Mercurial > dnsbl
annotate xml/sample.conf @ 75:1142e46be550
start coding on new config syntax
author | carl |
---|---|
date | Wed, 13 Jul 2005 23:04:14 -0700 |
parents | 419e00901570 |
children | 81f1e400e8ab |
rev | line source |
---|---|
4 | 1 # $Id$ |
0 | 2 # |
75 | 3 |
4 # partial bnf description of this configuration language | |
56
57607387263d
updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents:
54
diff
changeset
|
5 # |
75 | 6 # CONFIG = {CONTEXT ";"}+ |
7 # CONTEXT = "context" NAME "{" {STATEMENT}+ "}" | |
8 # STATEMENT = (DNSBL | DNSBLLIST | CONTENT | ENV-TO | CONTEXT | ENV-FROM) ";" | |
9 | |
10 # DNSBL = "dnsbl" NAME DNSPREFIX ERROR-MSG | |
11 | |
12 # DNSBLLIST = "dnsbl_list" {NAME}+ | |
13 | |
14 # CONTENT = "content" ("on" | "off") "{" {CONTENT-STATEMENT}+ "}" | |
15 # CONTENT-STATEMENT = (FILTER | IGNORE | TLD | HTML-TAGS | HTML-LIMIT | HOST-LIMIT) ";" | |
16 # FILTER = "filter" DNSPREFIX ERROR-MSG | |
17 # IGNORE = "ignore" "{" {HOSTNAME [";"]}+ "}" | |
18 # TLD = "tld" "{" {TLD [";"]}+ "}" | |
19 # HTML-TAGS = "html_tags" "{" {HTMLTAG [";"]}+ "}" | |
20 # ERROR-MSG = string containing exactly two %s replacement tokens for the client ip address | |
21 | |
22 # HTML-LIMIT = "html_limit" ("on" INTEGER ERROR-MSG | "off") | |
23 | |
24 # HOST-LIMIT = "host_limit" ("on" INTEGER ERROR-MSG | "off" | "soft" INTEGER) | |
25 | |
26 # ENV-TO = "env_to" "{" {(TO-ADDR | DCC-TO)}+ "}" | |
27 # TO-ADDR = ADDRESS [";"] | |
28 # DCC-TO = "dcc_to" ("ok" | "many") "{" DCCINCLUDEFILE "}" ";" | |
29 | |
30 # ENV_FROM = "env_from" DEFAULT "{" {(FROM-ADDR | DCC-FROM)}+ "}" | |
31 # FROM-ADDR = ADDRESS VALUE [";"] | |
32 # DCC-FROM = "dcc_from" "{" DCCINCLUDEFILE "}" ";" | |
33 # DEFAULT = ("white" | "black" | "unknown" | "inherit" | "") | |
34 # ADDRESS = (USER@ | DOMAIN | USER@DOMAIN) | |
35 # VALUE = ("white" | "black" | "unknown" | CHILD-CONTEXT-NAME | |
24 | 36 |
37 | |
75 | 38 context sample { |
39 dnsbl local blackholes.five-ten-sg.com "Mail from %s rejected - local; see http://www.five-ten-sg.com/blackhole.php?%s"; | |
40 dnsbl spews blackholes.spews.org "Mail from %s rejected - spews; see http://www.spews.org/ask.cgi?x=%s"; | |
41 dnsbl sbl sbl-xbl.spamhaus.org "Mail from %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s"; | |
42 dnsbl xbl xbl.spamhaus.org "Mail from %s rejected - xbl; see http://www.spamhaus.org/query/bl?ip=%s"; | |
43 dnsbl_list local sbl; | |
0 | 44 |
75 | 45 content on { |
46 filter sbl-xbl.spamhaus.org "Mail containing %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s"; | |
47 ignore { include "hosts-ignore.conf"; }; | |
48 tld { include "tld.conf"; }; | |
49 html_tags { include "html-tags.conf"; }; | |
50 html_limit off; | |
51 host_limit on 20 "Mail containing excessive bad html tags rejected"; | |
52 host_limit soft 20; | |
53 }; | |
54 | |
55 env_to { | |
56 mydomain.com; # child contexts are not allowed to specify recipient addresses outside these domains | |
57 customer1.com; | |
58 customer1a.com; | |
59 customer1b.com; | |
60 customer2.com; | |
61 customer2a.com; | |
62 customer2b.com; | |
63 }; | |
0 | 64 |
75 | 65 context whitelist { |
66 content off {}; | |
67 env_to { | |
68 # dcc_to ok { include "/var/dcc/whitecommon"; }; | |
69 }; | |
70 env_from white {}; # white forces all unmatched from addresses (everyone in this case) to be whitelisted | |
71 # so all mail TO these env_to addresses is accepted | |
72 }; | |
0 | 73 |
75 | 74 context abuse { |
75 dnsbl_list xbl; | |
76 content off {}; | |
77 env_to { | |
78 abuse@; # no content filtering on abuse reports | |
79 postmaster@; # "" | |
80 }; | |
81 env_from unknown {}; # ignore all parent white/black listing | |
82 }; | |
0 | 83 |
75 | 84 context minimal { |
85 dnsbl_list sbl; | |
86 content on {}; | |
87 env_to { | |
88 sales@mydomain.com; | |
89 }; | |
90 }; | |
0 | 91 |
75 | 92 context blacklist { |
93 env_to { | |
94 dcc_to many { include "/var/dcc/whitecommon"; }; | |
95 old-employee@mydomain.com; | |
96 }; | |
97 env_from black {}; # black forces all unmatched from addresses (everyone in this case) to be blacklisted | |
98 # so all mail TO these env_to addresses is rejected | |
99 }; | |
0 | 100 |
75 | 101 context vp { # special context for the vp |
102 env_to { | |
103 vp@mydomain.com; | |
104 }; | |
105 env_from inherit { | |
106 nai.com black; # the vp does not like nai | |
107 yahoo.com unknown; # override parent context blacklisting | |
108 mother@spammyisp.com white; # suppress dnsbl checking | |
109 }; | |
110 }; | |
111 | |
112 context customer1 { | |
113 dnsbl_list sbl; | |
114 env_to { | |
115 customer1.com; | |
116 customer1a.com; | |
117 customer1b.com; | |
118 }; | |
0 | 119 |
75 | 120 context customer1a { |
121 env_to { | |
122 customer1a.com; | |
123 } | |
124 env_from black { # blacklist everything | |
125 first@acceptable.com unknown; # except these specific envelope senders | |
126 second@another.com unknown; | |
127 yahoo.com inherit; # delegate to the parent | |
128 }; | |
129 }; | |
130 | |
131 env_from { | |
132 yahoo.com black; # no mail from yahoo | |
133 first@yahoo.com unknown; # except this one | |
134 }; | |
135 }; | |
0 | 136 |
75 | 137 context customer2 { |
138 dnsbl_list sbl spews; | |
139 env_to { | |
140 customer2.com; | |
141 customer2a.com; | |
142 customer2b.com; | |
143 }; | |
144 }; | |
0 | 145 |
75 | 146 env_from unknown { |
147 dcc_from { include "/var/dcc/whitecommon"; }; # use the dcc whitecommon list ok/many values to white/black list envelope from values here | |
148 abuse@ abuse; # replies to abuse reports use the abuse context | |
149 yahoo.com black; # don't take mail from yahoo | |
150 spammer@example.com black; | |
151 }; | |
152 }; | |
153 |