2
### Configuration file for Semi's Spam Milter
4
### When filter starts configuration file (sspamm.conf) would be searched
5
### from paths in this order: Current directory, /etc/sspamm and /etc
8
# Name of our filter, must be same as defined in sendmail
11
# In /etc/mail/sendmail.mc you should define same port, here is also
12
# information about flags used in 'INPUT_MAIL_FILTER' macro:
14
# /********************* This stuff goes to sendmail.mc ********************
17
#dnl # (If a filter is unavailable or unresponsive and no 'F'lags have been
18
#dnl # specified, the MTA will continue normal handling of the current
19
#dnl # connection. The MTA will try to contact the filter again on each
20
#dnl # new connection.)
25
#dnl # S - Sending Data
26
#dnl # R - Reading Data
27
#dnl # E - Overall timeout between sending end-of-message to filter and waiting for the final acknowledgment.
30
#define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl
31
#define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl
32
#define(`confMILTER_MACROS_ENVFROM',`i, {auth_type}, {auth_authen}, {auth_ssf}, {auth_author}, {mail_mailer}, {mail_host}, {mail_addr}')dnl
33
#define(`confMILTER_MACROS_ENVRCPT',`{rcpt_mailer}, {rcpt_host}, {rcpt_addr}')dnl
35
#INPUT_MAIL_FILTER(`sspamm', `S=inet:7999@localhost, F=T, T=C:10m;E:10m;R:10m;S:5m')dnl
37
# ********************* This stuff goes to sendmail.mc ********************/
39
# Define port/socket that filter would listen.
41
#port: local:/tmp/sspamm.sock
47
# If sspamdir path is not defined, files would be used/saved/created in same
48
# that that configuration file is in.
55
## On/Off parameters can be used with values: False, No, 0 or True, Yes, 1
58
#### timeme and syslog is going to be removed?
60
# Define debugfile if you want debug logging into file
63
# Path to create mail 'var' files (for debug purpouses)
66
# Save information about time spend in different steps while filtering
67
# Times are shown on saved .var file, or on debug log with higher verbose
71
# Verbose can also be numerical for more verbose output. Verbose levels are:
72
# 0 - No debug logging at all
74
# 3 - Full debug information
77
# Make detailed rejections
82
# ***** NOTICE, YOU SHOULD DISABLE THIS AFTER YOU HAVE CONFIGURED FILTER *****
85
# If WatchMode is True, all mails are passed without modifying anything, only
86
# logging would take place
90
##############################################################################
93
# We define default tests here. Possible values are:
94
# connect Our white-/blacklisting
95
# helo Imitates to be us
96
# ipfromto Sender/Recipient matching
98
# dyndns Dynamic DNS-name
99
# bayesian Bayesian SPAM/HAM probability
100
# wordscan Scan message body for strings
101
# vscan Virus scanning with BDC ... (DISABLED!)
103
tests: connect, helo, accept, block, ipfromto, samefromto, headers, dyndns, wordscan, bayesian, rbl, charset
105
# Note! If bayesian is before RBL/DynDNS mail with 'HAM' class is passed as
106
# 'UNSURE' if RBL/DynDNS matches... If Bayesian is after them, test rules
109
# We only filter for these domains. It is possible to define different rules for domains.
110
# You can define scans to use with domain match (below, only those 3 tests are done):
111
# foobar.com, ourdomain.org: connect, helo
112
# ... append 'non default' test for domain:
113
# tests: connect, helo, ipfromto
115
# ourdomain.org: +rbl
117
# Or opt-out scans from default tests:
118
# other.com: !bayesian
120
# Domains can be defined here in (real) regexp
122
somedomain1.(net|fi|se|as|ch|be|gr): ipfromto
124
(guest1|guest2|guest3).com
125
(fi.|se.)?(customer|alias).com: !charset
126
foobar.net|foo.net|foo.com|thisisfoo.org
127
domain2.(com|net|fi|se|dk): accept, samefromto, connect, helo, block, ipfromto, dyndns, headers, wordscan, bayesian, rbl, charset
128
ourdomain.org, someother.net, anyone.com
129
domain.org: !bayesian
131
# Note: .* below means ANY ADDRESS
135
# It is possible to define few special things on domains. These are made in
136
# filter/rules section. It is possible to group multiple domains to single
137
# name, so there are not multiple 'domaindb' files for same (real) domain
138
# with multiple domain names. Rules section does not affect what domains are
140
# crescom.*|on(-)?demand\..*: name=crescom
142
# Other rules available:
143
# (!)watch You can (un)set 'debugmode' for individual domain
144
# flagall Flag EVERY action, all mails are passed but flagged.
146
# Test based parameters that can be used here:
147
# Bayesian: ratio=[value], msgsneeded=[value], (!)usedomaindb, (!)dbtrain, (!)savembox
150
# testdomain.org: flagall
151
# ALWAYS filter this domain, even in watch mode!
152
# ^somedomain1\.: name=somedomain1, !watch
153
# ^(guest1|guest2)\.: name=guest, msgsneeded=4000, ratio=500:500
154
# (domain2|another).com: msgsneeded=100
155
# (\.)?foobar\.: name=foobar
156
# ^ourdomain.*: name=our
161
# Outgoing mail is always ACCEPTED without logging
162
ignore_ip: 127.0.0.1|192.168.|10.|42.42.4[1-2].
169
(email-\d\d\d|outbound\d.den|mx\d.\w\w\w).paypal.com:(payment@|paypal@email.|service@intl.)paypal.com:
170
.tfbnw.net:notification[\d\w._-]+@facebookmail.com:
171
mx(smf)?pool\d\d.ebay.com:(checkout|status|member|ebay|[\d\w._-]+)@.*ebay\.\w\w(\w)?:
172
(smfcamppool\d\d.emailebay.com|emasmail\d.emarsys.net):ebay.*(@reply\d\.ebay\.com|@ebay\.emarsys\.net):
173
(wcmx\d)?.valvesoftware.com:.*@valvesoftware.com:
174
ticketmaster.com:.*ticketmaster.com:
175
(itmsout)?.apple.com:([\d\w._-]+@insideapple.|do_not_reply@)apple.com:
179
# Matches as sender AND recipient
180
firstname.(last|sure)name@|etunimi.sukunimi@
181
# Matches as recipient
182
spamtrap@somewhere.net$
183
(unknown.user|another.one).*@somedomain.org$
184
# Not real mail domain