Notification templates are represented as files which have the .msg extension. These files store an email message structure corresponding to RFC 822 and can contain different headers. Template files are used by Notifier to generate service messages that can be one of the following types: MailD notifications, statistics reports, and DSN notifications.
In addition to plain text, you can also use macros in a template body by marking them with a $ character. While a notification is generated from the template, they are replaced with real macros.
Notification processing
When Dr.Web MailD is processing a message, any plug-in can request a notification on any event (virus detection, processing error, message blocking). Notifications are created by Notifier (the drweb-notifier plug-in) which generates a message and then sends it via Sender. Moreover, Sender can request Notifier to generate a DSN message for the sender notifying on a delivery failure.
All notifications and reports, including DSN, are generated from the templates which Notifier searches for in the directory specified in the TemplatesBaseDir parameter value.
A notification can be one of the following three types:
•MailD notifications sent on a certain message
Notifier uses message processing Rules (for details on the Rules, refer to the Message Processing Rules section) to check whether it is required to generate a notification for each of the following participants:
•message sender;
•message recipients (individual notifications are sent to those recipients for whom different notification settings are specified);
•Dr.Web MailD administrator.
Name of the template file used for generation of notifications is formed by adding the sender_, rcpts_, and admin_ prefixes respectively to the name of the event on which notification is generated and adding the .msg extension. Thus, a template file name corresponds to the following regular expression:
(admin|rcpts|sender)_(.*?)\.msg.
For example, sender_virus.msg is a name of a template used for notification on virus detection. If a template with such a name is not found, an error occurs. Events on which MailD notifications can be generated and suffixes used to indicate a type of the event are listed in the table below.
Suffix |
Notification reason |
|---|---|
archive |
Attached archive is not checked due to violation of archive check restrictions specified for the scanning Dr.Web Daemon |
cured |
Successful attempt to cure a threat detected in a mail attachment |
error |
Error occurred when checking the message |
license |
Failure to check the message due to violation of the license restrictions |
malware |
Detection of a malicious attachment |
rule |
Blocking a message by a Rule (either a MailD core message processing Rule or a rule used by or Dr.Web Modifier or Dr.Web HeadersFilter plug-ins) |
skip |
Skipping an attachment while scanning (e.g., password protected archive or encrypted file) |
virus |
Detection of a virus in an attachment |
|
Note that •Notifications of some types are sent only to certain recipients. For example, by default, notification on Skip event is sent only to the message sender(sender_skip.msg). If required, notifications on this event can be dispatched to others if the template is copied and renamed (rcpts_skip.msg and admin_skip.msg for recipients and administrator respectively). However, it is also recommended to modify these templates so that they contain information suitable for a certain recipient. Templates available by default are listed in the table below. •If several events occur during check of one message, Notifier sends a separate notification for each event to all recipients for whom that is allowed. •It is possible to disable notifications of certain types to certain recipients depending on condition validation results. To do that, use the notify setting in MailD core rules of message processing. |
•Periodic MailD notifications on total operation of the suite (reports for the administrator)
Notifications of this type are sent by Notifier to the administrator. The notifications contain general statistics on the suite operation. The template is contained in the report.msg file.
•Service notifications on a message delivery failure (DSN)
Notifications of this type have a certain format and are generated to notify the message sender on a delivery failure. DSN is always sent to the message sender and has an empty FROM: header. The used template is contained in the dsn.msg file.
In each case, the Dr.Web for UNIX mail servers component which requested notification sends information on the reason to the drweb-notifier plug-in. All templates except for DSN templates support the following two message types by default: HTML and plain text. Type of the notification message is selected according to the html parameter value specified in the message processing Rules.
Note that MailD notifications and periodic administrator reports are sent from the address specified in the FilterMail parameter; at that, notifications, as well as DSN, are checked on matching the Rules.
|
Note that MailD notifications are dispatched to the message recipients, message senders, and the administrator by Notifier as a message sent from the address specified in the FilterMail parameter value. Service notifications DSN always have an empty From: field. |
Name of a template file can be changed depending on certain criteria. For that purpose, the NotificationNamesMap parameter is used in message processing Rules. The parameter value defines how the name of a notification transmitted to Notifier is mapped to a new value from which a new template name is formed according to the above-mentioned pattern. It is reasonable to map a name to the one that Notifier can recognize, otherwise, the required file cannot be found. Such a situation is treated as an error and is processed according to the ProcessingError parameter value.
|
Note that the NotificationNamesMap parameter allows to configure selection of different user template files only for generating notifications of the second and third types; that is, only for periodic reports and DSN. |
Example
[Rule:buh] ... NotificationNamesMap = report r1, dsn d1 ... [Rules] to:regex:*@buh.domain.org cont rule=buh |
After this message processing Rule is applied, notifications of the second type (periodic reports) and DSN are generated from the report_r1.msg and dsn_d1.msg files respectively when mail messages are received from the buh.domain.org domain.
|
Please note that Dr.Web MailD is supplied with a standard dsn.msg template for DSN notifications and an additional dsn_for_exchange.msg template. The latter is a special DSN template used only if a target MTA is an MS Exchange mail server (required due to implementation features of MS Exchange that is not fully compliant with RFC 3464). This special DSN cannot be used with other MTAs. If it is required to use dsn_for_exchange.msg, change the standard dsn.msg template to it with the following command: cp dsn_for_exchange.msg dsn.msg That allows you to avoid reconfiguration of Notifier. If you may need to use the standard dsn.msg template in the future, save its copy before the change. Instead of using the command described above, you can create a Rule that changes the NotificationNamesMap parameter value. That allows avoiding the change of the template files. |
Templates Available by Default
By default, Dr.Web for UNIX mail servers is supplied with the following template files:
Template name |
Description |
|---|---|
Templates of reports sent to the administrator: |
|
ADMIN_ARCHIVE.msg |
Template for a report generated on detection of archives which cannot be scanned due to excess of limits set for archives in main configuration file drweb32.ini |
ADMIN_CURED.msg |
Template for a report generated on cure of an infected message |
ADMIN_ERROR.msg |
Template for a report generated if Dr.Web Daemon or plug-in errors occur |
ADMIN_LICENSE.msg |
Template for a report generated when an email message cannot be checked due to license restrictions |
ADMIN_MALWARE.msg |
Template for a report generated on detection of malware in an email message |
ADMIN_RULE.msg |
Template for a report generated on rejection of a message due to a some rule |
ADMIN_VIRUS.msg |
Template for a report generated on detection of a virus in a message |
Templates of notifications sent to the message recipients: |
|
RCPTS_MALWARE.msg |
Template for a report generated on detection of malware in a message |
RCPTS_VIRUS.msg |
Template for a report generated on detection of a virus in a message |
Templates of notifications sent to the message senders: |
|
SENDER_ARCHIVE.msg |
Template for a report generated on detection of archives which cannot be scanned due to excess of limits set for archives in main configuration file drweb32.ini |
SENDER_CURED.msg |
Template for a report generated on cure of an infected message |
SENDER_ERROR.msg |
Template for a report generated on Dr.Web Daemon or plug-in errors |
SENDER_MALWARE.msg |
Template for a report generated on detection of malware in a message |
SENDER_VIRUS.msg |
Template for a report generated on detection of a virus in a message |
SENDER_SKIP.msg |
Template for a report generated on message scan failure. It can happen when password protected or broken archive or a file in a non-standard format is attached to a message, or when message scan is aborted due to timeout |
Other templates: |
|
DSN.msg |
Template for delivery status notification (DSN) |
REPORT.msg |
Template for regular Dr.Web Daemon reports |