madscientist
/
SNF4CGP
Sledovat 1
Oblíbit 0
Rozštěpit 0
Zdrojový kód Úkoly 0 Požadavky na natažení 0 Vydání 0 Wiki Aktivita
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.
60 Revize
1 Větev
Větev: master
Větve Značky
${ item.name }
Vytvořit větev ${ searchTerm }
z „master“
${ noResults }
SNF4CGP/Misc/snf_engine.xml.sample.in

snf_engine.xml.sample.in 7.6KB
Surový Trvalý odkaz Blame Historie

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166 
  1. <?xml version="1.0"?>

  2. <?xml-stylesheet type="text/xsl" 

  3.     href="snf-configuration.xsl"?>

  4. 

  5. <!-- SNFMulti V3.0 Configuration File, Setup: Typical of SNF4CGP -->

  6. <!-- http://www.armresearch.com/support/articles/software/snfServer/config/snfEngine.jsp -->

  7. 

  8. <snf>

  9.     <node identity='/var/CommuniGate/CGPSNF/identity.xml'>

  10. 

  11.         <paths>

  12.             <log path='/var/CommuniGate/CGPSNF/'/>

  13.             <rulebase path='/var/CommuniGate/CGPSNF/'/>

  14.             <workspace path='/var/CommuniGate/CGPSNF/'/>

  15.         </paths>

  16. 

  17.         <logs>

  18. 

  19.             <rotation localtime='no'/>

  20. 

  21.             <status>

  22.                 <second log='yes' append='no'/>

  23.                 <minute log='yes' append='no'/>

  24.                 <hour log='no' append='no'/>

  25.             </status>

  26. 

  27.             <scan>

  28.                 <identifier force-message-id='no'/>

  29.                 <classic mode='api' rotate='yes' matches='unique'/>

  30.                 <xml mode='file' rotate='yes' matches='all' performance='yes' gbudb='yes'/>

  31. 

  32.                 <xheaders>

  33.                     <output mode='api'/>

  34. 

  35.                     <version on-off='off'>X-MessageSniffer-Version</version>

  36.                     <license on-off='off'>X-MessageSniffer-License</license>

  37.                     <rulebase on-off='off'>X-MessageSniffer-RulebaseUTC</rulebase>

  38.                     <identifier  on-off='off'>X-MessageSniffer-Identifier</identifier>

  39.                     <gbudb on-off='on'>X-GBUdb-Analysis</gbudb>

  40.                     <result on-off='on'>X-MessageSniffer-Scan-Result</result>

  41.                     <matches on-off='on'>X-MessageSniffer-Rules</matches>

  42. 

  43.                     <black on-off='off'>X-MessageSniffer-Spam: Yes</black>

  44.                     <white on-off='off'>X-MessageSniffer-White: Yes</white>

  45.                     <clean on-off='off'>X-MessageSniffer-Clean: Yes</clean>

  46.                     <symbol on-off='off' n='0'>X-MessageSniffer-SNF-Group: OK</symbol>

  47.                     <symbol on-off='off' n='20'>X-MessageSniffer-SNF-Group: Truncated</symbol>

  48.                     <symbol on-off='off' n='40'>X-MessageSniffer-SNF-Group: Caution</symbol>

  49.                     <symbol on-off='off' n='63'>X-MessageSniffer-SNF-Group: Black</symbol>

  50.                     <symbol on-off='off' n='62'>X-MessageSniffer-SNF-Group: Obfuscation</symbol>

  51.                     <symbol on-off='off' n='61'>X-MessageSniffer-SNF-Group: Abstract</symbol>

  52.                     <symbol on-off='off' n='60'>X-MessageSniffer-SNF-Group: General</symbol>

  53.                     <symbol on-off='off' n='59'>X-MessageSniffer-SNF-Group: Casinos-Gambling</symbol>

  54.                     <symbol on-off='off' n='58'>X-MessageSniffer-SNF-Group: Debt-Credit</symbol>

  55.                     <symbol on-off='off' n='57'>X-MessageSniffer-SNF-Group: Get-Rich</symbol>

  56.                     <symbol on-off='off' n='56'>X-MessageSniffer-SNF-Group: Ink-Toner</symbol>

  57.                     <symbol on-off='off' n='55'>X-MessageSniffer-SNF-Group: Malware</symbol>

  58.                     <symbol on-off='off' n='54'>X-MessageSniffer-SNF-Group: Porn-Dating-Adult</symbol>

  59.                     <symbol on-off='off' n='53'>X-MessageSniffer-SNF-Group: Scam-Phishing</symbol>

  60.                     <symbol on-off='off' n='52'>X-MessageSniffer-SNF-Group: Snake-Oil</symbol>

  61.                     <symbol on-off='off' n='51'>X-MessageSniffer-SNF-Group: Spamware</symbol>

  62.                     <symbol on-off='off' n='50'>X-MessageSniffer-SNF-Group: Media-Theft</symbol>

  63.                     <symbol on-off='off' n='49'>X-MessageSniffer-SNF-Group: AV-Push</symbol>

  64.                     <symbol on-off='off' n='48'>X-MessageSniffer-SNF-Group: Insurance</symbol>

  65.                     <symbol on-off='off' n='47'>X-MessageSniffer-SNF-Group: Travel</symbol>

  66. 

  67.                 </xheaders>

  68.             </scan>

  69.         </logs>

  70. 

  71.         <network>

  72.             <sync secs='30' host='sync.messagesniffer.net' port='25'/>

  73.             <update-script on-off='on' call='/var/CommuniGate/CGPSNF/getRulebase' guard-time='180'/>

  74.         </network>

  75. 

  76.         <xci on-off='on' port='9001'/>

  77. 

  78.         <gbudb>

  79.             <database>

  80. 

  81.                 <condense minimum-seconds-between='600'>

  82.                     <time-trigger on-off='on' seconds='86400'/>

  83.                     <posts-trigger on-off='off' posts='1200000'/>

  84.                     <records-trigger on-off='off' records='600000'/>

  85.                     <size-trigger on-off='on' megabytes='150'/>

  86.                 </condense>

  87. 

  88.                 <checkpoint on-off='on' secs='3600'/>

  89. 

  90.             </database>

  91. 

  92.             <regions>

  93. 

  94.                 <white on-off='on' symbol='0'>

  95.                     <edge probability='-1.0' confidence='0.4'/>

  96.                     <edge probability='-0.8' confidence='1.0'/>

  97.                     <panic on-off='on' rule-range='1000'/>

  98.                 </white>

  99. 

  100.                 <caution on-off='on' symbol='40'>

  101.                     <edge probability='0.4' confidence='0.0'/>

  102.                     <edge probability='0.8' confidence='0.5'/>

  103.                 </caution>

  104. 

  105.                 <black on-off='on' symbol='63'>

  106.                     <edge probability='0.8' confidence='0.2'/>

  107.                     <edge probability='0.8' confidence='1.0'/>

  108.                     <truncate on-off='on' probability='0.9' peek-one-in='5' symbol='20'/>

  109.                     <sample on-off='on' probability='0.8' grab-one-in='5' passthrough='no' passthrough-symbol='0'/>

  110.                 </black>

  111. 

  112.             </regions>

  113. 

  114.             <training on-off='on'>

  115. 

  116.                 <bypass>

  117.                     <!-- <header name='To:' find='spam@example.com'/> -->

  118.                     <!-- <header name='Received:' ordinal='1' find='friendlyhost.com'/> -->

  119.                 </bypass>

  120. 

  121.                 <drilldown>

  122.                     <!-- <received ordinal='0' find='[12.34.56.'/> where we want to ignore 12.34.56.0/24 -->

  123.                     <!-- <received ordinal='0' find='mixed-source.com'/> -->

  124.                     <!-- <received ordinal='1' find='mixed-source-internal.com'/> -->

  125.                 </drilldown>

  126. 

  127.                 <source>

  128.                     <!-- <header name='X-Use-This-Source:' received='mixedsource.com [' ordinal='0' /> -->

  129.                     <!-- <header name='X-Originating-IP:' received='hotmail.com [' ordinal='0' /> -->

  130.                 </source>

  131. 

  132.                 <white>

  133.                     <result code='1'/>

  134.                     <!-- <header name='Received:' ordinal='0' find='.friendlyhost.com'/> -->

  135.                 </white>

  136. 

  137.             </training>

  138. 

  139.          </gbudb>

  140. 

  141.          <rule-panics>

  142.              <!--

  143.              <rule id='123456'/>

  144.              <rule id='123457'/>

  145.              -->

  146.          </rule-panics>

  147. 

  148.          <platform>

  149.              <snf4cgp>

  150.                  <ham action='Allow' reason='Message OK' comment='Message OK' headers='no' classic='no' xml='no'>

  151.                      <result code='0' comment='(0) Not Spam/Malware' />

  152.                      <result code='1' comment='(1) White Rule/IP-Range' />

  153.                  </ham>

  154.                  <spam action='Allow' reason='Spam/Malware' comment='Spam/Malware' headers='yes' classic='no' xml='no' hold-path='quarantine'>

  155.                      <result code='20' action='Reject' reason='Source IP black listed (GBUdb/truncate)' comment='(20) Truncate' />

  156.                      <result code='40' action='Postpone' reason='Source IP suspect (GBUdb/caution)' comment='(40) Caution' />

  157.                      <result code='63' action='Postpone' reason='Source IP suspect (GBUdb/black)' comment='(63) Black' />

  158.                  </spam>

  159.              </snf4cgp>

  160.          </platform>

  161. 

  162.          <msg-file type='cgp'/>

  163. 

  164.     </node>

  165. </snf>

  166.