Mercurial > dnsbl

annotate xml/sample.conf @ 56:57607387263d stable-3-6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updates for 3.6, better documentation on removing content filtering, missing some files in cvs
author carl
date Wed, 08 Sep 2004 14:46:45 -0700
parents dca56b2de019
children 419e00901570
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4
15a7e942adec updates to use dcc conf files
carl
parents: 0
diff changeset
1 # $Id$
0
96a9758165cd Initial revision
carl
parents:
diff changeset
2 #
96a9758165cd Initial revision
carl
parents:
diff changeset
3 # lines start with a command token, following by argument tokens
96a9758165cd Initial revision
carl
parents:
diff changeset
4 # tokens are separated by spaces or tabs
96a9758165cd Initial revision
carl
parents:
diff changeset
5 #
96a9758165cd Initial revision
carl
parents:
diff changeset
6 #
28
33e1e3910506 add configurable list of tlds
carl
parents: 27
diff changeset
7 # tld:
33e1e3910506 add configurable list of tlds
carl
parents: 27
diff changeset
8 # second token is the tld suffix - com, net, org, etc
33e1e3910506 add configurable list of tlds
carl
parents: 27
diff changeset
9 #
56
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
10 #
20
948343c0cfdd add sample for content filtering
carl
parents: 14
diff changeset
11 # content:
948343c0cfdd add sample for content filtering
carl
parents: 14
diff changeset
12 # second token is the dns suffix used for the actual lookups
948343c0cfdd add sample for content filtering
carl
parents: 14
diff changeset
13 # third token? is a string enclosed in single quotes, so it
948343c0cfdd add sample for content filtering
carl
parents: 14
diff changeset
14 # is not really a token. This is the error message, with
948343c0cfdd add sample for content filtering
carl
parents: 14
diff changeset
15 # up to two %s parameters for the offending host name and
56
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
16 # client ip address respectively.
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
17 #
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
18 # If this command is not present, there is no body scanning
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
19 # for host names or bad html tags.
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
20 #
20
948343c0cfdd add sample for content filtering
carl
parents: 14
diff changeset
21 #
27
43a4f6b3e668 add configurable host name limit and bad html tag limits.
carl
parents: 24
diff changeset
22 # host_limit:
43a4f6b3e668 add configurable host name limit and bad html tag limits.
carl
parents: 24
diff changeset
23 # second token is the integer count of the number of host names
43a4f6b3e668 add configurable host name limit and bad html tag limits.
carl
parents: 24
diff changeset
24 # or urls that are allowed in any one mail body. Zero is
44
6b79046b18c2 changes for 3.2
carl
parents: 28
diff changeset
25 # unlimited. If the actual number of host names in the message
6b79046b18c2 changes for 3.2
carl
parents: 28
diff changeset
26 # is larger than this limit, the message is rejected.
27
43a4f6b3e668 add configurable host name limit and bad html tag limits.
carl
parents: 24
diff changeset
27 # third token? is a string enclosed in single quotes, so it
43a4f6b3e668 add configurable host name limit and bad html tag limits.
carl
parents: 24
diff changeset
28 # is not really a token. This is the error message supplied
43a4f6b3e668 add configurable host name limit and bad html tag limits.
carl
parents: 24
diff changeset
29 # to the smtp client.
43a4f6b3e668 add configurable host name limit and bad html tag limits.
carl
parents: 24
diff changeset
30 #
56
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
31 #
44
6b79046b18c2 changes for 3.2
carl
parents: 28
diff changeset
32 # host_soft_limit:
6b79046b18c2 changes for 3.2
carl
parents: 28
diff changeset
33 # second token is the integer count of the number of host names
6b79046b18c2 changes for 3.2
carl
parents: 28
diff changeset
34 # or urls that are checked in any one mail body. Zero is
6b79046b18c2 changes for 3.2
carl
parents: 28
diff changeset
35 # unlimited. If the actual number of host names in the message
6b79046b18c2 changes for 3.2
carl
parents: 28
diff changeset
36 # is larger than this limit, only a random selection of them
6b79046b18c2 changes for 3.2
carl
parents: 28
diff changeset
37 # are checked against the dnsbl.
6b79046b18c2 changes for 3.2
carl
parents: 28
diff changeset
38 #
56
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
39 #
24
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
40 # html_limit:
27
43a4f6b3e668 add configurable host name limit and bad html tag limits.
carl
parents: 24
diff changeset
41 # second token is the integer count of the number of bad html tags
43a4f6b3e668 add configurable host name limit and bad html tag limits.
carl
parents: 24
diff changeset
42 # that are allowed in any one mail body. Zero is unlimited.
24
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
43 # third token? is a string enclosed in single quotes, so it
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
44 # is not really a token. This is the error message supplied
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
45 # to the smtp client.
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
46 #
56
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
47 #
24
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
48 # html_tag:
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
49 # second token is a valid html tag, that is added to the list
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
50 # of valid tags. Any html tag seen in the mail bodies that
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
51 # that is not in this list is presumed to be invalid.
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
52 #
56
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
53 #
0
96a9758165cd Initial revision
carl
parents:
diff changeset
54 # dnsbl:
96a9758165cd Initial revision
carl
parents:
diff changeset
55 # second token is the name of this dnsbl
96a9758165cd Initial revision
carl
parents:
diff changeset
56 # third token is the dns suffix used for the actual lookups
96a9758165cd Initial revision
carl
parents:
diff changeset
57 # fourth token? is a string enclosed in single quotes, so it
96a9758165cd Initial revision
carl
parents:
diff changeset
58 # is not really a token. This is the error message, with
96a9758165cd Initial revision
carl
parents:
diff changeset
59 # up to two %s parameters for the client ip address.
96a9758165cd Initial revision
carl
parents:
diff changeset
60 #
56
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
61 #
0
96a9758165cd Initial revision
carl
parents:
diff changeset
62 # dnsbl_list:
96a9758165cd Initial revision
carl
parents:
diff changeset
63 # second token is the name of this list of dnsbls
96a9758165cd Initial revision
carl
parents:
diff changeset
64 # subsequent tokes are the names of the previously defined dnsbls
96a9758165cd Initial revision
carl
parents:
diff changeset
65 #
56
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
66 #
0
96a9758165cd Initial revision
carl
parents:
diff changeset
67 # env_from:
96a9758165cd Initial revision
carl
parents:
diff changeset
68 # second token is the name of this envelope-from-map. There will
96a9758165cd Initial revision
carl
parents:
diff changeset
69 # generally be multiple lines with the same name.
96a9758165cd Initial revision
carl
parents:
diff changeset
70 # third token is the envelope from value from the smtp conversation,
96a9758165cd Initial revision
carl
parents:
diff changeset
71 # or just the domain part that follows the @ symbol.
96a9758165cd Initial revision
carl
parents:
diff changeset
72 # fourth token is BLACK, WHITE, or the name of a previously defined
96a9758165cd Initial revision
carl
parents:
diff changeset
73 # envelope-from-map. BLACK causes mail from this sender to be
96a9758165cd Initial revision
carl
parents:
diff changeset
74 # rejected with "no such user". WHITE causes mail to be accepted
96a9758165cd Initial revision
carl
parents:
diff changeset
75 # and the dns based lists are ignored. DEFAULT may be used to override
96a9758165cd Initial revision
carl
parents:
diff changeset
76 # the contents of other maps that are copied into this map, and
96a9758165cd Initial revision
carl
parents:
diff changeset
77 # set that sender back to the default (not white or black listed,
96a9758165cd Initial revision
carl
parents:
diff changeset
78 # and subject to dnsbl lookups).
96a9758165cd Initial revision
carl
parents:
diff changeset
79 #
56
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
80 #
0
96a9758165cd Initial revision
carl
parents:
diff changeset
81 # env_to:
96a9758165cd Initial revision
carl
parents:
diff changeset
82 # second token is the envelope recipient value from the smtp conversation,
96a9758165cd Initial revision
carl
parents:
diff changeset
83 # or just the domain part that follows the @ symbol.
96a9758165cd Initial revision
carl
parents:
diff changeset
84 # third token is the name of a dnsbl-list, or WHITE or BLACK.
96a9758165cd Initial revision
carl
parents:
diff changeset
85 # fourth token is the name of an envelope-from-map, or WHITE or BLACK.
96a9758165cd Initial revision
carl
parents:
diff changeset
86 #
96a9758165cd Initial revision
carl
parents:
diff changeset
87 # If either one is BLACK, mail to this recipient is rejected with
96a9758165cd Initial revision
carl
parents:
diff changeset
88 # "no such user", and the dns lists are not checked.
96a9758165cd Initial revision
carl
parents:
diff changeset
89 #
96a9758165cd Initial revision
carl
parents:
diff changeset
90 # If the envelope-from-map name is WHITE, mail to this recipient is accepted
96a9758165cd Initial revision
carl
parents:
diff changeset
91 # and the dns lists are not checked.
96a9758165cd Initial revision
carl
parents:
diff changeset
92 #
96a9758165cd Initial revision
carl
parents:
diff changeset
93 # If the envelope-from-map exists, the map is checked for the presence
96a9758165cd Initial revision
carl
parents:
diff changeset
94 # of the sender. A WHITE or BLACK answer is definitive and the dns lists
96a9758165cd Initial revision
carl
parents:
diff changeset
95 # are not checked.
96a9758165cd Initial revision
carl
parents:
diff changeset
96 #
96a9758165cd Initial revision
carl
parents:
diff changeset
97 # If the dnsbl-list name is WHITE, the dns lists are not checked and the
96a9758165cd Initial revision
carl
parents:
diff changeset
98 # mail is accepted. Otherwise, the dns lists are checked and the mail
96a9758165cd Initial revision
carl
parents:
diff changeset
99 # is rejected if any list has an A record for the standard dns based
96a9758165cd Initial revision
carl
parents:
diff changeset
100 # lookup scheme (reversed octets of the client followed by the dns suffix).
96a9758165cd Initial revision
carl
parents:
diff changeset
101 #
96a9758165cd Initial revision
carl
parents:
diff changeset
102 #
4
15a7e942adec updates to use dcc conf files
carl
parents: 0
diff changeset
103 # include:
15a7e942adec updates to use dcc conf files
carl
parents: 0
diff changeset
104 # second token is the path name of the dnsbl milter config file to be
15a7e942adec updates to use dcc conf files
carl
parents: 0
diff changeset
105 # included.
15a7e942adec updates to use dcc conf files
carl
parents: 0
diff changeset
106 #
15a7e942adec updates to use dcc conf files
carl
parents: 0
diff changeset
107 #
15a7e942adec updates to use dcc conf files
carl
parents: 0
diff changeset
108 # include_dcc:
15a7e942adec updates to use dcc conf files
carl
parents: 0
diff changeset
109 # second token is the name of an envelope-from-map (EMAP below).
15a7e942adec updates to use dcc conf files
carl
parents: 0
diff changeset
110 # third token is the path name of the dcc whiteclnt config file to be
56
57607387263d updates for 3.6, better documentation on removing content filtering, missing some files in cvs
carl
parents: 54
diff changeset
111 # included. Entries from the dcc config are mapped as:
14
443aa0e8c6fa changes suggested by Nigel Horne
carl
parents: 10
diff changeset
112 # ok -> WHITE
443aa0e8c6fa changes suggested by Nigel Horne
carl
parents: 10
diff changeset
113 # many -> BLACK
443aa0e8c6fa changes suggested by Nigel Horne
carl
parents: 10
diff changeset
114 # env_from -> env_from EMAP xxx
443aa0e8c6fa changes suggested by Nigel Horne
carl
parents: 10
diff changeset
115 # env_to -> env_to
443aa0e8c6fa changes suggested by Nigel Horne
carl
parents: 10
diff changeset
116 # substitute mail_host -> env_from EMAP xxx
4
15a7e942adec updates to use dcc conf files
carl
parents: 0
diff changeset
117 #
0
96a9758165cd Initial revision
carl
parents:
diff changeset
118 #
96a9758165cd Initial revision
carl
parents:
diff changeset
119 #
96a9758165cd Initial revision
carl
parents:
diff changeset
120 ##############################################
24
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
121 # content scanning parameters
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
122 #
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
123 content sbl-xbl.spamhaus.org 'Mail containing %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s'
27
43a4f6b3e668 add configurable host name limit and bad html tag limits.
carl
parents: 24
diff changeset
124 host_limit 20 'Mail containing too many host names rejected'
44
6b79046b18c2 changes for 3.2
carl
parents: 28
diff changeset
125 host_soft_limit 20
27
43a4f6b3e668 add configurable host name limit and bad html tag limits.
carl
parents: 24
diff changeset
126 html_limit 20 'Mail containing excessive bad html tags rejected'
24
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
127 include html-tags.conf
28
33e1e3910506 add configurable list of tlds
carl
parents: 27
diff changeset
128 include tld.conf
24
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
129
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
130
2e23b7184d2b start coding for bad html tag detection
carl
parents: 20
diff changeset
131 ##############################################
0
96a9758165cd Initial revision
carl
parents:
diff changeset
132 # define the dnsbls to use
96a9758165cd Initial revision
carl
parents:
diff changeset
133 #
96a9758165cd Initial revision
carl
parents:
diff changeset
134 dnsbl LOCAL blackholes.five-ten-sg.com 'Mail from %s rejected - local; see http://www.five-ten-sg.com/blackhole.php?%s'
96a9758165cd Initial revision
carl
parents:
diff changeset
135 dnsbl SPEWS blackholes.spews.org 'Mail from %s rejected - spews; see http://www.spews.org/ask.cgi?x=%s'
96a9758165cd Initial revision
carl
parents:
diff changeset
136 dnsbl SBL sbl-xbl.spamhaus.org 'Mail from %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s'
96a9758165cd Initial revision
carl
parents:
diff changeset
137
96a9758165cd Initial revision
carl
parents:
diff changeset
138
96a9758165cd Initial revision
carl
parents:
diff changeset
139 ##############################################
96a9758165cd Initial revision
carl
parents:
diff changeset
140 # define the (default and other) lists of dnsbls to use
96a9758165cd Initial revision
carl
parents:
diff changeset
141 #
96a9758165cd Initial revision
carl
parents:
diff changeset
142 dnsbl_list DEFAULT LOCAL SPEWS SBL
96a9758165cd Initial revision
carl
parents:
diff changeset
143 dnsbl_list SIMPLE SBL
96a9758165cd Initial revision
carl
parents:
diff changeset
144 dnsbl_list CUST1 SBL
96a9758165cd Initial revision
carl
parents:
diff changeset
145 dnsbl_list CUST2 SPEWS SBL
96a9758165cd Initial revision
carl
parents:
diff changeset
146
96a9758165cd Initial revision
carl
parents:
diff changeset
147
96a9758165cd Initial revision
carl
parents:
diff changeset
148 ##############################################
96a9758165cd Initial revision
carl
parents:
diff changeset
149 # define the (default and other) env_from maps
96a9758165cd Initial revision
carl
parents:
diff changeset
150 #
96a9758165cd Initial revision
carl
parents:
diff changeset
151 env_from DEFAULT spammer@example.com BLACK
96a9758165cd Initial revision
carl
parents:
diff changeset
152 env_from DEFAULT yahoo.com BLACK
96a9758165cd Initial revision
carl
parents:
diff changeset
153
96a9758165cd Initial revision
carl
parents:
diff changeset
154 # special list for the vp
96a9758165cd Initial revision
carl
parents:
diff changeset
155 env_from TEST dummy-token DEFAULT # inherit the currently defined DEFAULT env_from mapping
96a9758165cd Initial revision
carl
parents:
diff changeset
156 env_from TEST nai.com BLACK # the vp does not like nai
14
443aa0e8c6fa changes suggested by Nigel Horne
carl
parents: 10
diff changeset
157 env_from TEST yahoo.com DEFAULT #
0
96a9758165cd Initial revision
carl
parents:
diff changeset
158 env_from TEST mother@spammyisp.com WHITE # suppresses dnsbl checking
96a9758165cd Initial revision
carl
parents:
diff changeset
159
96a9758165cd Initial revision
carl
parents:
diff changeset
160
96a9758165cd Initial revision
carl
parents:
diff changeset
161 ##############################################
96a9758165cd Initial revision
carl
parents:
diff changeset
162 # specify dnsbl_lists and env_from maps to use for specific recipients
96a9758165cd Initial revision
carl
parents:
diff changeset
163 #
96a9758165cd Initial revision
carl
parents:
diff changeset
164 env_to abuse@mydomain.com WHITE WHITE # no dnsbl, no env_from map
96a9758165cd Initial revision
carl
parents:
diff changeset
165 env_to sales@mydomain.com SIMPLE NULL # sbl only, no env_from map
96a9758165cd Initial revision
carl
parents:
diff changeset
166 env_to vp@mydomain.com DEFAULT TEST # allow mail from mom
96a9758165cd Initial revision
carl
parents:
diff changeset
167 env_to old-emp@mydomain.com BLACK BLACK # return no such user even from backup mx machines
96a9758165cd Initial revision
carl
parents:
diff changeset
168
96a9758165cd Initial revision
carl
parents:
diff changeset
169 ##############################################
96a9758165cd Initial revision
carl
parents:
diff changeset
170 # specify dnsbl_lists and env_from maps to use for clients domains
96a9758165cd Initial revision
carl
parents:
diff changeset
171 #
96a9758165cd Initial revision
carl
parents:
diff changeset
172 env_to mydomain.com DEFAULT DEFAULT
14
443aa0e8c6fa changes suggested by Nigel Horne
carl
parents: 10
diff changeset
173 env_to customer1.com CUST1 DEFAULT # all customer 1 domains use just sbl
443aa0e8c6fa changes suggested by Nigel Horne
carl
parents: 10
diff changeset
174 env_to customer1a.com CUST1 DEFAULT
443aa0e8c6fa changes suggested by Nigel Horne
carl
parents: 10
diff changeset
175 env_to customer1b.com CUST1 DEFAULT
443aa0e8c6fa changes suggested by Nigel Horne
carl
parents: 10
diff changeset
176 env_to customer2.com CUST2 DEFAULT # all customer 2 domains use spews and sbl
443aa0e8c6fa changes suggested by Nigel Horne
carl
parents: 10
diff changeset
177 env_to customer2a.com CUST2 DEFAULT
0
96a9758165cd Initial revision
carl
parents:
diff changeset
178
96a9758165cd Initial revision
carl
parents:
diff changeset
179
96a9758165cd Initial revision
carl
parents:
diff changeset
180 ##############################################
96a9758165cd Initial revision
carl
parents:
diff changeset
181 # you can also include nested config files
96a9758165cd Initial revision
carl
parents:
diff changeset
182 # file names are single tokens, no embedded blanks
96a9758165cd Initial revision
carl
parents:
diff changeset
183 #
96a9758165cd Initial revision
carl
parents:
diff changeset
184 include dnsbl.conf # this will generate a recursive include file syslog error message
14
443aa0e8c6fa changes suggested by Nigel Horne
carl
parents: 10
diff changeset
185 include_dcc DEFAULT /var/dcc/whitecommon # this includes the default dcc whitelist file