dir%/recipient.spam.report.txt</p> |
4552 |
+<!-- INDENTATION --> |
4553 |
+<p>If you use the ’notify’ Spam Action or High |
4554 |
+Scoring Spam Action then this is the location of the |
4555 |
+notification message that is sent to the original recipients |
4556 |
+of the message.</p> |
4557 |
+</td> |
4558 |
+</table> |
4559 |
+<!-- INDENTATION --> |
4560 |
+<table width="100%" border=0 rules="none" frame="void" |
4561 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4562 |
+<tr valign="top" align="left"> |
4563 |
+<td width="11%"></td> |
4564 |
+<td width="89%"> |
4565 |
+<p><b>Enable Spam Bounce</b></p></td> |
4566 |
+</table> |
4567 |
+<!-- INDENTATION --> |
4568 |
+<table width="100%" border=0 rules="none" frame="void" |
4569 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4570 |
+<tr valign="top" align="left"> |
4571 |
+<td width="22%"></td> |
4572 |
+<td width="78%"> |
4573 |
+<p>Default: %rules−dir%/bounce.rules</p> |
4574 |
+<!-- INDENTATION --> |
4575 |
+<p>You can use this ruleset to enable the "bounce" |
4576 |
+Spam Action. You must *only* enable this for mail from sites |
4577 |
+with which you have agreed to bounce possible spam. Use it |
4578 |
+on low−scoring spam only (<10) and only to your |
4579 |
+regular customers for use in the rare case that a message is |
4580 |
+mis−tagged as spam when it shouldn’t have been. |
4581 |
+Beware that many sites will automatically delete the bounce |
4582 |
+messages created by using this option unless you have agreed |
4583 |
+this with them in advance.</p> |
4584 |
+</td> |
4585 |
+</table> |
4586 |
+<a name="System logging"></a> |
4587 |
+<h2>System logging</h2> |
4588 |
+<!-- INDENTATION --> |
4589 |
+<table width="100%" border=0 rules="none" frame="void" |
4590 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4591 |
+<tr valign="top" align="left"> |
4592 |
+<td width="11%"></td> |
4593 |
+<td width="89%"> |
4594 |
+<p><b>Syslog Facility</b></p></td> |
4595 |
+</table> |
4596 |
+<!-- INDENTATION --> |
4597 |
+<table width="100%" border=0 rules="none" frame="void" |
4598 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4599 |
+<tr valign="top" align="left"> |
4600 |
+<td width="22%"></td> |
4601 |
+<td width="78%"> |
4602 |
+<p>Default: mail</p> |
4603 |
+<!-- INDENTATION --> |
4604 |
+<p>This is the name of the "facility" used by |
4605 |
+syslogd to log MailScanner’s messages. If this |
4606 |
+doesn’t mean anything to you, then either leave it |
4607 |
+alone or else read the "syslogd" man page.</p> |
4608 |
+</td> |
4609 |
+</table> |
4610 |
+<!-- INDENTATION --> |
4611 |
+<table width="100%" border=0 rules="none" frame="void" |
4612 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4613 |
+<tr valign="top" align="left"> |
4614 |
+<td width="11%"></td> |
4615 |
+<td width="89%"> |
4616 |
+<p><b>Log Speed</b></p></td> |
4617 |
+</table> |
4618 |
+<!-- INDENTATION --> |
4619 |
+<table width="100%" border=0 rules="none" frame="void" |
4620 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4621 |
+<tr valign="top" align="left"> |
4622 |
+<td width="22%"></td> |
4623 |
+<td width="78%"> |
4624 |
+<p>Default: no</p> |
4625 |
+<!-- INDENTATION --> |
4626 |
+<p>Do you want to log the processing speed for each section |
4627 |
+of the code for a batch? This can be very useful for |
4628 |
+diagnosing speed problems, particularly in spam |
4629 |
+checking.</p> |
4630 |
+</td> |
4631 |
+</table> |
4632 |
+<!-- INDENTATION --> |
4633 |
+<table width="100%" border=0 rules="none" frame="void" |
4634 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4635 |
+<tr valign="top" align="left"> |
4636 |
+<td width="11%"></td> |
4637 |
+<td width="89%"> |
4638 |
+<p><b>Log Spam</b></p></td> |
4639 |
+</table> |
4640 |
+<!-- INDENTATION --> |
4641 |
+<table width="100%" border=0 rules="none" frame="void" |
4642 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4643 |
+<tr valign="top" align="left"> |
4644 |
+<td width="22%"></td> |
4645 |
+<td width="78%"> |
4646 |
+<p>Default: no</p> |
4647 |
+<!-- INDENTATION --> |
4648 |
+<p>If this option is set, then every spam message will be |
4649 |
+logged to syslog. If you get a lot of spam, or your server |
4650 |
+load is high, you will want to leave this option switched |
4651 |
+off. But if you are having trouble with spam detection, |
4652 |
+setting this to "yes" temporarily can provide |
4653 |
+useful debugging output.</p> |
4654 |
+</td> |
4655 |
+</table> |
4656 |
+<!-- INDENTATION --> |
4657 |
+<table width="100%" border=0 rules="none" frame="void" |
4658 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4659 |
+<tr valign="top" align="left"> |
4660 |
+<td width="11%"></td> |
4661 |
+<td width="89%"> |
4662 |
+<p><b>Log Non Spam</b></p></td> |
4663 |
+</table> |
4664 |
+<!-- INDENTATION --> |
4665 |
+<table width="100%" border=0 rules="none" frame="void" |
4666 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4667 |
+<tr valign="top" align="left"> |
4668 |
+<td width="22%"></td> |
4669 |
+<td width="78%"> |
4670 |
+<p>Default: no</p> |
4671 |
+<!-- INDENTATION --> |
4672 |
+<p>Do you want all non−spam to be logged? Useful if |
4673 |
+you want to see all the SpamAssassin reports of mail that |
4674 |
+was marked as non−spam. Note: It will generate a lot |
4675 |
+of log traffic.</p> |
4676 |
+</td> |
4677 |
+</table> |
4678 |
+<!-- INDENTATION --> |
4679 |
+<table width="100%" border=0 rules="none" frame="void" |
4680 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4681 |
+<tr valign="top" align="left"> |
4682 |
+<td width="11%"></td> |
4683 |
+<td width="89%"> |
4684 |
+<p><b>Log Permitted Filenames</b></p></td> |
4685 |
+</table> |
4686 |
+<!-- INDENTATION --> |
4687 |
+<table width="100%" border=0 rules="none" frame="void" |
4688 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4689 |
+<tr valign="top" align="left"> |
4690 |
+<td width="22%"></td> |
4691 |
+<td width="78%"> |
4692 |
+<p>Default: no</p> |
4693 |
+<!-- INDENTATION --> |
4694 |
+<p>If this option is set, then every attachment filename |
4695 |
+that passes the "filename rules" checks will be |
4696 |
+logged to syslog. Normally this is of no interest. But if |
4697 |
+you are having trouble getting your filename rules correct, |
4698 |
+setting, this can provide useful debugging output.</p> |
4699 |
+</td> |
4700 |
+</table> |
4701 |
+<!-- INDENTATION --> |
4702 |
+<table width="100%" border=0 rules="none" frame="void" |
4703 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4704 |
+<tr valign="top" align="left"> |
4705 |
+<td width="11%"></td> |
4706 |
+<td width="89%"> |
4707 |
+<p><b>Log Permitted Filetypes</b></p></td> |
4708 |
+</table> |
4709 |
+<!-- INDENTATION --> |
4710 |
+<table width="100%" border=0 rules="none" frame="void" |
4711 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4712 |
+<tr valign="top" align="left"> |
4713 |
+<td width="22%"></td> |
4714 |
+<td width="78%"> |
4715 |
+<p>Default: no</p> |
4716 |
+<!-- INDENTATION --> |
4717 |
+<p>Log all the filenames that are allowed by the Filetype |
4718 |
+Rules, or just the filetypes that are denied? This can also |
4719 |
+be the filename of a ruleset.</p> |
4720 |
+</td> |
4721 |
+</table> |
4722 |
+<!-- INDENTATION --> |
4723 |
+<table width="100%" border=0 rules="none" frame="void" |
4724 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4725 |
+<tr valign="top" align="left"> |
4726 |
+<td width="11%"></td> |
4727 |
+<td width="89%"> |
4728 |
+<p><b>Log Silent Viruses</b></p></td> |
4729 |
+</table> |
4730 |
+<!-- INDENTATION --> |
4731 |
+<table width="100%" border=0 rules="none" frame="void" |
4732 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4733 |
+<tr valign="top" align="left"> |
4734 |
+<td width="22%"></td> |
4735 |
+<td width="78%"> |
4736 |
+<p>Default: no</p> |
4737 |
+<!-- INDENTATION --> |
4738 |
+<p>Log all occurrences of "Silent Viruses" as |
4739 |
+defined above? This can only be a simple yes/no value, not a |
4740 |
+ruleset.</p> |
4741 |
+</td> |
4742 |
+</table> |
4743 |
+<a name="Advanced SpamAssassin Settings"></a> |
4744 |
+<h2>Advanced SpamAssassin Settings</h2> |
4745 |
+<!-- INDENTATION --> |
4746 |
+<table width="100%" border=0 rules="none" frame="void" |
4747 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4748 |
+<tr valign="top" align="left"> |
4749 |
+<td width="11%"></td> |
4750 |
+<td width="89%"> |
4751 |
+<p>If you are using Postfix you may well need to use some of |
4752 |
+the settings below, as the home directory for the |
4753 |
+"postfix" user cannot be written to by the |
4754 |
+"postfix" user. You may also need to use these if |
4755 |
+you have installed SpamAssassin somewhere other than the |
4756 |
+default location.</p> |
4757 |
+</td> |
4758 |
+</table> |
4759 |
+<!-- INDENTATION --> |
4760 |
+<table width="100%" border=0 rules="none" frame="void" |
4761 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4762 |
+<tr valign="top" align="left"> |
4763 |
+<td width="11%"></td> |
4764 |
+<td width="89%"> |
4765 |
+<p><b>SpamAssassin User State Dir</b></p></td> |
4766 |
+</table> |
4767 |
+<!-- INDENTATION --> |
4768 |
+<table width="100%" border=0 rules="none" frame="void" |
4769 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4770 |
+<tr valign="top" align="left"> |
4771 |
+<td width="22%"></td> |
4772 |
+<td width="78%"> |
4773 |
+<p>Default:</p> |
4774 |
+<!-- INDENTATION --> |
4775 |
+<p>The per−user files (bayes, auto−whitelist, |
4776 |
+user_prefs) are looked for here and in ~/.spamassassin/. |
4777 |
+Note the files are mutable. If this is unset then no extra |
4778 |
+places are searched for. NOTE: SpamAssassin is always called |
4779 |
+from MailScanner as the same user, and that is the "Run |
4780 |
+As" user specified in MailScanner.conf. So you can only |
4781 |
+have 1 set of "per−user" files, it’s |
4782 |
+just that you might possibly need to modify this location. |
4783 |
+You should not normally need to set this at all. If using |
4784 |
+Postfix, you probably want to set this to |
4785 |
+/var/spool/MailScanner/spamassassin and do</p> |
4786 |
+</td> |
4787 |
+</table> |
4788 |
+<!-- INDENTATION --> |
4789 |
+<table width="100%" border=0 rules="none" frame="void" |
4790 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4791 |
+<tr valign="top" align="left"> |
4792 |
+<td width="26%"></td> |
4793 |
+<td width="74%"> |
4794 |
+<p>mkdir /var/spool/MailScanner/spamassassin<br> |
4795 |
+chown postfix.postfix |
4796 |
+/var/spool/MailScanner/spamassassin</p></td> |
4797 |
+</table> |
4798 |
+<!-- INDENTATION --> |
4799 |
+<table width="100%" border=0 rules="none" frame="void" |
4800 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4801 |
+<tr valign="top" align="left"> |
4802 |
+<td width="11%"></td> |
4803 |
+<td width="89%"> |
4804 |
+<p><b>SpamAssassin Install Prefix</b></p></td> |
4805 |
+</table> |
4806 |
+<!-- INDENTATION --> |
4807 |
+<table width="100%" border=0 rules="none" frame="void" |
4808 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4809 |
+<tr valign="top" align="left"> |
4810 |
+<td width="22%"></td> |
4811 |
+<td width="78%"> |
4812 |
+<p>Default:</p> |
4813 |
+<!-- INDENTATION --> |
4814 |
+<p>This setting is useful if SpamAssassin is installed in an |
4815 |
+unusual place, e.g. /opt/MailScanner. The install prefix is |
4816 |
+used to find some fallback directories if neither of the |
4817 |
+following two settings work. If this is set then it adds to |
4818 |
+the list of places that are searched; otherwise it has no |
4819 |
+effect.</p> |
4820 |
+</td> |
4821 |
+</table> |
4822 |
+<!-- INDENTATION --> |
4823 |
+<table width="100%" border=0 rules="none" frame="void" |
4824 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4825 |
+<tr valign="top" align="left"> |
4826 |
+<td width="11%"></td> |
4827 |
+<td width="89%"> |
4828 |
+<p><b>SpamAssassin Local Rules Dir</b></p></td> |
4829 |
+</table> |
4830 |
+<!-- INDENTATION --> |
4831 |
+<table width="100%" border=0 rules="none" frame="void" |
4832 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4833 |
+<tr valign="top" align="left"> |
4834 |
+<td width="22%"></td> |
4835 |
+<td width="78%"> |
4836 |
+<p>Default:</p> |
4837 |
+<!-- INDENTATION --> |
4838 |
+<p>This tells MailScanner where to look for the |
4839 |
+site−local rules. If this is set it adds to the list |
4840 |
+of places that are searched. MailScanner will always look at |
4841 |
+the following places (even if this option is not set):</p> |
4842 |
+</td> |
4843 |
+</table> |
4844 |
+<!-- TABS --> |
4845 |
+<table width="100%" border=0 rules="none" frame="void" |
4846 |
+ cols="5" cellspacing="0" cellpadding="0"> |
4847 |
+<tr valign="top" align="left"> |
4848 |
+<td width="22%"></td> |
4849 |
+<td width="1%"> |
4850 |
+ |
4851 |
+<p>•</p> |
4852 |
+</td> |
4853 |
+<td width="5%"></td> |
4854 |
+<td width="43%"> |
4855 |
+ |
4856 |
+<p>prefix/etc/spamassassin</p> |
4857 |
+</td> |
4858 |
+<td width="29%"> |
4859 |
+</td> |
4860 |
+<tr valign="top" align="left"> |
4861 |
+<td width="22%"></td> |
4862 |
+<td width="1%"> |
4863 |
+ |
4864 |
+<p>•</p> |
4865 |
+</td> |
4866 |
+<td width="5%"></td> |
4867 |
+<td width="43%"> |
4868 |
+ |
4869 |
+<p>prefix/etc/mail/spamassassin</p> |
4870 |
+</td> |
4871 |
+<td width="29%"> |
4872 |
+</td> |
4873 |
+<tr valign="top" align="left"> |
4874 |
+<td width="22%"></td> |
4875 |
+<td width="1%"> |
4876 |
+ |
4877 |
+<p>•</p> |
4878 |
+</td> |
4879 |
+<td width="5%"></td> |
4880 |
+<td width="43%"> |
4881 |
+ |
4882 |
+<p>/usr/local/etc/spamassassin</p> |
4883 |
+</td> |
4884 |
+<td width="29%"> |
4885 |
+</td> |
4886 |
+<tr valign="top" align="left"> |
4887 |
+<td width="22%"></td> |
4888 |
+<td width="1%"> |
4889 |
+ |
4890 |
+<p>•</p> |
4891 |
+</td> |
4892 |
+<td width="5%"></td> |
4893 |
+<td width="43%"> |
4894 |
+ |
4895 |
+<p>/etc/spamassassin</p> |
4896 |
+</td> |
4897 |
+<td width="29%"> |
4898 |
+</td> |
4899 |
+<tr valign="top" align="left"> |
4900 |
+<td width="22%"></td> |
4901 |
+<td width="1%"> |
4902 |
+ |
4903 |
+<p>•</p> |
4904 |
+</td> |
4905 |
+<td width="5%"></td> |
4906 |
+<td width="43%"> |
4907 |
+ |
4908 |
+<p>/etc/mail/spamassassin</p> |
4909 |
+</td> |
4910 |
+<td width="29%"> |
4911 |
+</td> |
4912 |
+<tr valign="top" align="left"> |
4913 |
+<td width="22%"></td> |
4914 |
+<td width="1%"> |
4915 |
+ |
4916 |
+<p>•</p> |
4917 |
+</td> |
4918 |
+<td width="5%"></td> |
4919 |
+<td width="43%"> |
4920 |
+ |
4921 |
+<p>maybe others as well</p> |
4922 |
+</td> |
4923 |
+<td width="29%"> |
4924 |
+</td> |
4925 |
+</table> |
4926 |
+<!-- INDENTATION --> |
4927 |
+<table width="100%" border=0 rules="none" frame="void" |
4928 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4929 |
+<tr valign="top" align="left"> |
4930 |
+<td width="11%"></td> |
4931 |
+<td width="89%"> |
4932 |
+<p><b>SpamAssassin Default Rules Dir</b></p></td> |
4933 |
+</table> |
4934 |
+<!-- INDENTATION --> |
4935 |
+<table width="100%" border=0 rules="none" frame="void" |
4936 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4937 |
+<tr valign="top" align="left"> |
4938 |
+<td width="22%"></td> |
4939 |
+<td width="78%"> |
4940 |
+<p>Default:</p></td> |
4941 |
+</table> |
4942 |
+<!-- INDENTATION --> |
4943 |
+<table width="100%" border=0 rules="none" frame="void" |
4944 |
+ cols="2" cellspacing="0" cellpadding="0"> |
4945 |
+<tr valign="top" align="left"> |
4946 |
+<td width="28%"></td> |
4947 |
+<td width="72%"> |
4948 |
+<p>This tells MailScanner where to look for the default |
4949 |
+rules. If this is set it adds to the list of places that are |
4950 |
+searched. MailScanner will always look at the following |
4951 |
+places (even if this option is not set):</p></td> |
4952 |
+</table> |
4953 |
+<!-- TABS --> |
4954 |
+<table width="100%" border=0 rules="none" frame="void" |
4955 |
+ cols="5" cellspacing="0" cellpadding="0"> |
4956 |
+<tr valign="top" align="left"> |
4957 |
+<td width="22%"></td> |
4958 |
+<td width="1%"> |
4959 |
+ |
4960 |
+<p>•</p> |
4961 |
+</td> |
4962 |
+<td width="5%"></td> |
4963 |
+<td width="44%"> |
4964 |
+ |
4965 |
+<p>prefix/share/spamassassin</p> |
4966 |
+</td> |
4967 |
+<td width="28%"> |
4968 |
+</td> |
4969 |
+<tr valign="top" align="left"> |
4970 |
+<td width="22%"></td> |
4971 |
+<td width="1%"> |
4972 |
+ |
4973 |
+<p>•</p> |
4974 |
+</td> |
4975 |
+<td width="5%"></td> |
4976 |
+<td width="44%"> |
4977 |
+ |
4978 |
+<p>/usr/local/share/spamassassin</p> |
4979 |
+</td> |
4980 |
+<td width="28%"> |
4981 |
+</td> |
4982 |
+<tr valign="top" align="left"> |
4983 |
+<td width="22%"></td> |
4984 |
+<td width="1%"> |
4985 |
+ |
4986 |
+<p>•</p> |
4987 |
+</td> |
4988 |
+<td width="5%"></td> |
4989 |
+<td width="44%"> |
4990 |
+ |
4991 |
+<p>/usr/share/spamassassin</p> |
4992 |
+</td> |
4993 |
+<td width="28%"> |
4994 |
+</td> |
4995 |
+<tr valign="top" align="left"> |
4996 |
+<td width="22%"></td> |
4997 |
+<td width="1%"> |
4998 |
+ |
4999 |
+<p>•</p> |
5000 |
+</td> |
5001 |
+<td width="5%"></td> |
5002 |
+<td width="44%"> |
5003 |
+ |
5004 |
+<p>maybe others as well</p> |
5005 |
+</td> |
5006 |
+<td width="28%"> |
5007 |
+</td> |
5008 |
+</table> |
5009 |
+<a name="Advanced Settings"></a> |
5010 |
+<h2>Advanced Settings</h2> |
5011 |
+<!-- INDENTATION --> |
5012 |
+<table width="100%" border=0 rules="none" frame="void" |
5013 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5014 |
+<tr valign="top" align="left"> |
5015 |
+<td width="11%"></td> |
5016 |
+<td width="89%"> |
5017 |
+<p><b>Spam Score Number Format</b></p></td> |
5018 |
+</table> |
5019 |
+<!-- INDENTATION --> |
5020 |
+<table width="100%" border=0 rules="none" frame="void" |
5021 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5022 |
+<tr valign="top" align="left"> |
5023 |
+<td width="22%"></td> |
5024 |
+<td width="78%"> |
5025 |
+<p>Default: %d</p> |
5026 |
+<!-- INDENTATION --> |
5027 |
+<p>When putting the value of the spam score of a message |
5028 |
+into the headers, how do you want to format it. If you |
5029 |
+don’t know how to use sprintf() or printf() in C, |
5030 |
+please *do not modify* this value. This can also be the |
5031 |
+filename of a ruleset. A few examples for you:</p> |
5032 |
+</td> |
5033 |
+</table> |
5034 |
+<!-- TABS --> |
5035 |
+<table width="100%" border=0 rules="none" frame="void" |
5036 |
+ cols="5" cellspacing="0" cellpadding="0"> |
5037 |
+<tr valign="top" align="left"> |
5038 |
+<td width="11%"></td> |
5039 |
+<td width="20%"> |
5040 |
+ |
5041 |
+<p>%d</p> |
5042 |
+</td> |
5043 |
+<td width="1%"></td> |
5044 |
+<td width="14%"> |
5045 |
+ |
5046 |
+<p>==> 12</p> |
5047 |
+</td> |
5048 |
+<td width="54%"> |
5049 |
+</td> |
5050 |
+<tr valign="top" align="left"> |
5051 |
+<td width="11%"></td> |
5052 |
+<td width="20%"> |
5053 |
+ |
5054 |
+<p>%5.2f</p> |
5055 |
+</td> |
5056 |
+<td width="1%"></td> |
5057 |
+<td width="14%"> |
5058 |
+ |
5059 |
+<p>==> 12.34</p> |
5060 |
+</td> |
5061 |
+<td width="54%"> |
5062 |
+</td> |
5063 |
+<tr valign="top" align="left"> |
5064 |
+<td width="11%"></td> |
5065 |
+<td width="20%"> |
5066 |
+ |
5067 |
+<p>%05.1f</p> |
5068 |
+</td> |
5069 |
+<td width="1%"></td> |
5070 |
+<td width="14%"> |
5071 |
+ |
5072 |
+<p>==> 012.3</p> |
5073 |
+</td> |
5074 |
+<td width="54%"> |
5075 |
+</td> |
5076 |
+<tr valign="top" align="left"> |
5077 |
+<td width="11%"></td> |
5078 |
+<td width="20%"> |
5079 |
+ |
5080 |
+<p><b>Debug</b></p> |
5081 |
+</td> |
5082 |
+<td width="1%"></td> |
5083 |
+<td width="14%"></td> |
5084 |
+<td width="54%"> |
5085 |
+</td> |
5086 |
+</table> |
5087 |
+<!-- INDENTATION --> |
5088 |
+<table width="100%" border=0 rules="none" frame="void" |
5089 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5090 |
+<tr valign="top" align="left"> |
5091 |
+<td width="11%"></td> |
5092 |
+<td width="89%"> |
5093 |
+<p>Default: no</p></td> |
5094 |
+</table> |
5095 |
+<!-- INDENTATION --> |
5096 |
+<table width="100%" border=0 rules="none" frame="void" |
5097 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5098 |
+<tr valign="top" align="left"> |
5099 |
+<td width="22%"></td> |
5100 |
+<td width="78%"> |
5101 |
+<p>Not for use by normal users. Setting this option to |
5102 |
+"yes" will put MailScanner into debugging mode, in |
5103 |
+which it creates slightly more output and will not become a |
5104 |
+daemon.</p> |
5105 |
+</td> |
5106 |
+</table> |
5107 |
+<!-- INDENTATION --> |
5108 |
+<table width="100%" border=0 rules="none" frame="void" |
5109 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5110 |
+<tr valign="top" align="left"> |
5111 |
+<td width="11%"></td> |
5112 |
+<td width="89%"> |
5113 |
+<p><b>Debug SpamAssassin</b></p></td> |
5114 |
+</table> |
5115 |
+<!-- INDENTATION --> |
5116 |
+<table width="100%" border=0 rules="none" frame="void" |
5117 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5118 |
+<tr valign="top" align="left"> |
5119 |
+<td width="22%"></td> |
5120 |
+<td width="78%"> |
5121 |
+<p>Default: no</p> |
5122 |
+<!-- INDENTATION --> |
5123 |
+<p>Do you want to debug SpamAssassin from within |
5124 |
+MailScanner?</p> |
5125 |
+</td> |
5126 |
+</table> |
5127 |
+<!-- INDENTATION --> |
5128 |
+<table width="100%" border=0 rules="none" frame="void" |
5129 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5130 |
+<tr valign="top" align="left"> |
5131 |
+<td width="11%"></td> |
5132 |
+<td width="89%"> |
5133 |
+<p><b>Run In Foreground</b></p></td> |
5134 |
+</table> |
5135 |
+<!-- INDENTATION --> |
5136 |
+<table width="100%" border=0 rules="none" frame="void" |
5137 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5138 |
+<tr valign="top" align="left"> |
5139 |
+<td width="22%"></td> |
5140 |
+<td width="78%"> |
5141 |
+<p>Default: no</p> |
5142 |
+<!-- INDENTATION --> |
5143 |
+<p>Set Run In Foreground to "yes" if you want |
5144 |
+MailScanner to operate normally in foreground (and not as a |
5145 |
+background daemon). Use this if you are controlling the |
5146 |
+execution of MailScanner with a tool like DJB’s |
5147 |
+’supervise’ (see |
5148 |
+http://cr.yp.to/daemontools.html).</p> |
5149 |
+</td> |
5150 |
+</table> |
5151 |
+<!-- INDENTATION --> |
5152 |
+<table width="100%" border=0 rules="none" frame="void" |
5153 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5154 |
+<tr valign="top" align="left"> |
5155 |
+<td width="11%"></td> |
5156 |
+<td width="89%"> |
5157 |
+<p><b>LDAP Server</b></p></td> |
5158 |
+</table> |
5159 |
+<!-- INDENTATION --> |
5160 |
+<table width="100%" border=0 rules="none" frame="void" |
5161 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5162 |
+<tr valign="top" align="left"> |
5163 |
+<td width="22%"></td> |
5164 |
+<td width="78%"> |
5165 |
+<p>Default:</p> |
5166 |
+<!-- INDENTATION --> |
5167 |
+<p>If you are using an LDAP server to read the |
5168 |
+configuration, these are the details required for the LDAP |
5169 |
+connection. The connection is anonymous. Example: |
5170 |
+localhost</p> |
5171 |
+</td> |
5172 |
+</table> |
5173 |
+<!-- INDENTATION --> |
5174 |
+<table width="100%" border=0 rules="none" frame="void" |
5175 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5176 |
+<tr valign="top" align="left"> |
5177 |
+<td width="11%"></td> |
5178 |
+<td width="89%"> |
5179 |
+<p><b>LDAP Base</b></p></td> |
5180 |
+</table> |
5181 |
+<!-- INDENTATION --> |
5182 |
+<table width="100%" border=0 rules="none" frame="void" |
5183 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5184 |
+<tr valign="top" align="left"> |
5185 |
+<td width="22%"></td> |
5186 |
+<td width="78%"> |
5187 |
+<p>Default:</p> |
5188 |
+<!-- INDENTATION --> |
5189 |
+<p>If you are using an LDAP server to read the |
5190 |
+configuration, these are the details required for the LDAP |
5191 |
+connection. The connection is anonymous. Example: o=fsl</p> |
5192 |
+</td> |
5193 |
+</table> |
5194 |
+<!-- INDENTATION --> |
5195 |
+<table width="100%" border=0 rules="none" frame="void" |
5196 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5197 |
+<tr valign="top" align="left"> |
5198 |
+<td width="11%"></td> |
5199 |
+<td width="89%"> |
5200 |
+<p><b>LDAP Site</b></p></td> |
5201 |
+</table> |
5202 |
+<!-- INDENTATION --> |
5203 |
+<table width="100%" border=0 rules="none" frame="void" |
5204 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5205 |
+<tr valign="top" align="left"> |
5206 |
+<td width="22%"></td> |
5207 |
+<td width="78%"> |
5208 |
+<p>Default:</p> |
5209 |
+<!-- INDENTATION --> |
5210 |
+<p>If you are using an LDAP server to read the |
5211 |
+configuration, these are the details required for the LDAP |
5212 |
+connection. The connection is anonymous. Example: |
5213 |
+default</p> |
5214 |
+</td> |
5215 |
+</table> |
5216 |
+<!-- INDENTATION --> |
5217 |
+<table width="100%" border=0 rules="none" frame="void" |
5218 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5219 |
+<tr valign="top" align="left"> |
5220 |
+<td width="11%"></td> |
5221 |
+<td width="89%"> |
5222 |
+<p><b>Always Looked Up Last</b></p></td> |
5223 |
+</table> |
5224 |
+<!-- INDENTATION --> |
5225 |
+<table width="100%" border=0 rules="none" frame="void" |
5226 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5227 |
+<tr valign="top" align="left"> |
5228 |
+<td width="22%"></td> |
5229 |
+<td width="78%"> |
5230 |
+<p>Default: no</p> |
5231 |
+<!-- INDENTATION --> |
5232 |
+<p>The value of the option is actually never used, but it is |
5233 |
+evaluated at the end of processing a batch of messages. It |
5234 |
+is designed to be used in conjunction with a Custom |
5235 |
+Function. The Custom Function should then be written to have |
5236 |
+a "side effect" of doing something useful such as |
5237 |
+logging lots of information about the batch of messages to a |
5238 |
+file or an SQL database.</p> |
5239 |
+</td> |
5240 |
+</table> |
5241 |
+<!-- INDENTATION --> |
5242 |
+<table width="100%" border=0 rules="none" frame="void" |
5243 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5244 |
+<tr valign="top" align="left"> |
5245 |
+<td width="11%"></td> |
5246 |
+<td width="89%"> |
5247 |
+<p><b>Deliver in Background</b></p></td> |
5248 |
+</table> |
5249 |
+<!-- INDENTATION --> |
5250 |
+<table width="100%" border=0 rules="none" frame="void" |
5251 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5252 |
+<tr valign="top" align="left"> |
5253 |
+<td width="22%"></td> |
5254 |
+<td width="78%"> |
5255 |
+<p>Default: yes</p> |
5256 |
+<!-- INDENTATION --> |
5257 |
+<p>When attempting delivery of any messages (when the |
5258 |
+"Delivery Method = batch") the sendmail/Exim |
5259 |
+command will be run in the background so that MailScanner |
5260 |
+does not have to wait for the delivery attempt to complete. |
5261 |
+There are very few good reasons for setting this to |
5262 |
+"no".</p> |
5263 |
+</td> |
5264 |
+</table> |
5265 |
+<!-- INDENTATION --> |
5266 |
+<table width="100%" border=0 rules="none" frame="void" |
5267 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5268 |
+<tr valign="top" align="left"> |
5269 |
+<td width="11%"></td> |
5270 |
+<td width="89%"> |
5271 |
+<p><b>Lockfile Dir</b></p></td> |
5272 |
+</table> |
5273 |
+<!-- INDENTATION --> |
5274 |
+<table width="100%" border=0 rules="none" frame="void" |
5275 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5276 |
+<tr valign="top" align="left"> |
5277 |
+<td width="22%"></td> |
5278 |
+<td width="78%"> |
5279 |
+<p>Default: /tmp</p> |
5280 |
+<!-- INDENTATION --> |
5281 |
+<p>This is the directory in which lock files are placed to |
5282 |
+stop the virus scanners used while they are in the middle of |
5283 |
+updating themselves with new virus definitions. If you |
5284 |
+change this at all, you will need to edit the |
5285 |
+"autoupdate" scripts for all your virus |
5286 |
+scanners.</p> |
5287 |
+</td> |
5288 |
+</table> |
5289 |
+<!-- INDENTATION --> |
5290 |
+<table width="100%" border=0 rules="none" frame="void" |
5291 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5292 |
+<tr valign="top" align="left"> |
5293 |
+<td width="11%"></td> |
5294 |
+<td width="89%"> |
5295 |
+<p><b>Custom Functions Dir</b></p></td> |
5296 |
+</table> |
5297 |
+<!-- INDENTATION --> |
5298 |
+<table width="100%" border=0 rules="none" frame="void" |
5299 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5300 |
+<tr valign="top" align="left"> |
5301 |
+<td width="22%"></td> |
5302 |
+<td width="78%"> |
5303 |
+<p>Default: |
5304 |
+/opt/MailScanner/lib/MailScanner/CustomFunctions<br> |
5305 |
+Default FreeBSD: |
5306 |
+/usr/local/lib/MailScanner/MailScanner/CustomFunctions</p> |
5307 |
+<!-- INDENTATION --> |
5308 |
+<p>Where to put the code for your "Custom |
5309 |
+Functions". No code in this directory should be |
5310 |
+over−written by the installation or upgrade process. |
5311 |
+All files starting with "." or ending with |
5312 |
+".rpmnew" will be ignored, all other files will be |
5313 |
+compiled and may be used with Custom Functions.</p> |
5314 |
+</td> |
5315 |
+</table> |
5316 |
+<!-- INDENTATION --> |
5317 |
+<table width="100%" border=0 rules="none" frame="void" |
5318 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5319 |
+<tr valign="top" align="left"> |
5320 |
+<td width="11%"></td> |
5321 |
+<td width="89%"> |
5322 |
+<p><b>Lock Type</b></p></td> |
5323 |
+</table> |
5324 |
+<!-- INDENTATION --> |
5325 |
+<table width="100%" border=0 rules="none" frame="void" |
5326 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5327 |
+<tr valign="top" align="left"> |
5328 |
+<td width="22%"></td> |
5329 |
+<td width="78%"> |
5330 |
+<p>Do not set this option to anything unless you know |
5331 |
+exactly what you are doing. For sendmail and Exim, |
5332 |
+MailScanner will choose the correct value by default. This |
5333 |
+affects how mail queue files are locked, and your mail will |
5334 |
+be totally screwed up if you set this option to anything |
5335 |
+other than the correct value for your MTA. So leave it alone |
5336 |
+and let MailScanner choose the correct value for you.</p> |
5337 |
+</td> |
5338 |
+</table> |
5339 |
+<!-- INDENTATION --> |
5340 |
+<table width="100%" border=0 rules="none" frame="void" |
5341 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5342 |
+<tr valign="top" align="left"> |
5343 |
+<td width="11%"></td> |
5344 |
+<td width="89%"> |
5345 |
+<p><b>Minimum Code Status</b></p></td> |
5346 |
+</table> |
5347 |
+<!-- INDENTATION --> |
5348 |
+<table width="100%" border=0 rules="none" frame="void" |
5349 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5350 |
+<tr valign="top" align="left"> |
5351 |
+<td width="22%"></td> |
5352 |
+<td width="78%"> |
5353 |
+<p>Default: supported</p> |
5354 |
+<!-- INDENTATION --> |
5355 |
+<p>Minimum acceptable code stability status −− |
5356 |
+if we come across code that’s not at least as stable |
5357 |
+as this, we barf. This is currently only used to check that |
5358 |
+you don’t end up using untested virus scanner support |
5359 |
+code without realising it. Don’t even *think* about |
5360 |
+setting this to anything other than "beta" or |
5361 |
+"supported" on a system that receives real mail |
5362 |
+until you have tested it yourself and are happy that it is |
5363 |
+all working as you expect it to. Don’t set it to |
5364 |
+anything other than "supported" on a system that |
5365 |
+could ever receive important mail. Levels used are:</p> |
5366 |
+</td> |
5367 |
+</table> |
5368 |
+<!-- TABS --> |
5369 |
+<table width="100%" border=0 rules="none" frame="void" |
5370 |
+ cols="4" cellspacing="0" cellpadding="0"> |
5371 |
+<tr valign="top" align="left"> |
5372 |
+<td width="22%"></td> |
5373 |
+<td width="1%"> |
5374 |
+ |
5375 |
+<p>•</p> |
5376 |
+</td> |
5377 |
+<td width="5%"></td> |
5378 |
+<td width="72%"> |
5379 |
+ |
5380 |
+<p>none − there may not even be any code.</p> |
5381 |
+</td> |
5382 |
+<tr valign="top" align="left"> |
5383 |
+<td width="22%"></td> |
5384 |
+<td width="1%"> |
5385 |
+ |
5386 |
+<p>•</p> |
5387 |
+</td> |
5388 |
+<td width="5%"></td> |
5389 |
+<td width="72%"> |
5390 |
+ |
5391 |
+<p>unsupported − code may be completely untested, a |
5392 |
+contributed dirty hack, anything, really.</p> |
5393 |
+</td> |
5394 |
+<tr valign="top" align="left"> |
5395 |
+<td width="22%"></td> |
5396 |
+<td width="1%"> |
5397 |
+ |
5398 |
+<p>•</p> |
5399 |
+</td> |
5400 |
+<td width="5%"></td> |
5401 |
+<td width="72%"> |
5402 |
+ |
5403 |
+<p>alpha − code is pretty well untested. Don’t |
5404 |
+assume it will work.</p> |
5405 |
+</td> |
5406 |
+<tr valign="top" align="left"> |
5407 |
+<td width="22%"></td> |
5408 |
+<td width="1%"> |
5409 |
+ |
5410 |
+<p>•</p> |
5411 |
+</td> |
5412 |
+<td width="5%"></td> |
5413 |
+<td width="72%"> |
5414 |
+ |
5415 |
+<p>beta − code is tested a bit. It should work.</p> |
5416 |
+</td> |
5417 |
+<tr valign="top" align="left"> |
5418 |
+<td width="22%"></td> |
5419 |
+<td width="1%"> |
5420 |
+ |
5421 |
+<p>•</p> |
5422 |
+</td> |
5423 |
+<td width="5%"></td> |
5424 |
+<td width="72%"> |
5425 |
+ |
5426 |
+<p>supported − code *should* be reliable.</p> |
5427 |
+</td> |
5428 |
+</table> |
5429 |
+<!-- INDENTATION --> |
5430 |
+<table width="100%" border=0 rules="none" frame="void" |
5431 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5432 |
+<tr valign="top" align="left"> |
5433 |
+<td width="11%"></td> |
5434 |
+<td width="89%"> |
5435 |
+<p><b>Split Exim Spool</b></p></td> |
5436 |
+</table> |
5437 |
+<!-- INDENTATION --> |
5438 |
+<table width="100%" border=0 rules="none" frame="void" |
5439 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5440 |
+<tr valign="top" align="left"> |
5441 |
+<td width="22%"></td> |
5442 |
+<td width="78%"> |
5443 |
+<p>Default: yes</p></td> |
5444 |
+</table> |
5445 |
+<!-- INDENTATION --> |
5446 |
+<table width="100%" border=0 rules="none" frame="void" |
5447 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5448 |
+<tr valign="top" align="left"> |
5449 |
+<td width="28%"></td> |
5450 |
+<td width="72%"> |
5451 |
+<p>Are you using Exim with split spool directories? If you |
5452 |
+don’t understand this, the answer is probably |
5453 |
+"no". Refer to the Exim documentation for more |
5454 |
+information about split spool directories.</p> |
5455 |
+</td> |
5456 |
+</table> |
5457 |
+<!-- INDENTATION --> |
5458 |
+<table width="100%" border=0 rules="none" frame="void" |
5459 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5460 |
+<tr valign="top" align="left"> |
5461 |
+<td width="11%"></td> |
5462 |
+<td width="89%"> |
5463 |
+<p><b>Use Default Rules With Multiple |
5464 |
+Recipients</b></p></td> |
5465 |
+</table> |
5466 |
+<!-- INDENTATION --> |
5467 |
+<table width="100%" border=0 rules="none" frame="void" |
5468 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5469 |
+<tr valign="top" align="left"> |
5470 |
+<td width="22%"></td> |
5471 |
+<td width="78%"> |
5472 |
+<p>Default: no</p> |
5473 |
+<!-- INDENTATION --> |
5474 |
+<p>When trying to work out the value of configuration |
5475 |
+parameters which are using a ruleset, this controls the |
5476 |
+behaviour when a rule is checking the "To:" |
5477 |
+addresses. If this option is set to "no", then |
5478 |
+some rules will use the result they get from the first |
5479 |
+matching rule for any of the recipients of a message, so the |
5480 |
+exact value cannot be predicted for messages with more than |
5481 |
+1 recipient. This value *cannot* be the filename of a |
5482 |
+ruleset.<br> |
5483 |
+If this option is set to "yes", then the following |
5484 |
+happens when checking the ruleset:</p> |
5485 |
+</td> |
5486 |
+</table> |
5487 |
+<!-- TABS --> |
5488 |
+<table width="100%" border=0 rules="none" frame="void" |
5489 |
+ cols="4" cellspacing="0" cellpadding="0"> |
5490 |
+<tr valign="top" align="left"> |
5491 |
+<td width="22%"></td> |
5492 |
+<td width="3%"> |
5493 |
+ |
5494 |
+<p>a)</p> |
5495 |
+</td> |
5496 |
+<td width="3%"></td> |
5497 |
+<td width="72%"> |
5498 |
+ |
5499 |
+<p>1 recipient. Same behaviour as normal.</p> |
5500 |
+</td> |
5501 |
+<tr valign="top" align="left"> |
5502 |
+<td width="22%"></td> |
5503 |
+<td width="3%"> |
5504 |
+ |
5505 |
+<p>b)</p> |
5506 |
+</td> |
5507 |
+<td width="3%"></td> |
5508 |
+<td width="72%"> |
5509 |
+ |
5510 |
+<p>Several recipients, but all in the same domain |
5511 |
+(domain.com for example). The rules are checked for one that |
5512 |
+matches the string "*@domain.com".</p> |
5513 |
+</td> |
5514 |
+<tr valign="top" align="left"> |
5515 |
+<td width="22%"></td> |
5516 |
+<td width="3%"> |
5517 |
+ |
5518 |
+<p>c)</p> |
5519 |
+</td> |
5520 |
+<td width="3%"></td> |
5521 |
+<td width="72%"> |
5522 |
+ |
5523 |
+<p>Several recipients, not all in the same domain. The |
5524 |
+rules are checked for one that matches the string |
5525 |
+"*@*".</p> |
5526 |
+</td> |
5527 |
+</table> |
5528 |
+<a name="RULESETS"></a> |
5529 |
+<h2>RULESETS</h2> |
5530 |
+<!-- INDENTATION --> |
5531 |
+<table width="100%" border=0 rules="none" frame="void" |
5532 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5533 |
+<tr valign="top" align="left"> |
5534 |
+<td width="11%"></td> |
5535 |
+<td width="89%"> |
5536 |
+<p>Ruleset files should all be put in |
5537 |
+/opt/MailScanner/etc/rules (FreeBSD: |
5538 |
+/usr/local/etc/MailScanner/rules) and their filename should |
5539 |
+end in ".rules" wherever possible.</p> |
5540 |
+<!-- INDENTATION --> |
5541 |
+<p>All blank lines are ignored, and comments start with |
5542 |
+"#" and continue to the end of the line, like |
5543 |
+this: # This line is just a comment</p> |
5544 |
+<!-- INDENTATION --> |
5545 |
+<p>Other than that, every line is a rule and looks like this |
5546 |
+example: From: john.doe@domain.com yes</p> |
5547 |
+<!-- INDENTATION --> |
5548 |
+<p>As you can see, each rule has 3 fields:<br> |
5549 |
+1. Direction<br> |
5550 |
+2. Pattern to match<br> |
5551 |
+3. Result value (or values)</p> |
5552 |
+<!-- INDENTATION --> |
5553 |
+<p>1. Direction should be one of the following:</p> |
5554 |
+</td> |
5555 |
+</table> |
5556 |
+<!-- TABS --> |
5557 |
+<table width="100%" border=0 rules="none" frame="void" |
5558 |
+ cols="5" cellspacing="0" cellpadding="0"> |
5559 |
+<tr valign="top" align="left"> |
5560 |
+<td width="11%"></td> |
5561 |
+<td width="7%"> |
5562 |
+ |
5563 |
+<p>From:</p> |
5564 |
+</td> |
5565 |
+<td width="4%"></td> |
5566 |
+<td width="78%"> |
5567 |
+ |
5568 |
+<p>Matches when the message is from a matching address</p> |
5569 |
+</td> |
5570 |
+<td width="0%"> |
5571 |
+</td> |
5572 |
+<tr valign="top" align="left"> |
5573 |
+<td width="11%"></td> |
5574 |
+<td width="7%"> |
5575 |
+ |
5576 |
+<p>To:</p> |
5577 |
+</td> |
5578 |
+<td width="4%"></td> |
5579 |
+<td width="78%"> |
5580 |
+ |
5581 |
+<p>Matches when the message is to a matching address</p> |
5582 |
+</td> |
5583 |
+<td width="0%"> |
5584 |
+</td> |
5585 |
+</table> |
5586 |
+<!-- INDENTATION --> |
5587 |
+<table width="100%" border=0 rules="none" frame="void" |
5588 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5589 |
+<tr valign="top" align="left"> |
5590 |
+<td width="11%"></td> |
5591 |
+<td width="89%"> |
5592 |
+<p>FromOrTo:</p></td> |
5593 |
+</table> |
5594 |
+<!-- INDENTATION --> |
5595 |
+<table width="100%" border=0 rules="none" frame="void" |
5596 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5597 |
+<tr valign="top" align="left"> |
5598 |
+<td width="22%"></td> |
5599 |
+<td width="78%"> |
5600 |
+<p>Matches when the message is from or to a matching |
5601 |
+address</p> |
5602 |
+</td> |
5603 |
+</table> |
5604 |
+<!-- INDENTATION --> |
5605 |
+<table width="100%" border=0 rules="none" frame="void" |
5606 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5607 |
+<tr valign="top" align="left"> |
5608 |
+<td width="11%"></td> |
5609 |
+<td width="89%"> |
5610 |
+<p>FromAndTo:</p></td> |
5611 |
+</table> |
5612 |
+<!-- INDENTATION --> |
5613 |
+<table width="100%" border=0 rules="none" frame="void" |
5614 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5615 |
+<tr valign="top" align="left"> |
5616 |
+<td width="22%"></td> |
5617 |
+<td width="78%"> |
5618 |
+<p>Matches when the message is from and to a matching |
5619 |
+address</p> |
5620 |
+</td> |
5621 |
+</table> |
5622 |
+<!-- INDENTATION --> |
5623 |
+<table width="100%" border=0 rules="none" frame="void" |
5624 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5625 |
+<tr valign="top" align="left"> |
5626 |
+<td width="11%"></td> |
5627 |
+<td width="89%"> |
5628 |
+<p>The syntax of these is very loosely defined. Any word |
5629 |
+containing "from", any word containing |
5630 |
+"to", any word containing "from" and |
5631 |
+"to" (in either order), and any word containing |
5632 |
+"and" will work just fine. You can put them in |
5633 |
+upper or lower case, it doesn’t matter. And any |
5634 |
+additional punctuation will be ignored.</p></td> |
5635 |
+</table> |
5636 |
+<!-- INDENTATION --> |
5637 |
+<table width="100%" border=0 rules="none" frame="void" |
5638 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5639 |
+<tr valign="top" align="left"> |
5640 |
+<td width="22%"></td> |
5641 |
+<td width="78%"> |
5642 |
+<p>This specifies the whether the rule should be matched |
5643 |
+against the sender’s address (or IP address), or the |
5644 |
+recipient’s address.</p> |
5645 |
+</td> |
5646 |
+</table> |
5647 |
+<!-- INDENTATION --> |
5648 |
+<table width="100%" border=0 rules="none" frame="void" |
5649 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5650 |
+<tr valign="top" align="left"> |
5651 |
+<td width="11%"></td> |
5652 |
+<td width="89%"> |
5653 |
+<p>2. The pattern describes what messages should match this |
5654 |
+rule. Some examples are:</p> |
5655 |
+<!-- INDENTATION --> |
5656 |
+<p>user@sub.domain.com # Individual address<br> |
5657 |
+user@* # 1 user at any domain<br> |
5658 |
+*@sub.domain.com # Any user at 1 domain<br> |
5659 |
+*@*.domain.com # Any user at any sub−domain of |
5660 |
+"domain.com"<br> |
5661 |
+*@domain.com # Any user at 1 specific domain<br> |
5662 |
+/pattern/ # Any address matching this Perl regular<br> |
5663 |
+# expression<br> |
5664 |
+192.168. # Any SMTP client IP address in this network<br> |
5665 |
+/pattern−with−no−letters/ # Any SMTP |
5666 |
+client IP address matching this<br> |
5667 |
+# Perl regular expression<br> |
5668 |
+/^192.168.1[4567]./ # Any SMTP client IP address in the |
5669 |
+networks<br> |
5670 |
+# 192.168.14 − 192.168.17<br> |
5671 |
+*@* # Default value<br> |
5672 |
+default # Default value</p> |
5673 |
+<!-- INDENTATION --> |
5674 |
+<p>You should be able to do just about anything with |
5675 |
+that.</p> |
5676 |
+<!-- INDENTATION --> |
5677 |
+<p>3. The result value is what you could have put in the |
5678 |
+entry in the main mailscanner.conf file had you not given |
5679 |
+the filename of a ruleset instead.</p> |
5680 |
+<!-- INDENTATION --> |
5681 |
+<p>See the file EXAMPLES for a few ideas on how to do things |
5682 |
+with this system.</p> |
5683 |
+</td> |
5684 |
+</table> |
5685 |
+<a name="ATTACHMENT FILENAME RULESET"></a> |
5686 |
+<h2>ATTACHMENT FILENAME RULESET</h2> |
5687 |
+<!-- INDENTATION --> |
5688 |
+<table width="100%" border=0 rules="none" frame="void" |
5689 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5690 |
+<tr valign="top" align="left"> |
5691 |
+<td width="11%"></td> |
5692 |
+<td width="89%"> |
5693 |
+<p>This is held in the filename pointed to by the |
5694 |
+configuration option Filename rules. It contains a set of |
5695 |
+rules that are used to judge whether any given file |
5696 |
+attachment should be accepted or rejected on the basis of |
5697 |
+its filename, regardless of whether it is found to be |
5698 |
+virus−infected or not. This can not only be used for |
5699 |
+draconian measures such as banning all .exe attachments, but |
5700 |
+it can be used with any Perl regular expression to provide |
5701 |
+facilities such as detection of attempts at hiding |
5702 |
+filenames.</p> |
5703 |
+<!-- INDENTATION --> |
5704 |
+<p>Many Windows e−mail programs (eg. Microsoft |
5705 |
+Outlook) hide common file extensions in an attempt to not |
5706 |
+baffle the user. The result is that while an attachment |
5707 |
+called "Your Document.doc" is helpfully displayed |
5708 |
+as "Your Document", a more sinister attachment |
5709 |
+just as "Looks Safe.txt.pif" will appear simply as |
5710 |
+"Looks Safe.txt". Many users recognise the .txt |
5711 |
+filename extension as applying to plain text files, which |
5712 |
+they know are safe. So even an experienced user may well |
5713 |
+double−click on this attachment thinking it is just |
5714 |
+going to start Notepad and display the text file. However, |
5715 |
+the file is really an MS−Dos shortcut (.pif file) and |
5716 |
+can execute any arbitrary commands the author wanted: all |
5717 |
+without any indication to the unwitting user.</p> |
5718 |
+<!-- INDENTATION --> |
5719 |
+<p>The rules are matched in order from the top to the bottom |
5720 |
+of the file, and the first rule containing a matching |
5721 |
+regular expression is used. Each line of the file is either |
5722 |
+blank, a comment (in which case it starts with a |
5723 |
+’#’ character) or is a rule made up of 4 fields |
5724 |
+separated by one or more TAB characters:</p> |
5725 |
+</td> |
5726 |
+</table> |
5727 |
+<!-- INDENTATION --> |
5728 |
+<table width="100%" border=0 rules="none" frame="void" |
5729 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5730 |
+<tr valign="top" align="left"> |
5731 |
+<td width="11%"></td> |
5732 |
+<td width="89%"> |
5733 |
+<p>allow / deny</p></td> |
5734 |
+</table> |
5735 |
+<!-- INDENTATION --> |
5736 |
+<table width="100%" border=0 rules="none" frame="void" |
5737 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5738 |
+<tr valign="top" align="left"> |
5739 |
+<td width="22%"></td> |
5740 |
+<td width="78%"> |
5741 |
+<p>Accept or reject the attachment if its filename matches |
5742 |
+the regular expression</p> |
5743 |
+</td> |
5744 |
+</table> |
5745 |
+<!-- INDENTATION --> |
5746 |
+<table width="100%" border=0 rules="none" frame="void" |
5747 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5748 |
+<tr valign="top" align="left"> |
5749 |
+<td width="11%"></td> |
5750 |
+<td width="89%"> |
5751 |
+<p>regular expression</p></td> |
5752 |
+</table> |
5753 |
+<!-- INDENTATION --> |
5754 |
+<table width="100%" border=0 rules="none" frame="void" |
5755 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5756 |
+<tr valign="top" align="left"> |
5757 |
+<td width="22%"></td> |
5758 |
+<td width="78%"> |
5759 |
+<p>The rule is executed if the attachment matches this |
5760 |
+expression. It may optionally be surrounded in |
5761 |
+’/’ characters.</p> |
5762 |
+</td> |
5763 |
+</table> |
5764 |
+<!-- INDENTATION --> |
5765 |
+<table width="100%" border=0 rules="none" frame="void" |
5766 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5767 |
+<tr valign="top" align="left"> |
5768 |
+<td width="11%"></td> |
5769 |
+<td width="89%"> |
5770 |
+<p>log text</p></td> |
5771 |
+</table> |
5772 |
+<!-- INDENTATION --> |
5773 |
+<table width="100%" border=0 rules="none" frame="void" |
5774 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5775 |
+<tr valign="top" align="left"> |
5776 |
+<td width="22%"></td> |
5777 |
+<td width="78%"> |
5778 |
+<p>If the rule matches, this text is placed in the syslog. |
5779 |
+If the text is "−", no string is logged.</p> |
5780 |
+</td> |
5781 |
+</table> |
5782 |
+<!-- INDENTATION --> |
5783 |
+<table width="100%" border=0 rules="none" frame="void" |
5784 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5785 |
+<tr valign="top" align="left"> |
5786 |
+<td width="11%"></td> |
5787 |
+<td width="89%"> |
5788 |
+<p>user text</p></td> |
5789 |
+</table> |
5790 |
+<!-- INDENTATION --> |
5791 |
+<table width="100%" border=0 rules="none" frame="void" |
5792 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5793 |
+<tr valign="top" align="left"> |
5794 |
+<td width="22%"></td> |
5795 |
+<td width="78%"> |
5796 |
+<p>If the rule matches, this text is placed in the text |
5797 |
+message sent to the user. If the text is |
5798 |
+"−", no text is used.</p> |
5799 |
+</td> |
5800 |
+</table> |
5801 |
+<!-- INDENTATION --> |
5802 |
+<table width="100%" border=0 rules="none" frame="void" |
5803 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5804 |
+<tr valign="top" align="left"> |
5805 |
+<td width="11%"></td> |
5806 |
+<td width="89%"> |
5807 |
+<p>Please have a look at the filename.rules.conf or |
5808 |
+filename.rules.conf.sample file provided with this |
5809 |
+distribution/package/port.</p> |
5810 |
+</td> |
5811 |
+</table> |
5812 |
+<a name="SEE ALSO"></a> |
5813 |
+<h2>SEE ALSO</h2> |
5814 |
+<!-- INDENTATION --> |
5815 |
+<table width="100%" border=0 rules="none" frame="void" |
5816 |
+ cols="2" cellspacing="0" cellpadding="0"> |
5817 |
+<tr valign="top" align="left"> |
5818 |
+<td width="11%"></td> |
5819 |
+<td width="89%"> |
5820 |
+<p>MailScanner(8)</p> |
5821 |
+</td> |
5822 |
+</table> |
5823 |
+<hr> |
5824 |
+</body> |
5825 |
+</html> |