mod-antispam — format of mod-antispam component configuration
General syntax rules of Kernun Firewall configuration files are described in configuration(7). This man page describes types, sections and items specific for the mod-antispam component configuration.
Repeatable sections/items are marked by
the '*
' before section/item name.
Configuration directives have attributes of several value-types. For the basic types description, see configuration(7).
Enumeration is a list of words (names) representing integer values. Some enumerations accept both names and direct integer values; in this case, enumeration description contains values for every name (in parenthesis next to name). For other enumerations, using of names is obligatory.
The following enumerations are used in mod-antispam configuration directives:
enabling
(see common(5))Configuration of mod-antispam library component consists of following prototypes:
* antispam name
{ ... }
use-antispam ... ;
antispam
name
{
connection ... ;
sock-opt { ... }
altq ... ;
}
Channel to antispam daemon.
This global section defines the way to communicate with selected antispam daemon. Name of such section is to be used in particular proxy configuration when defining mode of operation.
The current version of antispam module has implemented usage of the only antispam daemon, namely SpamAssassin (spamd). However, the antispam score is multiplied by 1000 for future compatibility. For the same reason, the negative values are changed to zero.
If the check fails, the SPAM-SCORE value is set to a special value (-2) which is later matched by special value of UNKNOWN (see common(5)).
Connection parameters of SpamAssassin server must be defined.
connection
socket
;Socket address of SpamAssassin (spamd).
socket
(type: sock
)sock-opt
{
conn-timeout ... ;
recv-bufsize ... ;
close-timeout ... ;
send-bufsize ... ;
log-limit ... ;
}
Connection to spamd options.
sock-opt
section is derived from
sock-opt
section prototype.
For detail description of it, see netio(5).
sock-opt
section:Item recv-timeout
is not valid.
Item send-timeout
is not valid.
altq
altq
[paltq
paltq
];ALTQ queues for data sent to antispam.
altq
(type: name
of pf-queue
, see pf-queue(5))queue name
paltq
paltq
(type: name
of pf-queue
, see pf-queue(5), optional, default: NULL)priority queue name (if set, used for TCP ACK without data)
[End of section antispam
description.]
use-antispam
disable
;use-antispam
enable
channel
[limit
];Antispam usage.
This section defines type of antispam daemon used and mode of antispam checking operation.
enabling
)channel
(type: name
of antispam
, see above)Name of antispam global section used.
Referred section defines the way how to communicate with the antispam daemon (see above).
limit
(type: uint64
, optional, default: 0)Size limit (in bytes) for antispam check.
Antispam checking used to be very exhausting operation, and typical spam mails used to be not very large (both for passing by size limit filters and for being able to send a lot of copies). That's why it can be desired to avoid checking of very large mails.
Setting of this limit says antispam module not to check mails larger than given limit and declare their spam score to zero.
Setting this limit to zero disables this feature and enables using of antispam to all mails. Be prepared for high machine load and noticeable delay in delivery if used so.