madscientist
/
SNFUtility
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen mit entweder einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
64 Commits
1 Branch
Struktur: 283d0e520d
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „283d0e520d“
${ noResults }
SNFUtility/SNFMilterConfig/SNFMilter_second_append.xml

SNFMilter_second_append.xml 8.3KB
Originalformat Blame Verlauf

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192 
  1. <!-- SNFMulti V3.0 Configuration File, Setup: Typical of SNFMilter -->

  2. <!-- http://www.armresearch.com/support/articles/software/snfServer/config/snfEngine.jsp -->

  3. <!-- Milter specific settings are found in the <platform/> section -->

  4. 

  5. <snf>

  6.     <node identity='/etc/snf-milter/identity.xml'>

  7. 

  8.         <paths>

  9.             <log path='/var/log/snf-milter/'/>

  10.             <rulebase path='/usr/share/snf-milter/'/>

  11.             <workspace path='/usr/share/snf-milter/'/>

  12.         </paths>

  13. 

  14.         <logs>

  15. 

  16.             <rotation localtime='no'/>

  17. 

  18.             <status>

  19.                 <second log='yes' append='yes'/>

  20.                 <minute log='yes' append='yes'/>

  21.                 <hour log='no' append='no'/>

  22.             </status>

  23. 

  24.             <scan>

  25.                 

  26.                 <identifier force-message-id='no'/>

  27.                 <classic mode='none' rotate='yes' matches='unique'/>

  28.                 <xml mode='file' rotate='yes' matches='unique' performance='yes' gbudb='yes'/>

  29. 

  30.                 <xheaders>

  31.                     <output mode='api'/>

  32. 

  33.                     <version on-off='off'>X-MessageSniffer-Version</version>

  34.                     <license on-off='off'>X-MessageSniffer-License</license>

  35.                     <rulebase on-off='off'>X-MessageSniffer-RulebaseUTC</rulebase>

  36.                     <identifier  on-off='off'>X-MessageSniffer-Identifier</identifier>

  37.                     <gbudb on-off='on'>X-GBUdb-Analysis</gbudb>

  38.                     <result on-off='off'>X-MessageSniffer-Scan-Result</result>

  39.                     <matches on-off='on'>X-MessageSniffer-Rules</matches>

  40. 

  41.                     <black on-off='off'>X-MessageSniffer-Spam: Yes</black>

  42.                     <white on-off='off'>X-MessageSniffer-White: Yes</white>

  43.                     <clean on-off='off'>X-MessageSniffer-Clean: Yes</clean>

  44.                     <symbol on-off='off' n='0'>X-MessageSniffer-SNF-Group: OK</symbol>

  45.                     <symbol on-off='off' n='20'>X-MessageSniffer-SNF-Group: Truncated</symbol>

  46.                     <symbol on-off='off' n='30'>X-MessageSniffer-SNF-Group: Caution</symbol>

  47.                     <symbol on-off='off' n='63'>X-MessageSniffer-SNF-Group: Black</symbol>

  48.                     <symbol on-off='off' n='62'>X-MessageSniffer-SNF-Group: Obfuscation</symbol>

  49.                     <symbol on-off='off' n='61'>X-MessageSniffer-SNF-Group: Abstract</symbol>

  50.                     <symbol on-off='off' n='60'>X-MessageSniffer-SNF-Group: General</symbol>

  51.                     <symbol on-off='off' n='59'>X-MessageSniffer-SNF-Group: Casinos-Gambling</symbol>

  52.                     <symbol on-off='off' n='58'>X-MessageSniffer-SNF-Group: Debt-Credit</symbol>

  53.                     <symbol on-off='off' n='57'>X-MessageSniffer-SNF-Group: Get-Rich</symbol>

  54.                     <symbol on-off='off' n='56'>X-MessageSniffer-SNF-Group: Ink-Toner</symbol>

  55.                     <symbol on-off='off' n='55'>X-MessageSniffer-SNF-Group: Malware</symbol>

  56.                     <symbol on-off='off' n='54'>X-MessageSniffer-SNF-Group: Porn-Dating-Adult</symbol>

  57.                     <symbol on-off='off' n='53'>X-MessageSniffer-SNF-Group: Scam-Phishing</symbol>

  58.                     <symbol on-off='off' n='52'>X-MessageSniffer-SNF-Group: Snake-Oil</symbol>

  59.                     <symbol on-off='off' n='51'>X-MessageSniffer-SNF-Group: Spamware</symbol>

  60.                     <symbol on-off='off' n='50'>X-MessageSniffer-SNF-Group: Media-Theft</symbol>

  61.                     <symbol on-off='off' n='49'>X-MessageSniffer-SNF-Group: AV-Push</symbol>

  62.                     <symbol on-off='off' n='48'>X-MessageSniffer-SNF-Group: Insurance</symbol>

  63.                     <symbol on-off='off' n='47'>X-MessageSniffer-SNF-Group: Travel</symbol>

  64.                     

  65.                 </xheaders>

  66.             </scan>

  67.         </logs>

  68. 

  69.         <network>

  70.             <sync secs='30' host='sync.messagesniffer.net' port='25'/>

  71.             <update-script on-off='on' call='/usr/sbin/getRulebase' guard-time='180'/>

  72.         </network>

  73. 

  74.         <xci on-off='off' port='9001'/>

  75. 

  76.         <gbudb>

  77.             <database>

  78. 

  79.                 <condense minimum-seconds-between='600'>

  80.                     <time-trigger on-off='on' seconds='86400'/>

  81.                     <posts-trigger on-off='off' posts='1200000'/>

  82.                     <records-trigger on-off='off' records='600000'/>

  83.                     <size-trigger on-off='on' megabytes='150'/>

  84.                 </condense>

  85. 

  86.                 <checkpoint on-off='on' secs='3600'/>

  87. 

  88.             </database>

  89. 

  90.             <regions>

  91. 

  92.                 <white on-off='on' symbol='0'>

  93.                     <edge probability='-1.0' confidence='0.4'/>

  94.                     <edge probability='-0.8' confidence='1.0'/>

  95.                     <panic on-off='on' rule-range='1000'/>

  96.                 </white>

  97. 

  98.                 <caution on-off='on' symbol='40'>

  99.                     <edge probability='0.4' confidence='0.0'/>

  100.                     <edge probability='0.8' confidence='0.5'/>

  101.                 </caution>

  102. 

  103.                 <black on-off='on' symbol='63'>

  104.                     <edge probability='0.8' confidence='0.2'/>

  105.                     <edge probability='0.8' confidence='1.0'/>

  106.                     <truncate on-off='on' probability='0.9' peek-one-in='5' symbol='20'/>

  107.                     <sample on-off='on' probability='0.8' grab-one-in='5' passthrough='no' passthrough-symbol='0'/>

  108.                 </black>

  109. 

  110.             </regions>

  111. 

  112.             <training on-off='on'>

  113. 

  114.                 <bypass>

  115.                     <!-- <header name='To:' find='spam@example.com'/> -->

  116.                     <!-- <header name='Received:' ordinal='1' find='friendlyhost.com'/> -->

  117.                 </bypass>

  118. 

  119.                 <drilldown>

  120.                     <!-- <received ordinal='0' find='[12.34.56.'/> where we want to ignore 12.34.56.0/24 -->

  121.                     <!-- <received ordinal='0' find='mixed-source.com'/> -->

  122.                     <!-- <received ordinal='1' find='mixed-source-internal.com'/> -->

  123.                 </drilldown>

  124. 

  125.                 <source>

  126.                     <!-- <header name='X-Use-This-Source:' received='mixedsource.com [' ordinal='0' /> -->

  127.                     <!-- <header name='X-Originating-IP:' received='hotmail.com [' ordinal='0' /> -->

  128.                 </source>

  129. 

  130.                 <white>

  131.                     <result code='1'/>

  132.                     <!-- <header name='Received:' ordinal='0' find='.friendlyhost.com'/> -->

  133.                 </white>

  134. 

  135.             </training>

  136. 

  137.         </gbudb>

  138. 

  139.         <rule-panics>

  140.             <!--

  141.             <rule id='123456'/>

  142.             <rule id='123457'/>

  143.             -->

  144.         </rule-panics>

  145. 

  146.         <!-- Platform Specific Configuration -->

  147.         <platform>

  148.             <milter>

  149.                 <!--

  150.                     Socket for communication with the MTA.  This

  151.                     element is required.

  152. 

  153.                     <socket type='tcp' ip='127.0.0.1' port='1234'/>

  154.                 -->

  155.                 <socket type='unix' path='/var/snf-milter/socket' group='snfuser'/>

  156.                 <!--

  157.                 Actions:

  158.                     Allow - Process the message, return SMFIS_CONTINUE*

  159.                     Accept - White-list accept, return SMFIS_ACCEPT

  160.                     Retry - Try again later, return SMFIS_TEMPFAIL*

  161.                     Reject - Reject the message, return SMFIS_REJECT*

  162.                     Discard - Discard the message, return SMFIS_DISCARD

  163.                     Quarantine - Quarantine the message, Call smfi_quarantine()

  164. 

  165.                 Valid Connect Actions: Allow, Accept, Retry, Reject

  166. 

  167.                 Valid Scan Actions: Allow, Accept, Retry, Reject, Discard, Quarantine

  168. 

  169.                 -->

  170.                 <connect>

  171.                     <white action='Accept'/>

  172.                     <caution action='Allow'/>

  173.                     <black action='Allow'/>

  174.                     <truncate action='Reject'/>

  175.                 </connect>

  176. 

  177.                 <scan>

  178.                     <result code='20' action='Discard'/>

  179.                     <result code='40' action='Allow'/>

  180.                     <result code='63' action='Quarantine'/>

  181.                     <result code='1' action='Accept'/>

  182.                     <nonzero action='Quarantine'/>

  183.                 </scan>

  184. 

  185.             </milter>

  186.         </platform>

  187. 

  188.         <msg-file type='rfc822'/>

  189. 

  190.     </node>

  191. </snf>

  192.