In the [Maild] section, general setting for Dr.Web MailD proper operation are specified:
ProtectedNetworks = {Lookup} |
List of networks protected by Dr.Web MailD. Values are specified in the CIDR format. This parameter is used to specify trusted networks in the corresponding Vaderetro plug-in parameters and if trust_protected_networks is specified in the SessionRestrictions parameter in the [Receiver] section. Please note that the parameter value is Lookup. Using of Lookup has series of restrictions, described below. Example: ProtectedNetworks = 10.0.0.0/24, 127.0.0.0/8, "mysql:select net from networks where net='$s'" |
|---|---|
Default value: ProtectedNetworks = 127.0.0.0/8 |
ProtectedDomains = {Lookup} |
List of domains protected by Dr.Web MailD. This parameter is used to specify trusted domains if trust_protected_domains is specified in the SessionRestrictions parameter in the [Receiver] section. Please note that the parameter value is Lookup. Example: ProtectedDomains = example.ru, example.com |
|---|---|
Default value: ProtectedDomains = |
IncludeSubdomains = {logical} |
Include subdomains in the list of protected domains. |
|---|---|
Default value: IncludeSubdomains = yes |
InPoolOptions = {pool options} |
Settings for a pool of threads that process messages before they are queued. |
|---|---|
Default value: InPoolOptions = auto |
OutPoolOptions = {pool options} |
Settings for a pool of threads that process messages after they are queued. |
|---|---|
Default value: OutPoolOptions = auto |
RedirectMail = {email address} |
email address where messages are sent to, when Redirect action is used (if the address is not specified as a parameter of the Redirect action). |
|---|---|
Default value: RedirectMail = root@localhost |
OnlyTrustedControlMails = {logical} |
Send control messages only from the protected network. If Receiver did not provide information about client's IP address, set GetIpFromReceivedHeader = Yes, that enables MTA to add the correct Received header to all messages before transmitting them to Dr.Web for UNIX mail servers. To ensure correct work of control messages, all outgoing email traffic of clients must be scanned by Dr.Web for UNIX mail servers. |
|---|---|
Default value: OnlyTrustedControlMails = Yes |
MaxScore = {numerical value} |
Maximum message score. If message score exceeds this parameter value, actions specified in the MaxScoreAction parameter are applied to this message and message check stops. This parameter is checked before a message is transmitted to plug-ins and after the message is checked by each plug-in. |
|---|---|
Default value: MaxScore = 10000 |
MaxScoreAction = {actions} |
Actions applied to the message when its score exceeds the threshold value specified in the MaxScore parameter. More than one action can be specified in this parameter (first action is mandatory, others are optional). Mandatory action can be one of the following: pass, discard, reject, tempfail. Additional actions can be the following: quarantine, redirect, add-header, score. If reject action is specified and value of the UseCustomReply parameter is set to yes, the SMTP response is taken from the ReplyMaxScore parameter (see below). After all actions are applied, message check is considered finished. |
|---|---|
Default value: MaxScoreAction = reject |
MaxMimeParts = {numerical value} |
Maximum number of MIME parts in a message. If the value is set to 0, check is not performed. If the number of MIME parts in a message exceeds the specified threshold value, its processing is aborted and actions specified in the ProcessingError parameter are applied to the message (see below). |
|---|---|
Default value: MaxMimeParts = 1000 |
MaxNestedMimeParts = {numerical value} |
Maximum number of nested MIME parts in the message. If the value is set to 0, check is not performed. If the number of nested MIME parts in a message exceeds the specified threshold value,its processing is aborted and actions specified in the ProcessingError parameter are applied to it (see below). |
|---|---|
Default value: MaxNestedMimeParts = 100 |
LicenseLimit = {actions} |
Actions applied to messages that were not scanned because of license limitations. More than one action can be specified in this parameter (first action is mandatory, others are optional). Mandatory action can be one of the following: pass, discard, reject, tempfail. Additional actions can be the following: quarantine, redirect, notify, add-header, score. |
|---|---|
Default value: LicenseLimit = pass |
EmptyFrom = {actions} |
Actions applied to messages that have an empty From header. An empty From header is typical when sending DSN (they must have an empty FROM header to meet the protocol requirements); spammers also often leave this header empty. More than one action can be specified in this parameter (first action is mandatory, others are optional). Mandatory action can be one of the following: continue, discard and reject. Additional actions can be the following: quarantine, redirect, add-header, score. |
|---|---|
Default value: EmptyFrom = continue |
ProcessingErrors = {actions} |
Action applied to messages which invoked errors during scanning. More than one action can be specified in this parameter (first action is mandatory, others are optional). Mandatory action can be one of the following: pass, discard, reject, tempfail. Additional actions can be the following: quarantine, redirect, notify, add-header, score. Please pay attention to the features of errors handling, presented below. |
|---|---|
Default value: ProcessingErrors = pass |
RulesLogLevel = {log level} |
Log verbosity level for Rule processor The following levels are allowed: •Quiet •Error •Alert •Info •Debug |
|---|---|
Default value: RulesLogLevel = Alert |
PidFile = {path to file} |
Path to the PID file of drweb-maild process. |
|---|---|
Default value: PidFile = %var_dir/run/drweb-maild.pid |
When message is blocked by any Dr.Web for UNIX mail servers component (i.e. reject action performed), 550 5.7.0 error code and a text message is used for SMTP-reply. Text for the message can be specified in parameters described below.
UseCustomReply = {logical} |
Enables usage of custom messages in SMTP sessions. These messages are sent as an SMTP reply when incoming message is rejected. |
|---|---|
Default value: UseCustomReply = No |
ReplyEmptyFrom = {string} |
Reply that is sent when EmptyFrom action is applied and if: •EmptyFrom = reject; •UseCustomReply = Yes. You can specify only text part of the reply: "550 5.7.0 <Text>". Text must be enclosed in quotation marks if it contains white spaces. |
|---|---|
Default value: ReplyEmptyFrom = "DrWEB maild: Messages from <> are blocked by administrator." |
ReplyProcessingError = {string} |
Reply that is sent when ProcessingError action is applied and if: •ProcessingError = reject; •UseCustomReply = Yes. You can specify only text part of the reply: "550 5.7.0 <Text>". Text must be enclosed in quotation marks if it contains white spaces. |
|---|---|
Default value: ReplyProcessingError = "DrWEB maild: Message is rejected due to software error." |
ReplyMaxScore = {string} |
Reply that is sent when MaxScoreAction action is applied and if: •MaxScoreAction = reject; •UseCustomReply = yes. You can specify only text part of the reply: "550 5.7.0 <Text>". Text must be enclosed in quotation marks if it contains white spaces. |
|---|---|
Default value: ReplyMaxScore = "Dr.Web MailD: Message is rejected due to score limit exceed." |
GetIpFromReceivedHeader = {logical} |
Instructs MailD core to use Received header value as a client's IP address if this address is not identified by Receiver. Note that in some cases Receiver cannot define client's IP address based on the analysis of Received header. |
|---|---|
Default value: GetIpFromReceivedHeader = Yes |
Control = {logical} |
Enables drweb-maild (component MailD core) interactive management. |
|---|---|
Default value: Control = No |
ControlAddress = {socket address} |
Socket address used by interactive management subsystem of drweb-maild module. |
|---|---|
Default value: ControlAddress = inet:3009@127.0.0.1 |
ControlPoolOption = {pool options} |
Thread pool settings for the interactive management socket of the drweb-maild. |
|---|---|
Default value: ControlPoolOption = auto |
SkipDSNOnBlock = {logical} |
Skip DSN dispatch when the program failed to pass return code to Receiver after applying Reject or Tempfail actions. |
|---|---|
Default value: SkipDSNOnBlock = No |
Features of Lookup usage in the ProtectedNetworks parameter
Lookups that retrieve Network IP address from a data source by the domain name or user name (that is, Lookups that use the $d and $u macros) cannot be set as a value of this parameter, because at this step, when the parameter is accessed to check the SessionRestrictions = trust_protected_network restriction, only the IP address, from which the connection was established, is available and the address cannot be resolved in the FQDN.
For example, if you use such Lookup in the following SQL query
select net from networks where domain='$d'
the net address will not be selected from the database and, therefore, will not be marked as trusted.
However, you may use Lookups that retrieve Network IP addresses by the full address (that is, Lookups that use the $s macro). At that, the Lookup points to the client's IP address, so it can be used only in queries to those data sources that either contain lists with IP addresses or can resolve an IP address in the FQDN. The following example shows a correct query:
select net from networks where net='$s'
If the net field contains a client's IP address that was inserted into the query via the $s macro, the IP address is marked as trusted.
Note that the SkipDomains setting does not work in a Lookup, as at this step the domain name is unidentified.
For details on restrictions concerning the usage of domain and user name, see Lookup description.
If during message processing an error or event matching one of the constrains (MaxScore, MaxMimeParts, LicenseLimit) occurs, the action specified in the corresponding parameter is applied:
•EmptyFrom
•MaxScoreAction
•LicenseLimit
•ProcessingErrors
Please be careful when specifying actions for these parameters. Remember that:
1.If one of the discard, reject or tempfail actions is specified, mail processing stops and a message is deleted without being delivered to its recipient. When the discard action is selected, the sender does not receive notifications if the message was rejected. Alternatively to discard action, reject and tempfail actions enable notifications to the sender upon message rejection. Depending on the operation mode, the sender can be notified with an SMTP response sent by Receiver (in the synchronous mode) or with a DSN sent by Sender (in asynchronous mode).
2.If the pass action is specified, mail processing also stops, but the message is transmitted for delivery without completion of the processing (that is, if some plug-ins did not check the message, they will not be called). So, if the event occurred before the message was saved to the storage (while the message was processed by plug-ins assigned to the BeforeQueue queue), the message will be delivered in the synchronous mode, otherwise (when the message was processed by plug-ins assigned to the AfterQueue queue) – in the asynchronous mode.
3.For the EmptyFrom parameter, the action pass cannot be specified. Instead of this action, you can specify continue. That starts message processing (because this event can occur only before the message is processed).
|
Please note that if the mandatory action of the ProcessingErrors parameter is discard, reject or tempfail, do not set a small value to the IpcTimeout (the [General] section) parameter, because checking of message content can take considerable time. Occurrence of timeout before the check completes is regarded as an error. Thus, in accordance with the action specified in ProcessingErrors, the message is to be deleted during its processing, which can lead to loss of the message: the message will not be delivered to the recipient and the sender will not be informed on that. |
