Mercurial > dnsbl
annotate xml/sample.conf @ 106:2fbeeb4ced73
move to autoconf/automake/docbook
author | carl |
---|---|
date | Sun, 18 Dec 2005 09:39:53 -0800 |
parents | 63e8633abc34 |
children |
rev | line source |
---|---|
94 | 1 # $Id$ |
2 # | |
3 | |
4 # Partial bnf description of this configuration language. Any sequence of | |
5 # three tokens ("include" FILENAME ";") are replaced by the content of the | |
6 # specified file. | |
7 # | |
8 # | |
9 # CONFIG = {CONTEXT ";"}+ | |
10 # CONTEXT = "context" NAME "{" {STATEMENT}+ "}" | |
95 | 11 # STATEMENT = (DNSBL | DNSBLLIST | CONTENT | ENV-TO | VERIFY | CONTEXT | ENV-FROM) ";" |
94 | 12 |
13 # DNSBL = "dnsbl" NAME DNSPREFIX ERROR-MSG | |
14 | |
15 # DNSBLLIST = "dnsbl_list" {NAME}+ | |
16 | |
17 # CONTENT = "content" ("on" | "off") "{" {CONTENT-STATEMENT}+ "}" | |
18 # CONTENT-STATEMENT = (FILTER | IGNORE | TLD | HTML-TAGS | HTML-LIMIT | HOST-LIMIT) ";" | |
19 # FILTER = "filter" DNSPREFIX ERROR-MSG | |
20 # IGNORE = "ignore" "{" {HOSTNAME [";"]}+ "}" | |
21 # TLD = "tld" "{" {TLD [";"]}+ "}" | |
22 # HTML-TAGS = "html_tags" "{" {HTMLTAG [";"]}+ "}" | |
23 # ERROR-MSG = string containing exactly two %s replacement tokens for the client ip address | |
24 | |
25 # HTML-LIMIT = "html_limit" ("on" INTEGER ERROR-MSG | "off") | |
26 | |
27 # HOST-LIMIT = "host_limit" ("on" INTEGER ERROR-MSG | "off" | "soft" INTEGER) | |
28 | |
29 # ENV-TO = "env_to" "{" {(TO-ADDR | DCC-TO)}+ "}" | |
30 # TO-ADDR = ADDRESS [";"] | |
31 # DCC-TO = "dcc_to" ("ok" | "many") "{" DCCINCLUDEFILE "}" ";" | |
32 | |
95 | 33 # VERIFY = "verify" HOSTNAME ";" |
34 | |
94 | 35 # ENV_FROM = "env_from" [DEFAULT] "{" {(FROM-ADDR | DCC-FROM)}+ "}" |
36 # FROM-ADDR = ADDRESS VALUE [";"] | |
37 # DCC-FROM = "dcc_from" "{" DCCINCLUDEFILE "}" ";" | |
38 # DEFAULT = ("white" | "black" | "unknown" | "inherit" | "") | |
39 # ADDRESS = (USER@ | DOMAIN | USER@DOMAIN) | |
40 # VALUE = ("white" | "black" | "unknown" | CHILD-CONTEXT-NAME) | |
41 | |
42 | |
43 context sample { | |
44 dnsbl local blackholes.five-ten-sg.com "Mail from %s rejected - local; see http://www.five-ten-sg.com/blackhole.php?%s"; | |
45 dnsbl sbl sbl-xbl.spamhaus.org "Mail from %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s"; | |
46 dnsbl xbl xbl.spamhaus.org "Mail from %s rejected - xbl; see http://www.spamhaus.org/query/bl?ip=%s"; | |
47 dnsbl dul dul.dnsbl.sorbs.net "Mail from %s rejected - dul; see http://www.sorbs.net/lookup.shtml?%s"; | |
48 dnsbl_list local sbl dul; | |
49 | |
50 content on { | |
51 filter sbl-xbl.spamhaus.org "Mail containing %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s"; | |
52 ignore { include "hosts-ignore.conf"; }; | |
53 tld { include "tld.conf"; }; | |
54 html_tags { include "html-tags.conf"; }; | |
55 html_limit on 20 "Mail containing excessive bad html tags rejected"; | |
56 html_limit off; | |
57 host_limit on 20 "Mail containing excessive host names rejected"; | |
58 host_limit soft 20; | |
59 }; | |
60 | |
61 env_to { | |
100
63e8633abc34
allow empty env_to at global context to remove all restrictions on child contexts
carl
parents:
95
diff
changeset
|
62 # child contexts are not allowed to specify recipient addresses outside these domains |
63e8633abc34
allow empty env_to at global context to remove all restrictions on child contexts
carl
parents:
95
diff
changeset
|
63 # leave this outer global context env_to empty to allow arbitrary recipients in child contexts |
63e8633abc34
allow empty env_to at global context to remove all restrictions on child contexts
carl
parents:
95
diff
changeset
|
64 mydomain.com; |
94 | 65 customer1.com; |
66 customer1a.com; | |
67 customer1b.com; | |
68 customer2.com; | |
69 customer2a.com; | |
70 customer2b.com; | |
71 }; | |
72 | |
73 context whitelist { | |
74 content off {}; | |
75 env_to { | |
76 # dcc_to ok { include "/var/dcc/whitecommon"; }; # copy the dcc OK values (env_to) into this context | |
77 }; | |
78 env_from white {}; # white forces all unmatched from addresses (everyone in this case) to be whitelisted | |
79 # so all mail TO these env_to addresses is accepted | |
80 }; | |
81 | |
82 context abuse { | |
83 dnsbl_list xbl; | |
84 content off {}; | |
85 env_to { | |
86 abuse@; # no content filtering on abuse reports | |
87 postmaster@; # "" | |
88 }; | |
89 env_from unknown {}; # ignore all parent white/black listing | |
90 }; | |
91 | |
92 context minimal { | |
93 dnsbl_list sbl dul; | |
94 content on {}; | |
95 env_to { | |
96 sales@mydomain.com; | |
97 }; | |
98 }; | |
99 | |
100 context blacklist { | |
101 env_to { | |
102 dcc_to many { include "/var/dcc/whitecommon"; }; # copy the dcc MANY values (env_to) into this context | |
103 old-employee@mydomain.com; | |
104 }; | |
105 env_from black {}; # black forces all unmatched from addresses (everyone in this case) to be blacklisted | |
106 # so all mail TO these env_to addresses is rejected | |
107 }; | |
108 | |
109 context vp { # special context for the vp | |
110 env_to { | |
111 vp@mydomain.com; | |
112 }; | |
113 env_from inherit { | |
114 nai.com black; # the vp does not like nai | |
115 yahoo.com unknown; # override parent context blacklisting | |
116 mother@spammyisp.com white; # suppress dnsbl checking | |
117 }; | |
118 }; | |
119 | |
120 context customer1 { | |
121 dnsbl_list sbl dul; | |
122 env_to { | |
123 customer1.com; | |
124 customer1a.com; | |
125 customer1b.com; | |
126 }; | |
127 | |
128 verify mail.customer1.com; | |
129 | |
130 context customer1a { | |
131 env_to { | |
132 customer1a.com; | |
133 } | |
134 env_from black { # blacklist everything | |
135 first@acceptable.com unknown; # except these specific envelope senders | |
136 second@another.com unknown; | |
137 yahoo.com inherit; # delegate to the parent | |
138 }; | |
139 }; | |
140 | |
141 env_from { # default value of the default is inherit | |
142 yahoo.com black; # no mail from yahoo | |
143 first@yahoo.com unknown; # except this one | |
144 }; | |
145 }; | |
146 | |
147 context customer2 { | |
148 dnsbl_list sbl; | |
149 env_to { | |
150 customer2.com; | |
151 customer2a.com; | |
152 customer2b.com; | |
153 }; | |
154 }; | |
155 | |
156 env_from unknown { | |
157 dcc_from { include "/var/dcc/whitecommon"; }; # copy the dcc OK/MANY values (env_from, substitute mail_host) into this context | |
158 abuse@ abuse; # replies to abuse reports use the abuse context | |
159 yahoo.com black; # don't take mail from yahoo | |
160 spammer@example.com black; | |
161 }; | |
162 }; | |
163 |