aboutsummaryrefslogtreecommitdiffstats
path: root/config/mailscanner/mailscanner.conf.template
diff options
context:
space:
mode:
Diffstat (limited to 'config/mailscanner/mailscanner.conf.template')
-rw-r--r--config/mailscanner/mailscanner.conf.template493
1 files changed, 493 insertions, 0 deletions
diff --git a/config/mailscanner/mailscanner.conf.template b/config/mailscanner/mailscanner.conf.template
new file mode 100644
index 00000000..06090be3
--- /dev/null
+++ b/config/mailscanner/mailscanner.conf.template
@@ -0,0 +1,493 @@
+<?php
+#create MailScanner.conf
+$mc=<<<EOF
+{$info}
+# Configuration directory containing this file
+%etc-dir% = /usr/local/etc/MailScanner
+
+# Set the directory containing all the reports in the required language
+%report-dir% = /usr/local/share/MailScanner/reports/{$report_language}
+
+# Rulesets directory containing your ".rules" files
+%rules-dir% = /usr/local/etc/MailScanner/rules
+
+# Configuration directory containing files related to MCP
+# (Message Content Protection)
+%mcp-dir% = /usr/local/etc/MailScanner/mcp
+
+#
+# System settings
+# ---------------
+#
+Max Children = {$max_children}
+Run As User = postfix
+Run As Group = postfix
+Queue Scan Interval = 6
+Incoming Queue Dir = /var/spool/postfix/hold
+Outgoing Queue Dir = /var/spool/postfix/incoming
+Incoming Work Dir = /var/spool/MailScanner/incoming
+Quarantine Dir = /var/spool/MailScanner/quarantine
+PID file = /var/run/MailScanner.pid
+Restart Every = 14400
+MTA = postfix
+Sendmail = /usr/local/sbin/sendmail
+
+#
+# Incoming Work Dir Settings
+# --------------------------
+#
+Incoming Work User = postix
+Incoming Work Group = postix
+Incoming Work Permissions = 0600
+
+#
+# Quarantine and Archive Settings
+# -------------------------------
+#
+Quarantine User = postifx
+Quarantine Group = postfix
+Quarantine Permissions = 0600
+
+#
+# Processing Incoming Mail
+# ------------------------
+#
+Max Unscanned Bytes Per Scan = 100m
+Max Unsafe Bytes Per Scan = 50m
+Max Unscanned Messages Per Scan = 30
+Max Unsafe Messages Per Scan = 30
+Max Normal Queue Size = 800
+Scan Messages = {$scan_messages}
+Reject Message = {$reject_message}
+Maximum Processing Attempts = 10
+Processing Attempts Database = /var/spool/MailScanner/incoming/Processing.db
+Maximum Attachments Per Message = 200
+Expand TNEF = {$expand_tnef}
+Deliver Unparsable TNEF = {$deliver_tnef}
+Use TNEF Contents = {$attachments['tnef_contents']}
+TNEF Expander = /usr/local/bin/tnef --maxsize=100000000
+TNEF Timeout = 120
+File Command = /usr/bin/file
+File Timeout = 20
+Gunzip Command = /usr/bin/gunzip
+Gunzip Timeout = 50
+Unrar Command = /usr/local/bin/unrar
+Unrar Timeout = 50
+Find UU-Encoded Files = no
+Maximum Message Size = %rules-dir%/max.message.size.rules
+Maximum Attachment Size ={$max_size}
+Minimum Attachment Size = -1
+Maximum Archive Depth = {$archive_depth}
+Find Archives By Content ={$find_archive}
+Unpack Microsoft Documents = {$microsoft}
+Zip Attachments = {$zip_attachments}
+Attachments Zip Filename = {$zip_file}
+Attachments Min Total Size To Zip = 100k
+Attachment Extensions Not To Zip = {$zip_exclude}
+Add Text Of Doc = no
+Antiword = /usr/bin/antiword -f
+Antiword Timeout = 50
+Unzip Maximum Files Per Archive = {$unzip_max_per_archive}
+Unzip Maximum File Size = {$unzip_max}
+Unzip Filenames = *.txt *.ini *.log *.csv
+Unzip MimeType = text/plain
+
+#
+# Virus Scanning and Vulnerability Testing
+# ----------------------------------------
+#
+Virus Scanning = {$virus_scanning}
+Virus Scanners = {$antivirus['virus_scanner']}
+Virus Scanner Timeout = {$antivirus_timeout}
+Deliver Disinfected Files = {$deliver_disinfected}
+Silent Viruses = {$silent_viruses}
+Still Deliver Silent Viruses = {$deliver_silent}
+Non-Forging Viruses = Joke/ OF97/ WM97/ W97M/ eicar
+Spam-Virus Header = {$spam_virus_header}
+Virus Names Which Are Spam = Sane*UNOFFICIAL HTML/* *Phish*
+Block Encrypted Messages = {$block_encrypted}
+Block Unencrypted Messages = {$block_unencrypted}
+Allow Password-Protected Archives = {$allow_password}
+Check Filenames In Password-Protected Archives = {$check_filenames}
+Monitors for ClamAV Updates = /var/db/clamav/*.cvd
+ClamAVmodule Maximum Recursion Level = 8
+ClamAVmodule Maximum Files = 1000
+ClamAVmodule Maximum File Size = 10000000 # (10 Mbytes)
+ClamAVmodule Maximum Compression Ratio = 25
+Allowed Sophos Error Messages =
+Sophos IDE Dir = /opt/sophos-av/lib/sav
+Sophos Lib Dir = /opt/sophos-av/lib
+Monitors For Sophos Updates = /opt/sophos-av/lib/sav/*.ide
+Clamd Port = 3310
+Clamd Socket = /var/run/clamav/clamd.sock
+Clamd Lock File = # /var/lock/subsys/clamd
+Clamd Use Threads = no
+ClamAV Full Message Scan = yes
+Fpscand Port = 10200
+{$custom_antivirus_options}
+
+#
+# Removing/Logging dangerous or potentially offensive content
+# -----------------------------------------------------------
+#
+Dangerous Content Scanning = {$dangerous_content}
+Allow Partial Messages = {$partial_messages}
+Allow External Message Bodies = {$external_bodies}
+Find Phishing Fraud = {$phishing_fraud}
+Also Find Numeric Phishing = {$numeric_phishig}
+Use Stricter Phishing Net = ${stricter_phishing_net}
+Highlight Phishing Fraud = ${highlight_phishing}
+Phishing Safe Sites File = %etc-dir%/phishing.safe.sites.conf
+Phishing Bad Sites File = %etc-dir%/phishing.bad.sites.conf
+Country Sub-Domains List = %etc-dir%/country.domains.conf
+Allow IFrame Tags = {$content['iframe_tags']}
+Allow Form Tags = {$content['form_tags']}
+Allow Script Tags = {$content['script_tags']}
+Allow WebBugs = {$content['web_bugs']}
+Ignored Web Bug Filenames = spacer pixel.gif pixel.png gap shim
+Known Web Bug Servers = msgtag.com
+Web Bug Replacement = http://www.mailscanner.tv/1x1spacer.gif
+Allow Object Codebase Tags = {$content['codebase_tags']}
+Convert Dangerous HTML To Text = {$dangerous_html}
+Convert HTML To Text = {$html_to_text}
+
+#
+# Attachment Filename Checking
+# ----------------------------
+#
+Archives Are = zip rar ole
+Allow Filenames =
+Deny Filenames =
+Filename Rules = %etc-dir%/filename.rules.conf
+Allow Filetypes =
+Allow File MIME Types =
+Deny Filetypes =
+Deny File MIME Types =
+Filetype Rules = %etc-dir%/filetype.rules.conf
+Archives: Allow Filenames =
+Archives: Deny Filenames =
+Archives: Filename Rules = %etc-dir%/archives.filename.rules.conf
+Archives: Allow Filetypes =
+Archives: Allow File MIME Types =
+Archives: Deny Filetypes =
+Archives: Deny File MIME Types =
+Archives: Filetype Rules = %etc-dir%/archives.filetype.rules.conf
+Default Rename Pattern = __FILENAME__.disarmed
+
+#
+# Reports and Responses
+# ---------------------
+#
+Quarantine Infections = {$quarantine_infections}
+Quarantine Silent Viruses = {$quarantine_silent_virus}
+Quarantine Modified Body = {$quarantine_modified_body}
+Quarantine Whole Message = {$quarantine_whole_message}
+Quarantine Whole Messages As Queue Files = {$quarantine_whole_message_as_queue}
+Keep Spam And MCP Archive Clean = {$keep_spam_and_mcp}
+Language Strings = %report-dir%/languages.conf
+Rejection Report = %report-dir%/rejection.report.txt
+Deleted Bad Content Message Report = %report-dir%/deleted.content.message.txt
+Deleted Bad Filename Message Report = %report-dir%/deleted.filename.message.txt
+Deleted Virus Message Report = %report-dir%/deleted.virus.message.txt
+Deleted Size Message Report = %report-dir%/deleted.size.message.txt
+Stored Bad Content Message Report = %report-dir%/stored.content.message.txt
+Stored Bad Filename Message Report = %report-dir%/stored.filename.message.txt
+Stored Virus Message Report = %report-dir%/stored.virus.message.txt
+Stored Size Message Report = %report-dir%/stored.size.message.txt
+Disinfected Report = %report-dir%/disinfected.report.txt
+Inline HTML Signature = %report-dir%/inline.sig.html
+Inline Text Signature = %report-dir%/inline.sig.txt
+Signature Image Filename = %report-dir%/sig.jpg
+Signature Image <img> Filename = signature.jpg
+Inline HTML Warning = %report-dir%/inline.warning.html
+Inline Text Warning = %report-dir%/inline.warning.txt
+Sender Content Report = %report-dir%/sender.content.report.txt
+Sender Error Report = %report-dir%/sender.error.report.txt
+Sender Bad Filename Report = %report-dir%/sender.filename.report.txt
+Sender Virus Report = %report-dir%/sender.virus.report.txt
+Sender Size Report = %report-dir%/sender.size.report.txt
+Hide Incoming Work Dir = {$hide_incoming_work_dir}
+Include Scanner Name In Reports = {$include_scanner_name}
+#
+# Changes to Message Headers
+# --------------------------
+#
+Mail Header = X-%org-name%-MailScanner:
+Spam Header = X-%org-name%-MailScanner-SpamCheck:
+Spam Score Header = X-%org-name%-MailScanner-SpamScore:
+Information Header = X-%org-name%-MailScanner-Information:
+Add Envelope From Header = yes
+Add Envelope To Header = no
+Envelope From Header = X-%org-name%-MailScanner-From:
+Envelope To Header = X-%org-name%-MailScanner-To:
+ID Header = X-%org-name%-MailScanner-ID:
+IP Protocol Version Header = # X-%org-name%-MailScanner-IP-Protocol:
+Spam Score Character = s
+SpamScore Number Instead Of Stars = no
+Minimum Stars If On Spam List = 0
+Clean Header Value = Found to be clean
+Infected Header Value = Found to be infected
+Disinfected Header Value = Disinfected
+Information Header Value = Please contact the ISP for more information
+Detailed Spam Report = yes
+Include Scores In SpamAssassin Report = yes
+Always Include SpamAssassin Report = no
+Multiple Headers = append
+Place New Headers At Top Of Message = no
+Hostname = the %org-name% ($HOSTNAME) MailScanner
+Sign Messages Already Processed = no
+Sign Clean Messages = yes
+Attach Image To Signature = no
+Attach Image To HTML Message Only = yes
+Allow Multiple HTML Signatures = no
+Dont Sign HTML If Headers Exist = # In-Reply-To: References:
+Mark Infected Messages = yes
+Mark Unscanned Messages = yes
+Unscanned Header Value = Not scanned: please contact your Internet E-Mail Service Provider for details
+Remove These Headers = X-Mozilla-Status: X-Mozilla-Status2:
+Deliver Cleaned Messages = yes
+
+#
+# Notifications back to the senders of blocked messages
+# -----------------------------------------------------
+#
+Notify Senders = {$notify_sender}
+Notify Senders Of Viruses = {$notify_sender_viruses}
+Notify Senders Of Blocked Filenames Or Filetypes = {$notify_sender_fileytypes}
+Notify Senders Of Blocked Size Attachments = {$notify_sender_attachments}
+Notify Senders Of Other Blocked Content = {$notify_sender_contents}
+Never Notify Senders Of Precedence = list bulk
+
+#
+# Changes to the Subject: line
+# ----------------------------
+#
+Scanned Modify Subject = no # end
+Scanned Subject Text = [Scanned]
+Virus Modify Subject = start
+Virus Subject Text = [Virus?]
+Filename Modify Subject = start
+Filename Subject Text = [Filename?]
+Content Modify Subject = start
+Content Subject Text = [Dangerous Content?]
+Size Modify Subject = start
+Size Subject Text = [Size]
+Disarmed Modify Subject = start
+Disarmed Subject Text = [Disarmed]
+Phishing Modify Subject = no
+Phishing Subject Text = [Fraude?]
+Spam Modify Subject = start
+Spam Subject Text = [Spam?]
+High Scoring Spam Modify Subject = start
+High Scoring Spam Subject Text = [Spam?]
+
+#
+# Changes to the Message Body
+# ---------------------------
+#
+Warning Is Attachment = yes
+Attachment Warning Filename = %org-name%-Attachment-Warning.txt
+Attachment Encoding Charset = ISO-8859-1
+
+#
+# Mail Archiving and Monitoring
+# -----------------------------
+#
+Archive Mail =
+Missing Mail Archive Is = directory
+
+#
+# Notices to System Administrators
+# --------------------------------
+#
+Send Notices = {$send_notices}
+Notices Include Full Headers = {$notices_include_header}
+Hide Incoming Work Dir in Notices = {$hide_incoming_work_dir_notices}
+Notice Signature = {$notice_signature}
+Notices From = ${$notice_from}
+Notices To = ${$notice_to}
+Local Postmaster = postmaster
+
+#
+# Spam Detection and Virus Scanner Definitions
+# --------------------------------------------
+#
+Spam List Definitions = %etc-dir%/spam.lists.conf
+Virus Scanner Definitions = %etc-dir%/virus.scanners.conf
+
+#
+# Spam Detection and Spam Lists (DNS blocklists)
+# ----------------------------------------------
+#
+
+Spam Checks = yes
+Spam List = # spamhaus-ZEN # You can un-comment this to enable them
+Spam Domain List =
+Spam Lists To Be Spam = 1
+Spam Lists To Reach High Score = 3
+Spam List Timeout = 10
+Max Spam List Timeouts = 7
+Spam List Timeouts History = 10
+Is Definitely Not Spam = %rules-dir%/spam.whitelist.rules
+Is Definitely Spam = no
+Definite Spam Is High Scoring = no
+Ignore Spam Whitelist If Recipients Exceed = 20
+Max Spam Check Size = 200k
+
+#
+# Watermarking
+# ------------
+#
+Use Watermarking = no
+Add Watermark = yes
+Check Watermarks With No Sender = yes
+Treat Invalid Watermarks With No Sender as Spam = nothing
+Check Watermarks To Skip Spam Checks = yes
+Watermark Secret = %org-name%-Secret
+Watermark Lifetime = 604800
+Watermark Header = X-%org-name%-MailScanner-Watermark:
+
+#
+# SpamAssassin
+# ------------
+#
+
+Use SpamAssassin = {$use_sa}
+Max SpamAssassin Size = {$sa_max}
+Required SpamAssassin Score = {$sa_score}
+High SpamAssassin Score = {$hi_score}
+SpamAssassin Auto Whitelist = {$sa_auto_whitelist}
+SpamAssassin Timeout = 75
+Max SpamAssassin Timeouts = 10
+SpamAssassin Timeouts History = 30
+Check SpamAssassin If On Spam List = {$check_sa_if_on_spam_list}
+Include Binary Attachments In SpamAssassin = {$include_sa_bin_attachments}
+Spam Score = {$spam_score}
+Cache SpamAssassin Results = {$cache_spamassassin_results}
+SpamAssassin Cache Database File = /var/spool/MailScanner/incoming/SpamAssassin.cache.db
+Rebuild Bayes Every = {$rebuild_bayes}
+Wait During Bayes Rebuild = {$wait_during_bayes_rebuild}
+
+#
+# Custom Spam Scanner Plugin
+# --------------------------
+#
+Use Custom Spam Scanner = no
+Max Custom Spam Scanner Size = 20k
+Custom Spam Scanner Timeout = 20
+Max Custom Spam Scanner Timeouts = 10
+Custom Spam Scanner Timeout History = 20
+
+#
+# What to do with spam
+# --------------------
+#
+
+Spam Actions = {$spam_actions} header "X-Spam-Status: Yes"
+High Scoring Spam Actions = {$hispam_actions} header "X-Spam-Status: Yes"
+Non Spam Actions = deliver header "X-Spam-Status: No"
+SpamAssassin Rule Actions =
+Sender Spam Report = %report-dir%/sender.spam.report.txt
+Sender Spam List Report = %report-dir%/sender.spam.rbl.report.txt
+Sender SpamAssassin Report = %report-dir%/sender.spam.sa.report.txt
+Inline Spam Warning = %report-dir%/inline.spam.warning.txt
+Recipient Spam Report = %report-dir%/recipient.spam.report.txt
+Enable Spam Bounce = %rules-dir%/bounce.rules
+Bounce Spam As Attachment = no
+#
+# Logging
+# -------
+#
+Syslog Facility = {$syslog_facility}
+Log Speed = {$log_speed}
+Log Spam = {$log_spam}
+Log Non Spam = {$log_non_spam}
+Log Delivery And Non-Delivery = {$log_delivery}
+Log Permitted Filenames = {$log_filenames}
+Log Permitted Filetypes = {$log_filetypes}
+Log Permitted File MIME Types = {$log_mime}
+Log Silent Viruses = {$log_silent}
+Log Dangerous HTML Tags = {$log_dangerous}
+Log SpamAssassin Rule Actions = {$log_sa_rule_action}
+
+#
+# Advanced SpamAssassin Settings
+# ------------------------------
+#
+SpamAssassin Temporary Dir = /var/spool/MailScanner/incoming/SpamAssassin-Temp
+SpamAssassin User State Dir =
+SpamAssassin Install Prefix =
+SpamAssassin Site Rules Dir = /usr/local/etc/mail/spamassassin
+SpamAssassin Local Rules Dir =
+SpamAssassin Local State Dir = # /var/lib/spamassassin
+SpamAssassin Default Rules Dir =
+
+#
+# MCP (Message Content Protection)
+# -----------------------------
+#
+
+MCP Checks = {$mcp_checks}
+First Check = spam
+MCP Required SpamAssassin Score = {$mcp_score}
+MCP High SpamAssassin Score = {$hi_mcp_score}
+MCP Error Score = 1
+MCP Header = X-%org-name%-MailScanner-MCPCheck:
+Non MCP Actions = deliver
+MCP Actions = {$mcp_action}
+High Scoring MCP Actions = {$mcp_hi_action}
+Bounce MCP As Attachment = {$bounce_mcp}
+MCP Modify Subject = start
+MCP Subject Text = [MCP?]
+High Scoring MCP Modify Subject = start
+High Scoring MCP Subject Text = [MCP?]
+
+Is Definitely MCP = {$is_mcp}
+Is Definitely Not MCP = {$is_not_mcp}
+Definite MCP Is High Scoring = {$mcp_is_high_score}
+Always Include MCP Report = {$include_mcp_report}
+Detailed MCP Report = {$detailled_mcp_report}
+Include Scores In MCP Report = {$score_mcp_report}
+Log MCP = {$log_mcp}
+
+MCP Max SpamAssassin Timeouts = 20
+MCP Max SpamAssassin Size = {$mcp_max}
+MCP SpamAssassin Timeout = 10
+
+MCP SpamAssassin Prefs File = %mcp-dir%/mcp.spam.assassin.prefs.conf
+MCP SpamAssassin User State Dir =
+MCP SpamAssassin Local Rules Dir = %mcp-dir%
+MCP SpamAssassin Default Rules Dir = %mcp-dir%
+MCP SpamAssassin Install Prefix = %mcp-dir%
+Recipient MCP Report = %report-dir%/recipient.mcp.report.txt
+Sender MCP Report = %report-dir%/sender.mcp.report.txt
+
+#
+# Advanced Settings
+# -----------------
+#
+Use Default Rules With Multiple Recipients = {$default_rule_multiple}
+Read IP Address From Received Header = {$read_ipaddress}
+Spam Score Number Format = {$spam_score_format}
+MailScanner Version Number = 4.83.5
+SpamAssassin Cache Timings = {$cache_timings}
+Debug = {$debug}
+Debug SpamAssassin = {$debug_spam}
+Run In Foreground = {$foreground}
+Always Looked Up Last = {$look_up_last}
+Always Looked Up Last After Batch = {$look_up_last_batch}
+Deliver In Background = {$deliver_background}
+Delivery Method = {$mailscanner['deliver_method']}
+Split Exim Spool = {$split_exim_spool}
+Lockfile Dir = /var/spool/MailScanner/incoming/Locks
+Custom Functions Dir = /usr/local/lib/MailScanner/MailScanner/CustomFunctions
+Lock Type =
+Syslog Socket Type =
+Automatic Syntax Check = {$syntax_check}
+Minimum Code Status = {$mailscanner['minimum_code']}
+include /usr/local/etc/MailScanner/conf.d/*
+
+
+
+EOF;
+?>