Stuart Gathman
123 lines
4.6 KiB
INI
123 lines
4.6 KiB
INI
# features intended to filter or block incoming mail
|
|
[milter]
|
|
;socket=/var/run/milter/pythonsock
|
|
tempdir = /var/log/milter/save
|
|
;timeout=600
|
|
|
|
scan_rfc822 = 1
|
|
# can be CPU intensive
|
|
scan_html = 0
|
|
# reject asian fonts because we can't read them
|
|
block_chinese = 1
|
|
# users who hate forwarded mail
|
|
;block_forward = egghead@mycorp.com, busybee@mycorp.com
|
|
log_headers = 0
|
|
# Reject mail for domains mentioned unless user is mentioned here also
|
|
;check_user = joe@mycorp.com, mary@mycorp.com, file:bigcorp.com
|
|
# porn words are case insensitive
|
|
porn_words = penis, breast, pussy, horse cock, porn, xenical, diet pill, d1ck,
|
|
vi*gra, vi-a-gra, viag, tits, p0rn, hunza, horny, sexy, c0ck,
|
|
p-e-n-i-s, hydrocodone, vicodin, xanax, vicod1n, x@nax, diazepam,
|
|
v1@gra, xan@x, cialis, ci@lis, frëe, xãnax, valíum, vãlium, via-gra,
|
|
x@n3x, vicod3n, penís, c0d1n, phentermine, en1arge, dip1oma, v1codin
|
|
# spam words are case sensitive
|
|
spam_words = $$$, !!!, XXX, FREE, HGH
|
|
|
|
# connection ips and hostnames are matched against this glob style list
|
|
# to recognize internal senders
|
|
;internal_connect = 192.168.*.*
|
|
# mail that is not an internal_connect and claims to be from an
|
|
# internal domain is rejected.
|
|
;internal_domains = mycorp.com
|
|
# connections from a trusted relay can trust the first Received header
|
|
;trusted_relay = 1.2.3.4, 66.12.34.56
|
|
# reject external senders with hello names no legit external sender would use
|
|
;hello_blacklist = mycorp.com, 66.12.34.56
|
|
|
|
[srs]
|
|
config=/etc/mail/pysrs.cfg
|
|
;secret="shhhh!"
|
|
;maxage=21
|
|
;hashlength=4
|
|
;database=/var/log/milter/srsdata
|
|
;fwdomain = mydomain.com
|
|
# turn this on after a grace period
|
|
reject_spoofed = 0
|
|
|
|
[spf]
|
|
# namespace where SPF records can be supplied for domains without one
|
|
# records are search for under _spf.domain.com
|
|
;delegate = domain.com
|
|
# domains where a neutral SPF result should cause mail to be rejected
|
|
;reject_neutral = aol.com
|
|
# use a default (v=spf1 a/24 mx/24 ptr) when no SPF records are published
|
|
;best_guess = 0
|
|
# reject senders that have neither PTR nor SPF records
|
|
;reject_noptr = 0
|
|
|
|
# features intended to clean up outgoing mail
|
|
[scrub]
|
|
# domains that stupidly block visible private nodes
|
|
;hide_path = jcpenney.com
|
|
# block, don't just replace with warning, viruses from these domains
|
|
;reject_virus_from = mycorp.com
|
|
|
|
# features intended for spying on users and coworkers
|
|
[wiretap]
|
|
blind = 1
|
|
#
|
|
# wiretap lets you surreptitiously monitor a users outgoing email
|
|
# (sendmail aliases let you monitor incoming mail)
|
|
#
|
|
;users = disloyal@bigcorp.com, bigmouth@bigcorp.com
|
|
;dest = spy@bigcorp.com
|
|
# discard outgoing mail without alerting sender
|
|
# can be used in conjunction with wiretap to censor outgoing mail
|
|
;discard_users = canned@bigcorp.com
|
|
#
|
|
# smart aliases trigger on both sender and recipient
|
|
#
|
|
;smart_alias = copycust,walter
|
|
# mail from client@clientcorp.com to sue@bigcorp.com is redirected to
|
|
# local alias copycust
|
|
;copycust = client@clientcorp.com,sue@bigcorp.com
|
|
# mail from cust@othercorp.com to walter@bigcorp.com is redirected to
|
|
# boss@bigcorp.com
|
|
;walter = cust@othercorp.com,walter@bigcorp.com,boss@bigcorp.com
|
|
# additional copies can be added
|
|
;walter1 = cust@othercorp.com,walter@bigcorp.com,boss@bigcorp.com,
|
|
; walter@bigcorp.com
|
|
|
|
[dspam]
|
|
# Select a well moderated dspam dictionary to reject spammy headers
|
|
# dspam-python must be installed to use: http://bmsi.com/python/dspam.html
|
|
# only EXTERNAL messages are dspam filtered
|
|
;dspam_dict=/var/lib/dspam/moderator.dict
|
|
# Opt-opt recipients from dspam screening and header triage
|
|
;dspam_exempt=getitall@mycorp.com
|
|
# Do not scan mail (ostensibly) from these senders
|
|
;dspam_whitelist=getitall@sender.com
|
|
# Reject spam to these domains, perhaps because we are a backup MX server
|
|
;dspam_reject=othercorp.com
|
|
|
|
# directory for dspam user quarantine, signature db, and dictionaries
|
|
# defining this activates the dspam application
|
|
# dspam and dspam-python must be installed
|
|
;dspam_userdir=/var/lib/dspam
|
|
# do not dspam messages larger than this
|
|
;dspam_sizelimit=180000
|
|
|
|
# Map email addresses and aliases to dspam users
|
|
;dspam_users=david,goliath,spam,falsepositive
|
|
;david=david@foocorp.com,david.yelnetz@foocorp.com,david@bar.foocorp.com
|
|
;goliath=giant@foocorp.com,goliath.philistine@foocorp.com
|
|
# address to forward spam to. milter will process these and not deliver
|
|
;spam=spam@foocorp.com
|
|
# address to forward false positives to. milter will process and not deliver
|
|
;falsepositive=ham@foocorp.com
|
|
# the dspam_screener is used to screen mail for all recipients who are
|
|
# not dspam_users. Spam goes to the screeners quarantine, and the original
|
|
# recipients saved so that false positives can be properly delivered.
|
|
|
|
# The dspam CGI can also be used: logins must match dspam users
|