diff options
| author | Sergey Matveychuk <sem@FreeBSD.org> | 2004-11-01 20:10:10 +0000 |
|---|---|---|
| committer | Sergey Matveychuk <sem@FreeBSD.org> | 2004-11-01 20:10:10 +0000 |
| commit | e4c6d980ebb6cb5d0691c17922398b8f8be536c0 (patch) | |
| tree | bbed37f61f71ce24050917b10a8139613c5ee06d /mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html | |
| parent | Update to 1.4 (diff) | |
- Update to 4.35.9
See ChangeLog for details
PR: ports/73386
Submitted by: maintainer
Notes
Notes:
svn path=/head/; revision=120605
Diffstat (limited to 'mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html')
| -rw-r--r-- | mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html | 5725 |
1 files changed, 5674 insertions, 51 deletions
diff --git a/mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html b/mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html index a81ce3985e26..4831d0626ce1 100644 --- a/mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html +++ b/mail/mailscanner/files/patch-docs:man:MailScanner.conf.5.html @@ -1,28 +1,1323 @@ ---- ../MailScanner-install-4.34.8.orig/docs/man/MailScanner.conf.5.html Fri Oct 15 16:50:11 2004 -+++ docs/man/MailScanner.conf.5.html Fri Oct 15 16:50:32 2004 +--- ../MailScanner-install-4.35.9.orig/docs/man/MailScanner.conf.5.html Mon Nov 1 18:03:10 2004 ++++ docs/man/MailScanner.conf.5.html Mon Nov 1 18:03:33 2004 @@ -1,5 +1,5 @@ <!-- Creator : groff version 1.19 --> --<!-- CreationDate: Wed Jul 28 13:28:02 2004 --> -+<!-- CreationDate: Fri Oct 15 16:49:48 2004 --> +-<!-- CreationDate: Fri Oct 22 08:13:20 2004 --> ++<!-- CreationDate: Mon Nov 1 18:00:15 2004 --> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> -@@ -1389,8 +1389,9 @@ - kaspersky−4.5, kavdaemonclient, inoculate, inoculan, - nod32, nod32−1.99, f−secure, f−prot, - panda, rav, antivir, clamav, clamavmodule, css, trend, --norman, avg, vexira, none (no virus scanning at all). This --*cannot* be the filename of a ruleset.</p> +@@ -397,4 +397,5740 @@ + <td width="3%"></td> + <td width="72%"> + +-<p>the name of a fi@ +\ No newline at end of file ++<p>the name of a file containing a list of directory names, ++which can in turn contain wildcards.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="28%"></td> ++<td width="72%"> ++<p>Example: ++/usr/local/etc/MailScanner/mqueue.in.list.conf</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Outgoing Queue Dir</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: /var/spool/mqueue</p> ++<!-- INDENTATION --> ++<p>Directory in which MailScanner should place scanned ++e−mail messages. This can also be the filename of a ++ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Incoming work dir</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: /opt/MailScanner/var/incoming<br> ++Default FreeBSD: /var/spool/MailScanner/incoming</p> ++<!-- INDENTATION --> ++<p>Directory in which to temporarily store unpacked MIME ++messages during scanning process.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Quarantine Dir</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: /opt/MailScanner/var/quarantine<br> ++Default FreeBSD: /var/spool/MailScanner/quarantine</p> ++<!-- INDENTATION --> ++<p>Set where to store infected messages and attachments (if ++they are kept). This can also be the filename of a ++ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>PID file</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: /opt/MailScanner/var/MailScanner.pid<br> ++Default FreeBSD: /var/run/MailScanner.pid</p> ++<!-- INDENTATION --> ++<p>Set where to store the process id number so you can stop ++MailScanner. In the FreeBSD port this should remain ++/var/run/MailScanner.pid in order for the start/stop script ++to work.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Restart Every</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 14400</p> ++<!-- INDENTATION --> ++<p>To avoid resource leaks the MailScanner parent process ++stops and restarts its child processes from time to time. ++Set the amount of seconds each child process is supposed to ++live here.</p> ++</td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="5" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="4%"> ++ ++<p><b>MTA</b></p> ++</td> ++<td width="7%"></td> ++<td width="26%"> ++ ++<p>Default: sendmail</p> ++</td> ++<td width="52%"> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>MailScanner works with sendmail and exim. Since the queue ++handling differs a bit, you have to tell MailScanner which ++MTA you are using. Valid options are sendmail and exim.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Sendmail</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: /usr/lib/sendmail<br> ++Default FreeBSD: /usr/sbin/sendmail</p> ++<!-- INDENTATION --> ++<p>Set how to invoke MTA when sending messages MailScanner ++has created (e.g. to sender/recipient saying "found a ++virus in your message"). This can also be the filename ++of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Sendmail2</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: same value as the Sendmail setting</p> ++<!-- INDENTATION --> ++<p>Sendmail2 is provided for exim users. It is the command ++used to attempt delivery of outgoing cleaned/disinfected ++messages. This is not usually required for sendmail.<br> ++For Exim users this could be: Sendmail2 = /usr/sbin/exim ++−C /usr/local/etc/exim/configure.out</p> ++</td> ++</table> ++<a name="Incoming Work Dir Settings"></a> ++<h2>Incoming Work Dir Settings</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>You should not normally need to touch these settings at ++all, unless you are using ClamAV and need to be able to use ++the external archive unpackers instead of ClamAV’s ++built−in ones.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Incoming Work User</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>If you want to create the temporary working files so they ++are owned by a user other than the "Run As User" ++setting, you can change that here. Note: If the "Run As ++User" is not "root" then you cannot change ++the user but may still be able to change the group, if the ++"Run As User" is a member of both of the groups ++"Run As Group" and "Incoming Work ++Group".</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Incoming Work Group</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>If you want to create the temporary working files so they ++are owned by a group other than the "Run As User" ++setting, you can change that here. Note: If the "Run As ++User" is not "root" then you cannot change ++the user but may still be able to change the group, if the ++"Run As User" is a member of both of the groups ++"Run As Group" and "Incoming Work ++Group".</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Incoming Work Permissions</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 0600</p> ++<!-- INDENTATION --> ++<p>If you want processes running under the same *group* as ++MailScanner to be able to read the working files (and list ++what is in the directories, of course), set to 0640. If you ++want *all* other users to be able to read them, set to 0644. ++For a detailed description, if you’re not already ++familiar with it, refer to ‘man 2 chmod‘. ++Typical use: external helper programs of virus scanners ++(notably ClamAV), like unpackers. Use with care, you may ++well open security holes.</p> ++</td> ++</table> ++<a name="Quarantine and Archive Settings"></a> ++<h2>Quarantine and Archive Settings</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>If, for example, you are using a web interface so that ++users can manage their quarantined files, you might want to ++change the ownership and permissions of the quarantined so ++that they can be read and/or deleted by the web server. ++Don’t touch this unless you know what you are ++doing!</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Quarantine User</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>If you want to create the quarantine/archive so the files ++are owned by a user other than the "Run As User" ++setting at the top of this file, you can change that here. ++Note: If the "Run As User" is not "root" ++then you cannot change the user but may still be able to ++change the group, if the "Run As User" is a member ++of both of the groups "Run As Group" and ++"Quarantine Group".</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Quarantine Group</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>If you want to create the quarantine/archive so the files ++are owned by a user other than the "Run As User" ++setting at the top of this file, you can change that here. ++Note: If the "Run As User" is not "root" ++then you cannot change the user but may still be able to ++change the group, if the "Run As User" is a member ++of both of the groups "Run As Group" and ++"Quarantine Group".</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Quarantine Permissions</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 0600</p> ++<!-- INDENTATION --> ++<p>If you want processes running under the same *group* as ++MailScanner to be able to read the quarantined files (and ++list what is in the directories, of course), set to 0640. If ++you want *all* other users to be able to read them, set to ++0644. For a detailed description, if you’re not ++already familiar with it, refer to ‘man 2 ++chmod‘. Typical use: let the webserver have access to ++the files so users can download them if they really want to. ++Use with care, you may well open security holes.</p> ++</td> ++</table> ++<a name="Process Incoming Mail"></a> ++<h2>Process Incoming Mail</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Max Unscanned Bytes Per Scan</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 100000000</p> ++<!-- INDENTATION --> ++<p>MailScanner handles messages in batches for efficiency. ++Messages are gathered (in strict date order) from the ++incoming queue directory, one at a time, until this or one ++of the following three limits is reached or the queue is ++empty.</p> ++<!-- INDENTATION --> ++<p>This setting limits the total size of messages per batch ++for which no scanning is done (i.e. Virus Scanning = ++no).</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Max Unsafe Bytes per Scan</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 50000000</p> ++<!-- INDENTATION --> ++<p>This setting limits the total size of messages per batch ++for which scanning is done (i.e. Virus Scanning = yes).</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Max Unscanned Messages Per Scan</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 100</p> ++<!-- INDENTATION --> ++<p>This setting limits the total number of messages per ++batch for which no scanning is done (i.e. Virus Scanning = ++no).</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Max Unsafe Messages per Scan</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 100</p> ++<!-- INDENTATION --> ++<p>This setting limits the total number of messages per ++batch for which scanning is done (i.e. Virus Scanning = ++yes).</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Max Normal Queue Size</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 1000</p> ++<!-- INDENTATION --> ++<p>If more messages are found in the queue than this, then ++switch to an "accelerated" mode of processing ++messages. This will cause it to stop scanning messages in ++strict date order, but in the order it finds them in the ++queue. If your queue is bigger than this size a lot of the ++time, then some messages could be greatly delayed. So treat ++this option as "in emergency only".</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Maximum Attachments Per Message</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 200</p> ++<!-- INDENTATION --> ++<p>The maximum number of attachments allowed in a message ++before it is considered to be an error. Some email systems, ++if bouncing a message between 2 addresses repeatedly, add ++information about each bounce as an attachment, creating a ++message with thousands of attachments in just a few minutes. ++This can slow down or even stop MailScanner as it uses all ++available memory to unpack these thousands of attachments. ++This can also be the filename of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Expand TNEF</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>TNEF is primarily used by Microsoft programs such as ++Outlook and Outlook Express when mails are formatted/sent in ++Rich−Text−Format. Attachments are all put ++together in one WINMAIL.DAT file.</p> ++<!-- INDENTATION --> ++<p>Should we use a TNEF decoder (external or Perl module)? ++This should be "yes" unless the scanner you are ++using (Sophos, McAfee) has the facility built−in. ++However, if you set it to "no", then the filenames ++within the TNEF attachment will not be checked against the ++filename rules.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Deliver Unparsable TNEF</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Rich Text format attachments produced by some versions of ++Microsoft Outlook cannot be completely decoded at present. ++Setting this option to yes allows compatibility with the ++behaviour of earlier versions where these attachments were ++still delivered. This would introduce the slight chance of a ++virus getting through in the segment of the attachment that ++could not be decoded, but the setting may be necessary if ++you have a large number of Microsoft Outlook users who are ++troubled by the new behaviour.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>TNEF Expander</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: /opt/MailScanner/bin/tnef<br> ++Default FreeBSD: /usr/local/bin/tnef</p> ++<!-- INDENTATION --> ++<p>Full pathname giving location of the MS−TNEF ++expander/decoder program, or the keyword internal which will ++force use of the optional Perl Convert::TNEF module instead ++of the external program.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>TNEF Timeout</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 120</p> ++<!-- INDENTATION --> ++<p>The maximum length of time (in seconds) the TNEF Expander ++is allowed to run for diassembling one attachment.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>File Command</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: /usr/bin/file</p> ++<!-- INDENTATION --> ++<p>Where the "file" command is installed. This is ++used for checking the content type of files, regardless of ++their filename. To disable Filetype checking, set this value ++to blank.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>File Timeout</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 20</p> ++<!-- INDENTATION --> ++<p>The maximum length of time the "file" command ++is allowed to run for one batch of messages (in ++seconds).</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Block Encrypted Messages</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>This is inteded for use with a ruleset to ensure that ++none of your users is covertly mailing sites with which you ++would not normally communicate (e.g. your competitors). If ++this is set to yes (or the ruleset evaluates to yes) ++encrypted messages are blocked.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Block Unencrypted Messages</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>This is intended for use with a ruleset to ensure that ++mail is always encrypted before being sent. This could be ++used to ensure that mail to your business partners is sent ++securely.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Allow Password−Protected Archives</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Should archives which contain any ++password−protected files be allowed? Leaving this set ++to "no" is a good way of protecting against all ++the protected zip files used by viruses at the moment. This ++can also be the filename of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Maximum Message Size</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 0</p> ++<!-- INDENTATION --> ++<p>The maximum size, in bytes, of any message including the ++headers. If this is set to zero, then no size checking is ++done. This can also be the filename of a ruleset, so you can ++have different settings for different users. You might want ++to set this quite small for dialup users so their email ++applications don’t time out downloading huge ++messages.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Maximum Attachment Size</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: −1</p> ++<!-- INDENTATION --> ++<p>The maximum size, in bytes, of any attachment in a ++message. If this is set to zero, effectively no attachments ++are allowed. If this is set less than zero, then no size ++checking is done. This can also be the filename of a ++ruleset, so you can have different settings for different ++users. You might want to set this quite small for large ++mailing lists so they don’t get deluged by large ++attachments.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Maximum Archive Depth</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 3</p> ++<!-- INDENTATION --> ++<p>The maximum depth to which zip archives will be unpacked ++to allow for checking filenames and filetypes within zip ++archives. Setting this to 0 will disable ++filename/−type checks within zip files while still ++allowing to block password protected zip files.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Find Archives By Content</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>Find zip archives by filename or by file contents? ++Finding them by content is a far more reliable way of ++finding them, but it does mean that you cannot tell your ++users to avoid zip file checking by renaming the file from ++".zip" to "_zip" and tricks like that. ++Only set this to no (i.e. check by filename only) if you ++don’t want to reliably check the contents of zip ++files. Note this does not affect virus checking, but it will ++affect all the other checks done on the contents of the zip ++file. This can also be the filename of a ruleset.</p> ++</td> ++</table> ++<a name="Options specific to Sophos Anti-Virus"></a> ++<h2>Options specific to Sophos Anti-Virus</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Allowed Sophos Error Messages</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>Anything on the next line that appears in brackets at the ++end of a line of output from Sophos will cause the ++error/infection to be ignored. Use of this option is ++dangerous, and should only be used if you are having trouble ++with lots of corrupt PDF files, for example. This option ++allows for multiple strings as well. In this case, the ++strings should be put in double quotes (") and each ++string separated with commas. Examples:<br> ++Allowed Sophos Error Messages = corrupt format not ++supported<br> ++Allowed Sophos Error Messages = "corrupt", ++"format not supported"</p> ++<!-- INDENTATION --> ++<p>The first version will match "corrupt format not ++supported" only. The second version will match ++"corrupt" and "format not ++supported".</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Sophos IDE Dir</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: /usr/local/Sophos/ide</p> ++<!-- INDENTATION --> ++<p>The directory (or a link to it) containing all the Sophos ++*.ide files. This is only used by the "sophossavi" ++virus scanner, and is irrelevant for all other scanners.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Sophos Lib Dir</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: /usr/local/Sophos/lib</p> ++<!-- INDENTATION --> ++<p>The directory (or a link to it) containing all the Sophos ++*.so libraries.This is only used by the ++"sophossavi" virus scanner, and is irrelevant for ++all other scanners.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Monitors For Sophos Updates</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: /usr/local/Sophos/ide/*ides.zip</p> ++<!-- INDENTATION --> ++<p>SophosSAVI only: monitor each of these files for changes ++in size to detect when a Sophos update has happened. The ++date of the Sophos Lib Dir is also monitored. This is only ++used by the "sophossavi" virus scanner, not the ++"sophos" scanner setting.</p> ++</td> ++</table> ++<a name="Virus scanning and vulnerability testing"></a> ++<h2>Virus scanning and vulnerability testing</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Virus Scanning</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>Do you want to scan email for viruses? A few people ++don’t have virus scanner licence and so want to ++disable all the virus scanning.<br> ++NOTE: Switching this to no completely disables all ++virus−scanning functionality. If you just want to ++switch of actual virus scanning, then set "Virus ++Scanners = none" instead.<br> ++If you want to be able to switch scanning on/off for ++different users or different domains, set this to the ++filename of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Virus Scanners</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: none</p> ++<!-- INDENTATION --> ++<p>Which Virus Scanning package to use. Possible choices are ++sophos, sophossavi, mcafee, command, bitdefender, kaspersky, ++kaspersky−4.5, kavdaemonclient, inoculate, inoculan, ++nod32, nod32−1.99, f−secure, f−prot, ++panda, rav, antivir, clamav, clamavmodule, css, trend, +norman, avg, vexira, symscanengine, generic, none (no virus +scanning at all). This *cannot* be the filename of a +ruleset.</p> - <!-- INDENTATION --> - <p>Note for McAfee users: Do NOT use any symlinks with - McAfee at all. It is very strange but McAfee may not detect -@@ -1701,6 +1702,39 @@ - <tr valign="top" align="left"> - <td width="11%"></td> - <td width="89%"> ++<!-- INDENTATION --> ++<p>Note for McAfee users: Do NOT use any symlinks with ++McAfee at all. It is very strange but McAfee may not detect ++all viruses when started from a symlink or scanning a ++directory path including symlinks.</p> ++<!-- INDENTATION --> ++<p>Note: If you want to use multiple virus scanners, then ++this should be a space−separated list of virus ++scanners.</p> ++<!-- INDENTATION --> ++<p>Note: Make sure that you check that the base installation ++directory in the 3rd column of virus.scanners.conf matches ++the location you have installed each of your virus scanners. ++The supplied virus.scanners.conf file assumes the default ++installation locations recommended by each of the virus ++scanner installation guides.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Virus Scanner Timeout</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 300</p> ++<!-- INDENTATION --> ++<p>The maximum time (in seconds) that the cirus scanner is ++allowed to take to scan one batch of messages.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Deliver Disinfected Files</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>Should infected attached documents be automatically ++disinfected and sent on to the original recipients? Less ++than 1% of viruses in the wild can be successfully ++disinfected,as macro viruses are now a rare occurrence. So ++the default has been changed to "no" as it gives a ++significant performance improvement.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Silent Viruses</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: HTML−IFrame All−Viruses</p> ++<!-- INDENTATION --> ++<p>Messages whose virus reports contain any of the words ++listed here will be treated as "silent" viruses. ++No messages will be sent back to the senders of these ++viruses, and the delivery to the recipient of the message ++can be controlled by the next option "Still Deliver ++Silent Viruses". This is primarily designed for viruses ++such as "Klez" and "Bugbear" which put ++fake addresses on messages they send, so there is no point ++informing the sender of the message, as it won’t ++actually be them who sent it anyway. Other words that can be ++put in this list are the 5 special keywords</p> ++</td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="4" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>HTML−IFrame: inserting this will stop senders ++being warned about HTML Iframe tags, when they are not ++allowed.</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>HTML−Codebase: inserting this will stop senders ++being warned about HTML Object Codebase tags, when they are ++not allowed.</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>Zip−Password: inserting this will stop senders ++being warned about password−protected zip files when ++they are not allowd. This keyword is not needed if you ++include All−Viruses.</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>All−Viruses: inserting this will stop senders ++being warned about any virus, while still allowing you to ++warn senders about HTML−based attacks. This includes ++Zip−Password so you don’t need to include ++both.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="28%"></td> ++<td width="72%"> ++<p>The default of "All−Viruses" means that ++no senders of viruses will be notified (as the sender ++address is always forged these days anyway), but anyone who ++sends a message that is blocked for other reasons will still ++be notified.</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Still Deliver Silent Viruses</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>If this is set to yes then disinfected messsages that ++originally contained one of the "silent" viruses ++will still be delivered to the original recipients, even ++those addresses were chosen at random by the infected PC and ++do not correspond to anything a user intended to send. Set ++this to yes so that your users (and your management) ++appreciate how much MailScanner is doing to protect them, ++but set it to no if they complain a lot about receiving lots ++of virus warnings.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Non−Forging Viruses</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: Joke/ OF97/ WM97/ W97M/</p> ++<!-- INDENTATION --> ++<p>Strings listed here will be searched for in the output of ++the virus scanners. It works to achieve the opposite effect ++of the "Silent Viruses" listed above. If a string ++here is found in the output of the virus scanners, then the ++message will be treated as if it were not infected with a ++"Silent Virus". If a message is detected as both a ++silent virus and a non−forging virus, then the ++non−forging status will override the silent status. In ++simple terms, you should list virus names (or parts of them) ++that you know do *not* forge the From address. A good ++example of this is a document macro virus or a Joke program. ++Another word that can be put in this list is the special ++keyword "Zip−.Password". Inserting this will ++cause senders to be warned about password−protected ++zip files, whey they are not allowed.</p> ++</td> ++</table> ++<a name="Options specific to ClamAV Anti-Virus"></a> ++<h2>Options specific to ClamAV Anti-Virus</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Monitors for ClamAV Updates</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: /usr/local/share/clamav/*.cvd</p> ++<!-- INDENTATION --> ++<p>ClamAVModule only: monitor each of these files for ++changes in size to detect when a ClamAV update has happened. ++This is only used by the "clamavmodule" virus ++scanner, not the "clamav" scanner setting.</p> ++</td> ++</table> ++<a name="Removing/Logging dangerous or potentially offensive content"></a> ++<h2>Removing/Logging dangerous or potentially offensive content</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Allow Partial Messages</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Do you want to allow partial messages, which only contain ++a fraction of the attachments, not the whole thing? There is ++no way that "partial messages" can be scanned for ++viruses properly, as only a fragment of the message is ever ++processed, never the whole message at once.<br> ++Setting this option to yes is <b>very dangerous</b> as it ++can let viruses in. But you might want to use a ruleset to ++set it for some customers’ outgoing mail, for ++example.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Allow External Message Bodies</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>There is a mechanism, very rarely used, in which the body ++of a message is contained on a remote server, which the ++user’s email application should download when it ++displays the message. Currently, I am only aware of this ++feature being supported by a few versions of Netscape, and ++the only people who use it are the IETF. There is no way to ++guarantee that the fetched file has no viruses in it, as ++MailScanner never sees it.<br> ++Setting this option to yes is <b>very dangerous</b> as it ++can let viruses in from remote "message body ++servers".</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> +<p><b>Find Phishing Fraud</b></p></td> +</table> +<!-- INDENTATION --> @@ -56,13 +1351,1491 @@ +<tr valign="top" align="left"> +<td width="11%"></td> +<td width="89%"> - <p><b>Allow IFrame Tags</b></p></td> - </table> - <!-- INDENTATION --> -@@ -3186,6 +3220,32 @@ - <tr valign="top" align="left"> - <td width="11%"></td> - <td width="89%"> ++<p><b>Allow IFrame Tags</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Do you want to allow HTML <IFrame> tags in email ++messages? This is not a good idea as it allows various ++Microsoft Outlook security vulnerabilities to go ++unprotected, but if you have a load of mailing lists sending ++them, then you will want to allow them to keep your users ++happy. This can also be the filename of a ruleset, so you ++can allow them from known mailing lists but ban them from ++everywhere else. Possible Values:</p> ++</td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="4" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>yes => Allow these tags to be in the message</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>no => Ban messages containing these tags</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>disarm => Allow these tags, but stop these tags from ++working</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Log IFrame Tags</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="28%"></td> ++<td width="72%"> ++<p>You may receive complaints from your users that HTML ++mailing lists they subscribe to have been stopped by the ++"Allow IFrame Tags" option above. So before you ++use the option above, set this option to "yes" and ++MailScanner will log the senders all messages which contain ++IFrame tags. You can then setup a ruleset for the option ++above which will allow IFrame tags in messages sent by well ++known (and trusted) mailing lists, while banning them from ++everywhere else.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Allow Form Tags</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: disarm</p> ++<!-- INDENTATION --> ++<p>Do you want to allow <Form> tags in email messages? ++This is a bad idea as these are used as scams to persuade ++people to part with credit card information and other ++personal data. This can also be the filename of a ruleset. ++Possible values:</p> ++</td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="4" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>yes => Allow these tags to be in the message</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>no => Ban messages containing these tags</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>disarm => Allow these tags, but stop these tags from ++working</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Allow Script Tags</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="28%"></td> ++<td width="72%"> ++<p>Do you want to allow <Script> tags in email ++messages? This is a bad idea as these are used to exploit ++vulnerabilities in email applications and web browsers. This ++can also be the filename of a ruleset. Possible ++values:</p></td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="4" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>yes => Allow these tags to be in the message</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>no => Ban messages containing these tags</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>disarm => Allow these tags, but stop these tags from ++working</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Allow WebBugs</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: disarm</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="28%"></td> ++<td width="72%"> ++<p>Do you want to allow <Img> tags with very small ++images in email messages? This is a bad idea as these are ++used as ’web bugs’ to find out if a message has ++been read. It is not dangerous, it is just used to make you ++give away information. This can also be the filename of a ++ruleset. Possible values:</p></td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="4" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>yes => Allow these tags to be in the message</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>no => Ban messages containing these tags</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>disarm => Allow these tags, but stop these tags from ++working</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Allow Object Codebase Tags</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="28%"></td> ++<td width="72%"> ++<p>Do you want to allow <Object Codebase=...> tags in ++email messages? This is a bad idea as it leaves you ++unprotected against various Microsoft−specific ++security vulnerabilities. But if your users demand it, you ++can do it. This can also be the filename of a ruleset. ++Possible values:</p></td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="4" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>yes => Allow these tags to be in the message</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>no => Ban messages containing these tags</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>disarm => Allow these tags, but stop these tags from ++working</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Convert Dangerous HTML To Text</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="28%"></td> ++<td width="72%"> ++<p>This option interacts with the "Allow ... Tags" ++options above like this:</p> ++<!-- INDENTATION --> ++<p>Allow...Tags Convert Danger... Action<br> ++============ ================= ++============================<br> ++no no Blocked<br> ++no yes Blocked<br> ++disarm no Specified HTML tags disarmed<br> ++disarm yes Specified HTML tags disarmed<br> ++yes no Nothing<br> ++yes yes All HTML tags stripped</p> ++<!-- INDENTATION --> ++<p>If an "Allow ... Tags = yes" is triggered by a ++message, and this "Convert Dangerous HTML To Text" ++is set to "yes", then the HTML message will be ++converted to plain text. This makes the HTML harmless, while ++still allowing your users to see the text content of the ++messages. Note that all graphical content will be ++removed.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Convert HTML To Text</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>If you have users who are children, or who are offended ++by things like pornographic spam email, you can protect them ++by converting incoming HTML email messages into plain text. ++HTML attachments will not be affected. You could set this to ++be a ruleset so you only convert messages addressed to some ++of your users, or not convert messages from some known ++trusted sources. This can be essential if you have a ++"duty of care" for some of your users.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Allow Form Tags</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Do you want to allow <Form> tags in email messages? ++This is a bad idea as these are used as scams to pursuade ++people to part with credit card information and other ++personal data. This can also be the filename of a ++ruleset.</p> ++</td> ++</table> ++<a name="Attachment filename checking"></a> ++<h2>Attachment filename checking</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Filename Rules</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %etc−dir%/filename.rules.conf</p> ++<!-- INDENTATION --> ++<p>File in which to store the attachment filename ruleset. ++This can be a ruleset allowing different filename rules to ++apply to different users or domains. The syntax of this file ++is described in section "Attachment Filename ++Ruleset".</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Filetype Rules</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %etc−dir%/filetype.rules.conf</p> ++<!-- INDENTATION --> ++<p>Set where to find the attachment filetype ruleset. The ++structure of this file is explained elsewhere, but it is ++used to accept or reject file attachments based on their ++content as determined by the "file" command, ++regardless of whether they are infected or not. This can ++also point to a ruleset, but the ruleset filename must end ++in ".rules" so that MailScanner can determine if ++the filename given a ruleset or not!</p> ++</td> ++</table> ++<a name="Reports and responses"></a> ++<h2>Reports and responses</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Quarantine Infections</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>Set this to store infected / dangerous attachments in ++directories created under the quarantine directory. Without ++this, they will be deleted. Due to laws on privacy and data ++protection in your country, you may be forced to set this to ++"no".</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Quarantine Silent Viruses</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>There is no point quarantining most viruses these days, ++so if you set this to "no" then no infections ++listed in your "Silent Viruses" setting will be ++quarantined, even if you have chosen to quarantine ++infections in general. This is currently set to ++"yes" so the behaviour is the same as it was in in ++previous versions. This can also be the filename of a ++ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Quarantine Whole Message</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>When an infected message is stored in the quarantine, a ++copy of the entire message will be saved, in addition to ++copies of the infected attachments.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Quarantine Whole Messages As Queue Files</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>When an entire message is saved in the quarantine for any ++reason, do you want to save it as the raw data files out of ++the mail queue (which can be processed with the df2mbox ++script, and which is easier to send to its original ++recipients), or do you want a conventional message file ++consisting of the header followed by the body of the ++message. If the previous option is switched off, then this ++will only affect archived mail and quarantined spam. If the ++previous option is on, then this also affects quarantined ++infections.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Language Strings</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %reports−dir%/languages.conf</p> ++<!-- INDENTATION --> ++<p>Set where to find all the strings used so they can be ++translated into your local language. This can also be the ++filename of a ruleset so you can produce different languages ++for different messages.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Deleted Bad Filename Message Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++%reports−dir%/deleted.filename.message.txt</p> ++<!-- INDENTATION --> ++<p>When an attachment is deleted from a message because the ++filename failed the filename rules in force for the message, ++it is replaced by the contents of this file. A few variable ++substitutions can be made in this file, an example of each ++of which is contained in the supplied sample file.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Deleted Virus Message Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++%reports−dir%/deleted.virus.message.txt</p> ++<!-- INDENTATION --> ++<p>When an attachment is deleted from a message because the ++attachment contained a virus or other dangerous content, it ++is replaced by the contents of this file. A few variable ++substitutions can be made in this file, an example of each ++of which is contained in the supplied sample file.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Stored Bad Filename Message Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++%reports−dir%/stored.filename.message.txt</p> ++<!-- INDENTATION --> ++<p>When an attachment is deleted and stored from a message ++(and the attachment has been stored in the quarantine) ++because the filename failed the filename rules in force for ++the message, it is replaced by the contents of this file. A ++few variable substitutions can be made in this file, an ++example of each of which is contained in the supplied sample ++file.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Deleted Bad Content Message Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++/%reports−dir%/deleted.content.message.txt</p> ++<!-- INDENTATION --> ++<p>This report is sent when a message is deleted because it ++contained bad or dangerous content. A few variable ++substitutions can be made in this file, an example of each ++of which is contained in the supplied sample file.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Stored Bad Content Message Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++%reports−dir%/stored.content.message.txt</p> ++<!-- INDENTATION --> ++<p>This report is sent when a message is stored because it ++contained bad or dangerous content. A few variable ++substitutions can be made in this file, an example of each ++of which is contained in the supplied sample file.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Disinfected Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %reports−dir%/disinfected.report.txt</p> ++<!-- INDENTATION --> ++<p>When, for example, a Microsoft Word macro virus has been ++safely removed from a document, leaving the original ++document intact, it is delivered on to the original ++recipient. The contents of this text file will be put in the ++body of the new message, explaining to the user what has ++happened.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Inline HTML Signature</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %reports−dir%/inline.sig.html</p> ++<!-- INDENTATION --> ++<p>If the "Sign Clean Messages" option is set, ++then the contents of this file will be appended to the end ++of the body of every message that is scanned by MailScanner. ++You can use this to inform your users that MailScanner has ++scanned it, and you can also add any disclaimers you feel ++should be on mail travelling through your servers. This ++option corresponds to the contents that is appended to HTML ++messages.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Inline Text Signature</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %reports−dir%/inline.sig.txt</p> ++<!-- INDENTATION --> ++<p>If the "Sign Clean Messages" option is set, ++then the contents of this file will be appended to the end ++of the body of every message that is scanned by MailScanner. ++You can use this to inform your users that MailScanner has ++scanned it, and you can also add any disclaimers you feel ++should be on mail travelling through your servers. This ++option corresponds to the contents that is appended to text ++messages.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Sender Error Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %reports−dir%/sender.error.report.txt</p> ++<!-- INDENTATION --> ++<p>When a message could not be processed completely for some ++reason, such as bad message structure or unreadable ++winmail.dat TNEF attachments, this message is sent back to ++the sender. Read the example file supplied for a ++demonstration of what variables can be used inside the ++file.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Sender Bad Filename Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++%reports−dir%/sender.filename.report.txt</p> ++<!-- INDENTATION --> ++<p>When an attachment is trapped by the filename rules, this ++message is sent back to the sender.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Sender Virus Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %reports−dir%/sender.virus.report.txt</p> ++<!-- INDENTATION --> ++<p>When an attachment is removed because of a virus, this ++message is sent back to the sender.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Hide Incoming Work Dir</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>When this option is set, the full directory in which the ++virus was found will be removed from report messages sent to ++users. This makes the infection reports a lot easier to ++understand.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Include Scanner Name in Reports</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>Include the name of the virus scanner in each of the ++scanner reports. This also includes the translation of ++"MailScanner" in each of the report lines ++resulting from one of MailScanner’s own checks such as ++filename, filetype or dangerous HTML content. To change the ++name "MailScanner", look in ++reports/...../languages.conf.<br> ++Very useful if you use several virus scanners, but a bad ++idea if you don’t want to let your customers know ++which scanners you use.</p> ++</td> ++</table> ++<a name="Changes to message headers"></a> ++<h2>Changes to message headers</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Mail Header</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: X−MailScanner:</p> ++<!-- INDENTATION --> ++<p>Extra header that should be added to all scanned messages ++to show they have been scanned. You might want to add an ++abbreviation of your site name to this, so that you can find ++headers that are added by your MailScanner server.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam Header</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: X−MailScanner−SpamCheck:</p> ++<!-- INDENTATION --> ++<p>Name of the header to add to mail detected as spam. The ++text of the header is a list of the causes that think the ++message is spam.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam Score Header</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: X−MailScanner−SpamScore:</p> ++<!-- INDENTATION --> ++<p>If the option "Spam Score" is set, this is the ++name of the header that is used to contain the list of ++characters.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Information Header</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: X−MailScanner−Information:</p> ++<!-- INDENTATION --> ++<p>Name of the header to add to all messages, to be used for ++simply providing a URL or contact information for anyone ++receiving mail that has gone through MailScanner. If you do ++not want this header, simply set it blank.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Add Envelope From Header</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>Do you want to add the Envelope−From: header? This ++is very useful for tracking where spam came from as it ++contains the envelope sender address. This can also be the ++filename of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Add Envelope To Header</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Do you want to add the Envelope−To: header? This ++can be useful for tracking span destinations, but should be ++used with care due to possible privacy concerns with the use ++of Bcc: headers by users. This can also be the filename of a ++ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Evelope From Header</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++X−%org−name%−MailScanner−From:</p> ++<!-- INDENTATION --> ++<p>This is the name of the Envelope From header controlled ++by the option above. This can also be the filename of a ++ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Evelope To Header</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++X−%org−name%−MailScanner−To:</p> ++<!-- INDENTATION --> ++<p>This is the name of the Envelope To header controlled by ++the option above. This can also be the filename of a ++ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Detailed Spam Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>If this is set to yes then you get the normal fully ++detailed spam report in spam messages. If this is set to no ++then you simply get a "spam" or "not ++spam" report. The exact text inserted can be configured ++in the languages.conf file for your language.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Include Scores In SpamAssassin Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>Do you want to include the numerical scores in the ++detailed SpamAssassin report, or just list the names of the ++scores?</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam Score Character</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: s</p> ++<!-- INDENTATION --> ++<p>If the option "Spam Score" is set, this is the ++character that will be repeated in the "Spam Score ++Header", one letter for each point in the SpamAssassin ++score.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>SpamScore Number Instead Of Stars</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>If this option is set to yes, you will get a ++spam−score header saying just the value of the spam ++score, instead of the row of characters representing the ++score. This can also be the filename of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Minimum Stars If on Spam List</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 0</p> ++<!-- INDENTATION --> ++<p>This sets the minimum number of "Spam Score ++Characters" which will appear if a message triggered ++the "Spam List" setting but received a very low ++SpamAssassin score. This means that people who only filter ++on the "Spam Stars" will still be able to catch ++messages which receive a very low SpamAssassin score. Set ++this value to 0 to disable it. This can also be the filename ++of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Clean header Value</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: Found to be clean</p> ++<!-- INDENTATION --> ++<p>This is the text that is added to the "Mail ++Header" when a message is found to be clean and free of ++viruses and other dangerous content.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Infected Header Value</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: Found to be infected</p> ++<!-- INDENTATION --> ++<p>This is the text that is added to the "Mail ++Header" when a message is found to be infected with a ++virus or other dangerous content.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Disinfected Header Value</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: Disinfected</p> ++<!-- INDENTATION --> ++<p>This is the text that is added to the "Mail ++Header" of a message that is created by MailScanner to ++contain disinfected documents containing macro viruses that ++could be completely removed, leaving the original document ++intact.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Information Header Value</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: Please contact the ISP for more information</p> ++<!-- INDENTATION --> ++<p>This is the text that is added to the "Information ++Header" of a message that has passed through ++MailScanner at all. It could be used to provide a URL or ++contact address for recipients if they have any queries ++about the messages they have received. If the setting ++"Information Header" is blank, this message will ++not be added to the Mail Header.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Multiple Headers</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: append</p> ++<!-- INDENTATION --> ++<p>When a message passes through more than one MailScanner ++server on your site, they will each try to add their own ++headers. This option controls what should happen when trying ++to add a MailScanner header that already exists in the ++message. Valid options are append (append the new data to ++the existing header), add (add a new header) and replace ++(replace the old data with the new data).</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Hostname</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: the MailScanner</p> ++<!-- INDENTATION --> ++<p>This is the name of the MailScanner server that is put in ++messages to users. If you have more than one MailScanner ++server on your site, you will want to change this on each ++server so that you can tell them apart.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Sign Messages Already Processed</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>If a message has already been processed by another ++MailScanner server on your site, then the "Inline ++HTML/Text Signature" is not added to the message again ++if this option is set. Without it, you will get one ++signature added for every MailScanner server that processes ++the message.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Sign Clean Messages</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>If this option is set, then the "Inline HTML/Text ++Signature" will be added to the end of every clean ++message processed by MailScanner. You can use this to inform ++the recipient that the message has been checked, and also to ++add any legal disclaimer or copyright statement you want to ++add to every message. Using a ruleset for this option, you ++could very simply set it so that only messages leaving your ++site are signed, for example.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Mark Infected Messages</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>If this option is set, then the "Inline HTML/Text ++Warning" is added to the start of every message that is ++found to be infected or has had attachments removed for any ++reason. This can be used to guide the recipients to read the ++infection reports contained in the replacement ++attachments.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Mark Unscanned Messages</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>If this option is set, then any message which is not ++scanned by MailScanner gets the "Mail Header" ++added to it with the string contained in the "Unscanned ++Header Value" option. This can be used to advertise ++your MailScanner service to customers/clients who are ++currently not using it.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Unscanned Header Value</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: Not scanned: please contact your Internet ++E−Mail Service Provider for details</p> ++<!-- INDENTATION --> ++<p>This supplies the text that is placed in the "Mail ++Header" of messages that have not been scanned, if the ++option "Mark Unscanned Messages" is set. It is a ++useful place to advertise your MailScanner service to new ++customers/clients.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> +<p><b>Remove These Headers</b></p></td> +</table> +<!-- INDENTATION --> @@ -89,33 +2862,1846 @@ +<tr valign="top" align="left"> +<td width="11%"></td> +<td width="89%"> - <p><b>Deliver Cleaned Messages</b></p></td> - </table> - <!-- INDENTATION --> -@@ -3650,13 +3710,11 @@ - <tr valign="top" align="left"> - <td width="22%"></td> - <td width="78%"> --<p>Default: us−ascii</p> ++<p><b>Deliver Cleaned Messages</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>Once a message has had all viruses and dangerous content ++removed from it, it will then be delivered to the original ++recipients if this option is set. If you want the behaviour ++from previous versions of MailScanner that had the ++"Deliver From Local Domains" keyword, then you ++should set this to be a ruleset that only returns ++"yes" for messages destined for inside your site, ++and "no" for messages going out of your site.</p> ++</td> ++</table> ++<a name="Notifications back to the senders of blocked messages"></a> ++<h2>Notifications back to the senders of blocked messages</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Notifiy Senders</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>Do you want to notify the people who sent you messages ++containing viruses or badly−named filenames? The ++default value has been changed to "no" as most ++viruses now fake sender addresses and therefore should be on ++the "Silent Viruses" list. This can also be the ++filename of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Notify Senders Of Blocked Filenames Or ++Filetypes</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>*If* "Notify Senders" is set to yes, do you ++want to notify people who sent you messages containing ++attachments that are blocked due to their filename or file ++contents? This can also be the filename of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Notify Senders Of Other Blocked Content</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>*If* "Notify Senders" is set to yes, do you ++want to notify people who sent you messages containing other ++blocked content, such as partial messages or messages with ++external bodies? This can also be the filename of a ++ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Notify Senders Of Viruses</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>*If* "Notify Senders" is set to yes, do you ++want to notify people who sent you messages containing ++viruses? This can also be the filename of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Never Notify Senders Of Precedence</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: list bulk</p> ++<!-- INDENTATION --> ++<p>If you supply a space−separated list of message ++"precedence" settings, then senders of those ++messages will not be warned about anything you rejected. ++This is particularly suitable for mailing lists, so that any ++MailScanner responses do not get sent to the entire ++list.</p> ++</td> ++</table> ++<a name="Changes to subject line"></a> ++<h2>Changes to subject line</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Scanned Modify Subject</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no # end</p> ++<!-- INDENTATION --> ++<p>If this is set to "start" or "end" ++then the "Scanned Subject Text" is inserted at the ++start or the end of the Subject: line. This only happens if ++the Subject: line has not already been modified for any ++other reason.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Scanned Subject Text</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: {Scanned}</p> ++<!-- INDENTATION --> ++<p>This is the text inserted at the start or the end of the ++Subject: line if the "Scanned Modify Subject" ++option above is in effect.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Virus Modify Subject</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>If this is set, then the "Subject:" line of a ++message that was infected with a virus will have the ++"Virus Subject Text" text inserted at the ++start.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Virus Subject Text</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: {Virus?}</p> ++<!-- INDENTATION --> ++<p>This is the text inserted at the start of the ++"Subject:" line if the "Virus Modify ++Subject" option is set.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Filename Modify Subject</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>If this is set, then the "Subject:" line of a ++message that had an attachment with a dangerous filename ++will have the "Filename Subject Text" text ++inserted at the start.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Filename Subject Text</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: {Virus?}</p> ++<!-- INDENTATION --> ++<p>This is the text inserted at the start of the ++"Subject:" line if the "Filename Modify ++Subject" option is set.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Content Modify Subject</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>If this is set, then the "Subject:" line of a ++message that triggered a content check without anything else ++wrong in the message will have the "Content Subject ++Text" text inserted at the start.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Content Subject Text</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: {Filename?}</p> ++<!-- INDENTATION --> ++<p>This is the text inserted at the start of the ++"Subject:" line if the "Content Modify ++Subject" option is set.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam Modify Subject</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>If this is set, then the "Subject:" line of a ++message that was determined to be spam will have the ++"Spam Subject Text" text inserted at the ++start.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam Subject Text</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: {Spam?}</p> ++<!-- INDENTATION --> ++<p>This is the text to add to the start of the subject if ++the "Spam Modify Subject" option is set. The exact ++string "_SCORE_" will be replaced by the numeric ++SpamAssassin score. This can also be the filename of a ++ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>High Scroing Spam Modify Subject</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>If this is set, then the "Subject:" line of a ++message that was determined to be spam, and had a ++SpamAssassin score greater than the "High SpamAssassin ++Score" will have the "High Scoring Spam Subject ++Text" text inserted at the start.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>High Scoring Spam Subject Text</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: {Spam?}</p> ++<!-- INDENTATION --> ++<p>This is just like the "Spam Subject Text" ++option above, except that it applies then the score from ++SpamAssassin is higher than the "High SpamAssassin ++Score" value. The exact string "_SCORE_" will ++be replaced by the numeric SpamAssassin score. This can also ++be the filename of a ruleset.</p> ++</td> ++</table> ++<a name="Changes to the message body"></a> ++<h2>Changes to the message body</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Warning Is Attachment</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>When an infected or dangerous attachment is replaced with ++a text message containing the infection report, should the ++replacement be an attachment (yes) or should it be included ++inline in the main text of the message (no).</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Attachment Warning Filename</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++%org−name%−Attachment−Warning.txt</p> ++<!-- INDENTATION --> ++<p>What an infected or dangerous attachment is replaced with ++a text message containing the infection report, this is the ++filename of the attachment that appears in the message.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Attachment Encoding Charset</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> +<p>Default: ISO−8859−1</p> - <!-- INDENTATION --> - <p>This is the name of the encoding character set used for --the contents of "VirusWarning.txt" attachments. If --your users do not use English as their preferred language, --you may want to set this to --"ISO−8859−1".</p> ++<!-- INDENTATION --> ++<p>This is the name of the encoding character set used for +the contents of "VirusWarning.txt" +attachments.</p> - </td> - </table> - <a name="Mail archiving and monitoring"></a> -@@ -5007,9 +5065,14 @@ - <p>The per−user files (bayes, auto−whitelist, - user_prefs) are looked for here and in ~/.spamassassin/. - Note the files are mutable. If this is unset then no extra --places are searched for. If using Postfix, you probably want --to set this to /var/spool/MailScanner/spamassassin and --do</p> ++</td> ++</table> ++<a name="Mail archiving and monitoring"></a> ++<h2>Mail archiving and monitoring</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Archive Mail</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>Space−separated list of any combination of</p></td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="29%"></td> ++<td width="71%"> ++ ++<p>1. email addresses to which mail should be ++forwarded,</p> ++</td> ++<tr valign="top" align="left"> ++<td width="29%"></td> ++<td width="71%"> ++ ++<p>2. directory names where you want mail to be stored,</p> ++</td> ++<tr valign="top" align="left"> ++<td width="29%"></td> ++<td width="71%"> ++ ++<p>3. file names to which mail will be appended.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>The files (option 3) are using the "mbox" ++format suitable for most Unix mail systems. These files must ++already exist since MailScanner will not create them!</p> ++<!-- INDENTATION --> ++<p>If you give this option a ruleset, you can control ++exactly whose mail is archived or forwarded. If you do this, ++beware of the legal implications as this could be deemed to ++be illegal interception unless the police have asked you to ++do this.</p> ++</td> ++</table> ++<a name="Notices to system administrators"></a> ++<h2>Notices to system administrators</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Send Notices</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>Should system administrators listed in the "Notices ++To" option be notified of every infection found?</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Notices Include Full Headers</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>If this option is set, then the system administrator ++notices will include the full headers of every infected ++message. If this option is set to "no" then only a ++restricted set of headers is included in the notices.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Hide Incoming Work Dir in Notices</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>When this option is set, the full directory in which the ++virus was found will be removed from report messages sent to ++administrators. This makes the infection reports a lot ++easier to understand. It is also very useful if your notices ++go to your customer sites.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Notice Signature</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: −− \nMailScanner\nEmail Virus ++Scanner\nwww.mailscanner.info</p> ++<!-- INDENTATION --> ++<p>This string is added to the bottom of all system ++administrator notices, and is intended to be the signature ++of your MailScanner system. To insert ++"line−breaks" or "newline" ++characters, use the sequence 0</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Notices From</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: MailScanner</p> ++<!-- INDENTATION --> ++<p>The visible part of the email address used in the ++"From:" line of the notices. The ++<user@domain> part of the email address is set to the ++"Local Postmaster" setting.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Notices To</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: postmaster</p> ++<!-- INDENTATION --> ++<p>This option provides a list of the addresses to which ++virus notices should be sent. You may want to set this to be ++a ruleset, providing different notification addresses for ++different domains that you administer.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Local Postmaster</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: postmaster</p> ++<!-- INDENTATION --> ++<p>When virus warnings are sent to any users, this is the ++email address used as the "From:" header in the ++messages.</p> ++</td> ++</table> ++<a name="Definitions of virus scanners and spam detectors"></a> ++<h2>Definitions of virus scanners and spam detectors</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam List Definitions</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %etc−dir%/spam.lists.conf</p> ++<!-- INDENTATION --> ++<p>This file contains all the definitions of the "Spam ++Lists" (also known as RBL’s or DNSBL’s) ++which can be used to try to detect spam based on where each ++message came from. Many more spam lists can be added to this ++file, but it contains the most popular ones to get you ++started.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Virus Scanner Definitions</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %etc−dir%/virus.scanners.conf</p> ++<!-- INDENTATION --> ++<p>This file contains the locations of all the commands that ++are run for each virus scanner. Check this file before ++starting MailScanner to make sure it will run the correct ++command or wrapper script.</p> ++</td> ++</table> ++<a name="Spam detection and spam lists (DNS blocklists)"></a> ++<h2>Spam detection and spam lists (DNS blocklists)</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam Checks</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>If this option is set, messages will be checked to see if ++they are spam.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam List</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ORDB−RBL Infinite−Monkeys</p> ++<!-- INDENTATION --> ++<p>This provides a space−separated list of "Spam ++Lists" (or RBL’s or DNSBL’s) which are ++checked for each message. These lists are based on the ++numeric IP address of the server that sent the message to ++your MailScanner server. Every list used here must be ++defined in the "Spam List Definitions" file ++mentioned above.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam Domain List</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>This provides a space−separated list of "Spam ++Lists" (or RBL’s or DNSBL’s) which are ++checked for each message. These lists are based on the ++domain name of the sender address of each message. Every ++list used here must be defined in the "Spam List ++Definitions" file mentioned above.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam Lists To Reach High Score</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 5</p> ++<!-- INDENTATION --> ++<p>If a message appears in at least this number of ++"Spam Lists" (as defined above), then the message ++will be treated as "High Scoring Spam" and so the ++"High Scoring Spam Actions" will happen. You ++probably want to set this to 2 if you are actually using ++this feature. 5 is high enough that it will never happen ++unless you use lots of "Spam Lists". This can also ++be the filename of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam List Timeout</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 10</p> ++<!-- INDENTATION --> ++<p>This is the number of seconds to wait for each "Spam ++List" lookup to complete. If the lookup takes longer ++than this, it is killed and ignored.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Max Spam List Timeouts</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 7</p> ++<!-- INDENTATION --> ++<p>If a "Spam List" lookup times out for this many ++consecutive checks without ever succeeding, then the ++particular "Spam List" entry will not be used any ++more, as it appears to be unreachable. When MailScanner ++restarts itself after a few hours, MailScanner will try to ++use the entry again, in case service has resumed ++properly.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam List Timeouts History</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 10</p> ++<!-- INDENTATION --> ++<p>The total number of Spam List attempts during which ++"Max Spam List Timeouts" will cause the spam list ++fo be marked as "unavailable". See the previous ++comment for more information. The default values of 5 and 10 ++mean that 5 timeouts in any sequence of 10 attempts will ++cause the list to be marked as "unavailable" until ++the next periodic restart (see "Restart ++Every").</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Is Definitely Not Spam</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %rules−dir%/spam.whitelist.rules</p> ++<!-- INDENTATION --> ++<p>This option would normally be a ruleset. Any messages for ++which the ruleset result is "yes" will never be ++marked as spam. This is used to create a spam ++"whitelist" of addresses which are never spam. You ++will probably want to include your own site (or your own ++site’s IP addresses) in this ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Is Definitely Spam</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>This option would normally be a ruleset. Any messages for ++which the ruleset result is "yes" will always be ++marked as spam. This is used to create a spam ++"blacklist" of addresses of known spammers.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Definite Spam Is High Scoring</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Setting this to yes means that spam found in the ++blacklist is treated as "High Scoring Spam" in the ++"Spam Actions" section below. Setting it to no ++means that it will be treated as "normal" spam. ++This can also be the filename of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Ignore Spam Whitelist If Recipients ++Exceed</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 20</p> ++<!-- INDENTATION --> ++<p>Spammers have learnt that they can get their message ++through by sending a message with lots of recipients, one of ++which chooses to whitelist everything coming to them, ++including the spammer. So if a message arrives with more ++than this number of recipients, ignore the "Is ++Definitely Not Spam" whitelist.</p> ++</td> ++</table> ++<a name="SpamAssassin"></a> ++<h2>SpamAssassin</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Use SpamAssassin</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Do you want to detect spam using the very good ++SpamAssassin package? You must have installed SpamAssassin ++before using this option, otherwise MailScanner will not ++start properly.<br> ++NOTE for FreeBSD port user: The SpamAssassin port is not ++automatically installed with the MailScanner port. You can ++find it at ++/usr/ports/mail/p5−Mail−SpamAssassin.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Max SpamAssassin Size</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 90000</p> ++<!-- INDENTATION --> ++<p>SpamAssassin is quite slow when processing very large ++messages. To work round this problem, this option provides a ++maximum size for messages that are processed with ++SpamAssassin. Most real spam is usually less than about ++50,000 bytes per message.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Required Spam Assassin Score</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 6</p> ++<!-- INDENTATION --> ++<p>This gives the minimum SpamAssassin score value above ++which messages are spam. This replaces SpamAssassin’s ++own "required_hits" value, so that it can be a ++ruleset and set to different values for different ++users/domains.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>High SpamAssassin Score</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 20</p> ++<!-- INDENTATION --> ++<p>Messages with a SpamAssassin score greater than this ++value are labelled as being "High Scoring Spam", ++and a different set of "Spam Actions" are applied ++to messages scoring at least this value.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>SpamAssassin Auto Whitelist</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>SpamAssassin has a feature which measures the ratio of ++spam to non−spam originating from different addresses, ++and will automatically add addresses to its own internal ++"whitelist" if most of the messages from an ++address is not spam. This option enables this feature of ++SpamAssassin. Please read their documentation for more ++information.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>SpamAssassin Prefs File</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %etc−dir%/spam.assassin.prefs.conf</p> ++<!-- INDENTATION --> ++<p>SpamAssassin uses a "user preferences" file ++which can be used to set the values of various SpamAssassin ++options. This is the name of that file. Its most useful ++feature is that the RBL/DNSBL/"Spam List" checks ++done by SpamAssassin can be disabled as MailScanner already ++does them and there is little to be gained by doing these ++checks twice for every message.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>SpamAssassin Timeout</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 30</p> ++<!-- INDENTATION --> ++<p>This option sets the maximum number of seconds to wait ++for SpamAssassin to process a message. This is a useful ++protection against occasional bugs in SpamAssassin that can ++cause it to take hours to process a single message.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Max SpamAssasin Timeouts</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 20</p> ++<!-- INDENTATION --> ++<p>If several consecutive calls to SpamAssassin time out, ++then MailScanner decides that there is something stopping ++SpamAssassin from working properly. It will therefore be ++disabled for the next few hours until MailScanner restarts ++itself, at which point it will be tried again.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>SpamAssassin Timeouts History</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 30</p> ++<!-- INDENTATION --> ++<p>The total number of SpamAssassin attempts during which ++"Max SpamAssassin Timeouts" will cause ++SpamAssassin to be marked as "unavailable". See ++the previous comment for more information. The default ++values of 10 and 20 mean that 10 timeouts in any sequence of ++20 attempts will trigger the behaviour described above, ++until the next periodic restart (see "Restart ++Every").</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Check SpamAssassin If On Spam List</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>If a message has already triggered any of the "Spam ++List" checks, the SpamAssassin check will be skipped if ++this option is set to "no". This can help reduce ++the load on your server if SpamAssassin checks take a long ++time for some reason.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Always Include SpamAssasin Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>If this option is set, then the "Spam Header" ++will be included in the header of every message, so its ++presence cannot be used to filter out spam by your ++users’ e−mail applications.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam Score</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>If a message is spam, and this option is set, then a ++header will be added to the message containing 1 character ++for each point in the SpamAssassin score. This allows users ++to choose for themselves the SpamAssassin scores at which ++they want to do different things with the message, such as ++file it or delete it.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Rebuild Bayes Every</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: 0</p> ++<!-- INDENTATION --> ++<p>If you are using the Bayesian statistics engine on a busy ++server, you may well need to force a Bayesian database ++rebuild and expiry at regular intervals. This is measures in ++seconds. 24 hours = 86400 seconds. To disable this feature ++set this to 0.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Wait During Bayes Rebuild</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p># The Bayesian database rebuild and expiry may take a 2 ++or 3 minutes # to complete. During this time you can either ++wait, or simply # disable SpamAssassin checks until it has ++completed. WaitDuringBayesRebuild = no</p> ++</td> ++</table> ++<a name="What to do with spam"></a> ++<h2>What to do with spam</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam Actions</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: deliver</p> ++<!-- INDENTATION --> ++<p>This can be any combination of 1 or more of the following ++keywords, and these actions are applied to any message which ++is spam.</p> ++</td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="4" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>"deliver" − the message is delivered to ++the recipient as normal</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>"delete" − the message is deleted</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>"store" − the message is stored in the ++quarantine</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>"forward" − an email address is ++supplied, to which the message is forwarded</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>"notify" − Send the recipients a short ++notification that spam addressed to them was not delivered. ++They can then take action to request retrieval of the ++orginal message if they think it was not spam.</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>"striphtml" − convert all in−line ++HTML content in the message to be stripped to plain text, ++which removes all images and scripts and so can be used to ++protect your users from offensive spam. Note that using this ++action on its own does not imply that the message will be ++delivered, you will need to specify "deliver" or ++"forward" to actually deliver the message.</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>"attachment" − Convert the original ++message into an attachment of the message. This means the ++user has to take an extra step to open the spam, and stops ++"web bugs" very effectively.</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>"bounce" − bounce the spam message. This ++option should not be used and must be enabled with the ++"Enable Spam Bounce" option first.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>High Scoring Spam Actions</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: deliver</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="28%"></td> ++<td width="72%"> ++<p>This is the same as the "Spam Actions" option ++above, but it gives the actions to apply to any message ++whose SpamAssassin score is above the "High ++Scoring" threshold described above.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Non Spam Actions</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: deliver</p> ++<!-- INDENTATION --> ++<p>This is the same as the "Spam Actions" option ++above, except that it applies to messages that are NOT spam. ++The bounce option does not make much sense here so do not ++use it.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Sender Spam Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %reports−dir%/sender.spam.report.txt</p> ++<!-- INDENTATION --> ++<p>When the "bounce" spam action is applied to a ++message that triggered both a "Spam List" check ++and SpamAssassin, this file gives the text to put in that ++message.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Sender Spam List Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++%reports−dir%/sender.spam.rbl.report.txt</p> ++<!-- INDENTATION --> ++<p>When the "bounce" spam action is applied to a ++message that triggered a "Spam List" check, this ++file gives the text to put in that message.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Sender SpamAssassin Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++%reports−dir%/sender.spam.sa.report.txt</p> ++<!-- INDENTATION --> ++<p>When the "bounce" spam action is applied to a ++message that triggered SpamAssassin, this file gives the ++text to put in that message.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Inline Spam Warning</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %reports−dir%/inline.spam.warning.txt</p> ++<!-- INDENTATION --> ++<p>If you use the ’attachment’ Spam Action or ++High Scoring Spam Action then this is the location of inline ++spam report that is inserted at the top of the message.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Recipient Spam Report</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++%reports−dir%/recipient.spam.report.txt</p> ++<!-- INDENTATION --> ++<p>If you use the ’notify’ Spam Action or High ++Scoring Spam Action then this is the location of the ++notification message that is sent to the original recipients ++of the message.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Enable Spam Bounce</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %rules−dir%/bounce.rules</p> ++<!-- INDENTATION --> ++<p>You can use this ruleset to enable the "bounce" ++Spam Action. You must *only* enable this for mail from sites ++with which you have agreed to bounce possible spam. Use it ++on low−scoring spam only (<10) and only to your ++regular customers for use in the rare case that a message is ++mis−tagged as spam when it shouldn’t have been. ++Beware that many sites will automatically delete the bounce ++messages created by using this option unless you have agreed ++this with them in advance.</p> ++</td> ++</table> ++<a name="System logging"></a> ++<h2>System logging</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Syslog Facility</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: mail</p> ++<!-- INDENTATION --> ++<p>This is the name of the "facility" used by ++syslogd to log MailScanner’s messages. If this ++doesn’t mean anything to you, then either leave it ++alone or else read the "syslogd" man page.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Log Speed</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Do you want to log the processing speed for each section ++of the code for a batch? This can be very useful for ++diagnosing speed problems, particularly in spam ++checking.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Log Spam</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>If this option is set, then every spam message will be ++logged to syslog. If you get a lot of spam, or your server ++load is high, you will want to leave this option switched ++off. But if you are having trouble with spam detection, ++setting this to "yes" temporarily can provide ++useful debugging output.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Log Non Spam</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Do you want all non−spam to be logged? Useful if ++you want to see all the SpamAssassin reports of mail that ++was marked as non−spam. Note: It will generate a lot ++of log traffic.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Log Permitted Filenames</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>If this option is set, then every attachment filename ++that passes the "filename rules" checks will be ++logged to syslog. Normally this is of no interest. But if ++you are having trouble getting your filename rules correct, ++setting, this can provide useful debugging output.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Log Permitted Filetypes</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Log all the filenames that are allowed by the Filetype ++Rules, or just the filetypes that are denied? This can also ++be the filename of a ruleset.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Log Silent Viruses</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Log all occurrences of "Silent Viruses" as ++defined above? This can only be a simple yes/no value, not a ++ruleset.</p> ++</td> ++</table> ++<a name="Advanced SpamAssassin Settings"></a> ++<h2>Advanced SpamAssassin Settings</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>If you are using Postfix you may well need to use some of ++the settings below, as the home directory for the ++"postfix" user cannot be written to by the ++"postfix" user. You may also need to use these if ++you have installed SpamAssassin somewhere other than the ++default location.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>SpamAssassin User State Dir</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>The per−user files (bayes, auto−whitelist, ++user_prefs) are looked for here and in ~/.spamassassin/. ++Note the files are mutable. If this is unset then no extra +places are searched for. NOTE: SpamAssassin is always called +from MailScanner as the same user, and that is the "Run +As" user specified in MailScanner.conf. So you can only @@ -124,6 +4710,1043 @@ +You should not normally need to set this at all. If using +Postfix, you probably want to set this to +/var/spool/MailScanner/spamassassin and do</p> - </td> - </table> - <!-- INDENTATION --> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="26%"></td> ++<td width="74%"> ++<p>mkdir /var/spool/MailScanner/spamassassin<br> ++chown postfix.postfix ++/var/spool/MailScanner/spamassassin</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>SpamAssassin Install Prefix</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>This setting is useful if SpamAssassin is installed in an ++unusual place, e.g. /opt/MailScanner. The install prefix is ++used to find some fallback directories if neither of the ++following two settings work. If this is set then it adds to ++the list of places that are searched; otherwise it has no ++effect.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>SpamAssassin Local Rules Dir</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>This tells MailScanner where to look for the ++site−local rules. If this is set it adds to the list ++of places that are searched. MailScanner will always look at ++the following places (even if this option is not set):</p> ++</td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="5" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="43%"> ++ ++<p>prefix/etc/spamassassin</p> ++</td> ++<td width="29%"> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="43%"> ++ ++<p>prefix/etc/mail/spamassassin</p> ++</td> ++<td width="29%"> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="43%"> ++ ++<p>/usr/local/etc/spamassassin</p> ++</td> ++<td width="29%"> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="43%"> ++ ++<p>/etc/spamassassin</p> ++</td> ++<td width="29%"> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="43%"> ++ ++<p>/etc/mail/spamassassin</p> ++</td> ++<td width="29%"> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="43%"> ++ ++<p>maybe others as well</p> ++</td> ++<td width="29%"> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>SpamAssassin Default Rules Dir</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="28%"></td> ++<td width="72%"> ++<p>This tells MailScanner where to look for the default ++rules. If this is set it adds to the list of places that are ++searched. MailScanner will always look at the following ++places (even if this option is not set):</p></td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="5" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="44%"> ++ ++<p>prefix/share/spamassassin</p> ++</td> ++<td width="28%"> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="44%"> ++ ++<p>/usr/local/share/spamassassin</p> ++</td> ++<td width="28%"> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="44%"> ++ ++<p>/usr/share/spamassassin</p> ++</td> ++<td width="28%"> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="44%"> ++ ++<p>maybe others as well</p> ++</td> ++<td width="28%"> ++</td> ++</table> ++<a name="Advanced Settings"></a> ++<h2>Advanced Settings</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Spam Score Number Format</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: %d</p> ++<!-- INDENTATION --> ++<p>When putting the value of the spam score of a message ++into the headers, how do you want to format it. If you ++don’t know how to use sprintf() or printf() in C, ++please *do not modify* this value. This can also be the ++filename of a ruleset. A few examples for you:</p> ++</td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="5" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="20%"> ++ ++<p>%d</p> ++</td> ++<td width="1%"></td> ++<td width="14%"> ++ ++<p>==> 12</p> ++</td> ++<td width="54%"> ++</td> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="20%"> ++ ++<p>%5.2f</p> ++</td> ++<td width="1%"></td> ++<td width="14%"> ++ ++<p>==> 12.34</p> ++</td> ++<td width="54%"> ++</td> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="20%"> ++ ++<p>%05.1f</p> ++</td> ++<td width="1%"></td> ++<td width="14%"> ++ ++<p>==> 012.3</p> ++</td> ++<td width="54%"> ++</td> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="20%"> ++ ++<p><b>Debug</b></p> ++</td> ++<td width="1%"></td> ++<td width="14%"></td> ++<td width="54%"> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>Default: no</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Not for use by normal users. Setting this option to ++"yes" will put MailScanner into debugging mode, in ++which it creates slightly more output and will not become a ++daemon.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Debug SpamAssassin</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Do you want to debug SpamAssassin from within ++MailScanner?</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Run In Foreground</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>Set Run In Foreground to "yes" if you want ++MailScanner to operate normally in foreground (and not as a ++background daemon). Use this if you are controlling the ++execution of MailScanner with a tool like DJB’s ++’supervise’ (see ++http://cr.yp.to/daemontools.html).</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>LDAP Server</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>If you are using an LDAP server to read the ++configuration, these are the details required for the LDAP ++connection. The connection is anonymous. Example: ++localhost</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>LDAP Base</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>If you are using an LDAP server to read the ++configuration, these are the details required for the LDAP ++connection. The connection is anonymous. Example: o=fsl</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>LDAP Site</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default:</p> ++<!-- INDENTATION --> ++<p>If you are using an LDAP server to read the ++configuration, these are the details required for the LDAP ++connection. The connection is anonymous. Example: ++default</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Always Looked Up Last</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>The value of the option is actually never used, but it is ++evaluated at the end of processing a batch of messages. It ++is designed to be used in conjunction with a Custom ++Function. The Custom Function should then be written to have ++a "side effect" of doing something useful such as ++logging lots of information about the batch of messages to a ++file or an SQL database.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Deliver in Background</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p> ++<!-- INDENTATION --> ++<p>When attempting delivery of any messages (when the ++"Delivery Method = batch") the sendmail/Exim ++command will be run in the background so that MailScanner ++does not have to wait for the delivery attempt to complete. ++There are very few good reasons for setting this to ++"no".</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Lockfile Dir</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: /tmp</p> ++<!-- INDENTATION --> ++<p>This is the directory in which lock files are placed to ++stop the virus scanners used while they are in the middle of ++updating themselves with new virus definitions. If you ++change this at all, you will need to edit the ++"autoupdate" scripts for all your virus ++scanners.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Custom Functions Dir</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: ++/opt/MailScanner/lib/MailScanner/CustomFunctions<br> ++Default FreeBSD: ++/usr/local/lib/MailScanner/MailScanner/CustomFunctions</p> ++<!-- INDENTATION --> ++<p>Where to put the code for your "Custom ++Functions". No code in this directory should be ++over−written by the installation or upgrade process. ++All files starting with "." or ending with ++".rpmnew" will be ignored, all other files will be ++compiled and may be used with Custom Functions.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Lock Type</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Do not set this option to anything unless you know ++exactly what you are doing. For sendmail and Exim, ++MailScanner will choose the correct value by default. This ++affects how mail queue files are locked, and your mail will ++be totally screwed up if you set this option to anything ++other than the correct value for your MTA. So leave it alone ++and let MailScanner choose the correct value for you.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Minimum Code Status</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: supported</p> ++<!-- INDENTATION --> ++<p>Minimum acceptable code stability status −− ++if we come across code that’s not at least as stable ++as this, we barf. This is currently only used to check that ++you don’t end up using untested virus scanner support ++code without realising it. Don’t even *think* about ++setting this to anything other than "beta" or ++"supported" on a system that receives real mail ++until you have tested it yourself and are happy that it is ++all working as you expect it to. Don’t set it to ++anything other than "supported" on a system that ++could ever receive important mail. Levels used are:</p> ++</td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="4" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>none − there may not even be any code.</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>unsupported − code may be completely untested, a ++contributed dirty hack, anything, really.</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>alpha − code is pretty well untested. Don’t ++assume it will work.</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>beta − code is tested a bit. It should work.</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="1%"> ++ ++<p>•</p> ++</td> ++<td width="5%"></td> ++<td width="72%"> ++ ++<p>supported − code *should* be reliable.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Split Exim Spool</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: yes</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="28%"></td> ++<td width="72%"> ++<p>Are you using Exim with split spool directories? If you ++don’t understand this, the answer is probably ++"no". Refer to the Exim documentation for more ++information about split spool directories.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p><b>Use Default Rules With Multiple ++Recipients</b></p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Default: no</p> ++<!-- INDENTATION --> ++<p>When trying to work out the value of configuration ++parameters which are using a ruleset, this controls the ++behaviour when a rule is checking the "To:" ++addresses. If this option is set to "no", then ++some rules will use the result they get from the first ++matching rule for any of the recipients of a message, so the ++exact value cannot be predicted for messages with more than ++1 recipient. This value *cannot* be the filename of a ++ruleset.<br> ++If this option is set to "yes", then the following ++happens when checking the ruleset:</p> ++</td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="4" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="3%"> ++ ++<p>a)</p> ++</td> ++<td width="3%"></td> ++<td width="72%"> ++ ++<p>1 recipient. Same behaviour as normal.</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="3%"> ++ ++<p>b)</p> ++</td> ++<td width="3%"></td> ++<td width="72%"> ++ ++<p>Several recipients, but all in the same domain ++(domain.com for example). The rules are checked for one that ++matches the string "*@domain.com".</p> ++</td> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="3%"> ++ ++<p>c)</p> ++</td> ++<td width="3%"></td> ++<td width="72%"> ++ ++<p>Several recipients, not all in the same domain. The ++rules are checked for one that matches the string ++"*@*".</p> ++</td> ++</table> ++<a name="RULESETS"></a> ++<h2>RULESETS</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>Ruleset files should all be put in ++/opt/MailScanner/etc/rules (FreeBSD: ++/usr/local/etc/MailScanner/rules) and their filename should ++end in ".rules" wherever possible.</p> ++<!-- INDENTATION --> ++<p>All blank lines are ignored, and comments start with ++"#" and continue to the end of the line, like ++this: # This line is just a comment</p> ++<!-- INDENTATION --> ++<p>Other than that, every line is a rule and looks like this ++example: From: john.doe@domain.com yes</p> ++<!-- INDENTATION --> ++<p>As you can see, each rule has 3 fields:<br> ++1. Direction<br> ++2. Pattern to match<br> ++3. Result value (or values)</p> ++<!-- INDENTATION --> ++<p>1. Direction should be one of the following:</p> ++</td> ++</table> ++<!-- TABS --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="5" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="7%"> ++ ++<p>From:</p> ++</td> ++<td width="4%"></td> ++<td width="78%"> ++ ++<p>Matches when the message is from a matching address</p> ++</td> ++<td width="0%"> ++</td> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="7%"> ++ ++<p>To:</p> ++</td> ++<td width="4%"></td> ++<td width="78%"> ++ ++<p>Matches when the message is to a matching address</p> ++</td> ++<td width="0%"> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>FromOrTo:</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Matches when the message is from or to a matching ++address</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>FromAndTo:</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Matches when the message is from and to a matching ++address</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>The syntax of these is very loosely defined. Any word ++containing "from", any word containing ++"to", any word containing "from" and ++"to" (in either order), and any word containing ++"and" will work just fine. You can put them in ++upper or lower case, it doesn’t matter. And any ++additional punctuation will be ignored.</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>This specifies the whether the rule should be matched ++against the sender’s address (or IP address), or the ++recipient’s address.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>2. The pattern describes what messages should match this ++rule. Some examples are:</p> ++<!-- INDENTATION --> ++<p>user@sub.domain.com # Individual address<br> ++user@* # 1 user at any domain<br> ++*@sub.domain.com # Any user at 1 domain<br> ++*@*.domain.com # Any user at any sub−domain of ++"domain.com"<br> ++*@domain.com # Any user at 1 specific domain<br> ++/pattern/ # Any address matching this Perl regular<br> ++# expression<br> ++192.168. # Any SMTP client IP address in this network<br> ++/pattern−with−no−letters/ # Any SMTP ++client IP address matching this<br> ++# Perl regular expression<br> ++/^192.168.1[4567]./ # Any SMTP client IP address in the ++networks<br> ++# 192.168.14 − 192.168.17<br> ++*@* # Default value<br> ++default # Default value</p> ++<!-- INDENTATION --> ++<p>You should be able to do just about anything with ++that.</p> ++<!-- INDENTATION --> ++<p>3. The result value is what you could have put in the ++entry in the main mailscanner.conf file had you not given ++the filename of a ruleset instead.</p> ++<!-- INDENTATION --> ++<p>See the file EXAMPLES for a few ideas on how to do things ++with this system.</p> ++</td> ++</table> ++<a name="ATTACHMENT FILENAME RULESET"></a> ++<h2>ATTACHMENT FILENAME RULESET</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>This is held in the filename pointed to by the ++configuration option Filename rules. It contains a set of ++rules that are used to judge whether any given file ++attachment should be accepted or rejected on the basis of ++its filename, regardless of whether it is found to be ++virus−infected or not. This can not only be used for ++draconian measures such as banning all .exe attachments, but ++it can be used with any Perl regular expression to provide ++facilities such as detection of attempts at hiding ++filenames.</p> ++<!-- INDENTATION --> ++<p>Many Windows e−mail programs (eg. Microsoft ++Outlook) hide common file extensions in an attempt to not ++baffle the user. The result is that while an attachment ++called "Your Document.doc" is helpfully displayed ++as "Your Document", a more sinister attachment ++just as "Looks Safe.txt.pif" will appear simply as ++"Looks Safe.txt". Many users recognise the .txt ++filename extension as applying to plain text files, which ++they know are safe. So even an experienced user may well ++double−click on this attachment thinking it is just ++going to start Notepad and display the text file. However, ++the file is really an MS−Dos shortcut (.pif file) and ++can execute any arbitrary commands the author wanted: all ++without any indication to the unwitting user.</p> ++<!-- INDENTATION --> ++<p>The rules are matched in order from the top to the bottom ++of the file, and the first rule containing a matching ++regular expression is used. Each line of the file is either ++blank, a comment (in which case it starts with a ++’#’ character) or is a rule made up of 4 fields ++separated by one or more TAB characters:</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>allow / deny</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>Accept or reject the attachment if its filename matches ++the regular expression</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>regular expression</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>The rule is executed if the attachment matches this ++expression. It may optionally be surrounded in ++’/’ characters.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>log text</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>If the rule matches, this text is placed in the syslog. ++If the text is "−", no string is logged.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>user text</p></td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="22%"></td> ++<td width="78%"> ++<p>If the rule matches, this text is placed in the text ++message sent to the user. If the text is ++"−", no text is used.</p> ++</td> ++</table> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>Please have a look at the filename.rules.conf or ++filename.rules.conf.sample file provided with this ++distribution/package/port.</p> ++</td> ++</table> ++<a name="SEE ALSO"></a> ++<h2>SEE ALSO</h2> ++<!-- INDENTATION --> ++<table width="100%" border=0 rules="none" frame="void" ++ cols="2" cellspacing="0" cellpadding="0"> ++<tr valign="top" align="left"> ++<td width="11%"></td> ++<td width="89%"> ++<p>MailScanner(8)</p> ++</td> ++</table> ++<hr> ++</body> ++</html> |