暂无描述
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符

etc_dspam_dspam.conf 27KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699
  1. ## $Id: dspam.conf.in,v 1.100 2011/07/09 00:00:52 sbajic Exp $
  2. ## dspam.conf -- DSPAM configuration file
  3. ##
  4. #
  5. # DSPAM Home: Specifies the base directory to be used for DSPAM storage
  6. #
  7. Home /decrypted/dspam
  8. #
  9. # StorageDriver: Specifies the storage driver backend (library) to use.
  10. # You'll only need to set this if you are using dynamic storage driver plugins
  11. # from a binary distribution. The default build statically links the storage
  12. # driver (when only one is specified at configure time), overriding this
  13. # setting, which only comes into play if multiple storage drivers are specified
  14. # at configure time. When using dynamic linking, be sure to include the path
  15. # to the library if necessary, and some systems may use an extension other
  16. # than .so (e.g. OSX uses .dylib).
  17. #
  18. # Options include:
  19. #
  20. # libmysql_drv.so libpgsql_drv.so
  21. # libsqlite3_drv.so libhash_drv.so
  22. #
  23. # IMPORTANT: Switching storage drivers requires more than merely changing
  24. # this option. If you do not wish to lose all of your data, you will need to
  25. # migrate it to the new backend before making this change.
  26. #
  27. StorageDriver /usr/lib/x86_64-linux-gnu/dspam/libhash_drv.so
  28. #
  29. # Trusted Delivery Agent: Specifies the local delivery agent DSPAM should call
  30. # when delivering mail as a trusted user. Use %u to specify the user DSPAM is
  31. # processing mail for. It is generally a good idea to allow the MTA to specify
  32. # the pass-through arguments at run-time, but they may also be specified here.
  33. #
  34. # Most operating system defaults:
  35. #TrustedDeliveryAgent "/usr/bin/procmail" # Linux
  36. #TrustedDeliveryAgent "/usr/bin/mail" # Solaris
  37. #TrustedDeliveryAgent "/usr/libexec/mail.local" # FreeBSD
  38. #TrustedDeliveryAgent "/usr/bin/procmail" # Cygwin
  39. #
  40. # Other popular configurations:
  41. #TrustedDeliveryAgent "/usr/cyrus/bin/deliver" # Cyrus
  42. #TrustedDeliveryAgent "/bin/maildrop" # Maildrop
  43. #TrustedDeliveryAgent "/usr/local/sbin/exim -oMr spam-scanned -oi" # Exim
  44. #
  45. TrustedDeliveryAgent "/usr/sbin/sendmail"
  46. #
  47. # Untrusted Delivery Agent: Specifies the local delivery agent and arguments
  48. # DSPAM should use when delivering mail and running in untrusted user mode.
  49. # Because DSPAM will not allow pass-through arguments to be specified to
  50. # untrusted users, all arguments should be specified here. Use %u to specify
  51. # the user DSPAM is processing mail for. This configuration parameter is only
  52. # necessary if you plan on allowing untrusted processing.
  53. #
  54. UntrustedDeliveryAgent "/usr/lib/dovecot/deliver -d %u"
  55. #
  56. # SMTP or LMTP Delivery: Alternatively, you may wish to use SMTP or LMTP
  57. # delivery to deliver your message to the mail server instead of using a
  58. # delivery agent. You will need to configure with --enable-daemon to use host
  59. # delivery, however you do not need to operate in daemon mode. Specify an IP
  60. # address or UNIX path to a domain socket below as a host.
  61. #
  62. # If you would like to set up DeliveryHost's on a per-domain basis, use
  63. # the syntax: DeliveryHost.domain.com 1.2.3.4
  64. #
  65. #DeliveryHost 127.0.0.1
  66. #DeliveryPort 2424
  67. #DeliveryIdent localhost
  68. #DeliveryProto LMTP
  69. #
  70. # FallbackDomains: If you want to specify certain domains as fallback domains,
  71. # enable this option. For example, you could create a user @domain.com, and
  72. # if bob@domain.com does not resolve to a known user on the system, the user
  73. # could default to your @domain.com user. NOTE: This also requires designating
  74. # fallbackDomain for the domain name;
  75. # e.g. dspam_admin ch pref domain.com fallbackDomain on
  76. #
  77. #FallbackDomains on
  78. #
  79. # Quarantine Agent: DSPAM's default behavior is to quarantine all mail it
  80. # thinks is spam. If you wish to override this behavior, you may specify
  81. # a quarantine agent which will be called with all messages DSPAM thinks is
  82. # spam. Use %u to specify the user DSPAM is processing mail for.
  83. #
  84. #QuarantineAgent "/usr/bin/procmail -d spam"
  85. #
  86. # DSPAM can optionally process "plused users" (addresses in the user+detail
  87. # form) by truncating the username just before the "+", so all internal
  88. # processing occurs for "user", but delivery will be performed for
  89. # "user+detail". This is only useful if the LDA can handle "plused users"
  90. # (for example Cyrus IMAP) and when configured for LMTP delivery above
  91. #
  92. #EnablePlusedDetail on
  93. #
  94. # Character to use as seperator between user names and address extensions.
  95. # If you change this value then please adjust QuarantineMailbox to use the
  96. # new specified character. The default is '+'.
  97. #
  98. #PlusedCharacter +
  99. #
  100. # Turn this feature on if you want to force DSPAM to lowercase the "plused
  101. # users" username.
  102. #
  103. #PlusedUserLowercase on
  104. #
  105. # Quarantine Mailbox: DSPAM's LMTP code can send spam mail using LMTP to a
  106. # "plused" mailbox (such as user+quarantine) leaving quarantine processing
  107. # for retraining or deletion to be performed by the LDA and the mail client.
  108. # "plused" mailboxes are supported by Cyrus IMAP and possibly other LDAs. If
  109. # you don't set/change PlusedCharacter then the mailbox name must have the +
  110. # since the + is the default used character.
  111. #
  112. #QuarantineMailbox +quarantine
  113. #
  114. # OnFail: What to do if local delivery or quarantine should fail. If set
  115. # to "unlearn", DSPAM will unlearn the message prior to exiting with an
  116. # un successful return code. The default option, "error" will not unlearn
  117. # the message but return the appropriate error code. The unlearn option
  118. # is use-ful on some systems where local delivery failures will cause the
  119. # message to be requeued for delivery, and could result in the message
  120. # being processed multiple times. During a very large failure, however,
  121. # this could cause a significant load increase.
  122. #
  123. OnFail error
  124. #
  125. # Trusted Users: Only the users specified below will be allowed to perform
  126. # administrative functions in DSPAM such as setting the active user and
  127. # accessing tools. All other users attempting to run DSPAM will be restricted;
  128. # their uids will be forced to match the active username and they will not be
  129. # able to specify delivery agent privileges or use tools.
  130. #
  131. Trust root
  132. Trust dspam
  133. Trust www-data
  134. Trust mail
  135. Trust daemon
  136. Trust amavis
  137. Trust vmail
  138. #Trust nobody
  139. #Trust majordomo
  140. #
  141. # Debugging: Enables debugging for some or all users. IMPORTANT: DSPAM must
  142. # be compiled with debug support in order to use this option. DSPAM should
  143. # never be running in production with debug active unless you are
  144. # troubleshooting problems.
  145. #
  146. # DebugOpt: One or more of: process, classify, spam, fp, inoculation, corpus
  147. # process standard message processing
  148. # classify message classification using --classify
  149. # spam error correction of missed spam
  150. # fp error correction of false positives
  151. # inoculation message inoculations (source=inoculation)
  152. # corpus corpusfed messages (source=corpus)
  153. #
  154. #Debug *
  155. #Debug bob bill
  156. #
  157. #DebugOpt process spam fp
  158. #
  159. # ClassAlias: Alias a particular class to spam/nonspam. This is useful if
  160. # classifying things other than spam.
  161. #
  162. #ClassAliasSpam badstuff
  163. #ClassAliasNonspam goodstuff
  164. #
  165. # Training Mode: The default training mode to use for all operations, when
  166. # one has not been specified on the commandline or in the user's preferences.
  167. # Acceptable values are:
  168. # toe Train on Error (Only)
  169. # teft Train Everything (Trains on every message)
  170. # tum Train Until Mature (Train only tokens without enough data)
  171. # notrain Do not train or store signatures (large ISP systems, post-train)
  172. #
  173. TrainingMode teft
  174. #
  175. # TestConditionalTraining: By default, dspam will retrain certain errors
  176. # until the condition is no longer met. This usually accelerates learning.
  177. # Some people argue that this can increase the risk of errors, however.
  178. #
  179. TestConditionalTraining on
  180. #
  181. # Features: Specify features to activate by default; can also be specified
  182. # on the commandline. See the documentation for a list of available features.
  183. # If _any_ features are specified on the commandline, these are ignored.
  184. #
  185. #Feature noise
  186. Feature whitelist
  187. # Training Buffer: The training buffer waters down statistics during training.
  188. # It is designed to prevent false positives, but can also dramatically reduce
  189. # dspam's catch rate during initial training. This can be a number from 0
  190. # (no buffering) to 10 (maximum buffering). If you are paranoid about false
  191. # positives, you should probably enable this option.
  192. #
  193. #Feature tb=5
  194. #
  195. # Algorithms: Specify the statistical algorithms to use, overriding any
  196. # defaults configured in the build. The options are:
  197. # naive Naive-Bayesian (All Tokens)
  198. # graham Graham-Bayesian ("A Plan for Spam")
  199. # burton Burton-Bayesian (SpamProbe)
  200. # robinson Robinson's Geometric Mean Test (Obsolete)
  201. # chi-square Fisher-Robinson's Chi-Square Algorithm
  202. #
  203. # You may have multiple algorithms active simultaneously, but it is strongly
  204. # recommended that you group Bayesian algorithms with other Bayesian
  205. # algorithms, and any use of Chi-Square remain exclusive.
  206. #
  207. # NOTE: For standard "CRM114" Markovian weighting, use 'naive', or consider
  208. # using 'burton' for slightly better accuracy
  209. #
  210. # Don't mess with this unless you know what you're doing
  211. #
  212. #Algorithm chi-square
  213. #Algorithm naive
  214. Algorithm graham burton
  215. #
  216. # Tokenizer: Specify the tokenizer to use. The tokenizer is the piece
  217. # responsible for parsing the message into individual tokens. Depending on
  218. # how many resources you are willing to trade off vs. accuracy, you may
  219. # choose to use a less or more detailed tokenizer:
  220. # word uniGram (single word) tokenizer
  221. # Tokenizes message into single individual words/tokens
  222. # example: "free" and "viagra"
  223. # chain biGram (chained tokens) tokenizer (default)
  224. # Single words + chains adjacent tokens together
  225. # example: "free" and "viagra" and "free viagra"
  226. # sbph Sparse Binary Polynomial Hashing tokenizer
  227. # Creates sparse token patterns across sliding window of 5-tokens
  228. # example: "the quick * fox jumped" and "the * * fox jumped"
  229. # osb Orthogonal Sparse biGram tokenizer
  230. # Similar to SBPH, but only uses the biGrams
  231. # example: "the * * fox" and "the * * * jumped"
  232. #
  233. # In general the reccomendation is to use 'osb' for new installations.
  234. # The default value of 'chain' remains here as not to surprise anyone upgrading
  235. # that has not changed from the default value.
  236. #
  237. Tokenizer chain
  238. #
  239. # PValue: Specify the technique used for calculating Probability Values,
  240. # overriding any defaults configured in the build. These options are:
  241. # bcr Bayesian Chain Rule (Graham's Technique - "A Plan for Spam")
  242. # robinson Robinson's Technique (used in Chi-Square)
  243. # markov Markovian Weighted Technique (for Markovian discrimination)
  244. #
  245. # Unlike the "Algorithms" property, you may only have one of these defined.
  246. # Use of the chi-square algorithm automatically changes this to robinson.
  247. #
  248. # Don't mess with this unless you know what you're doing.
  249. #
  250. #PValue robinson
  251. #PValue markov
  252. PValue bcr
  253. #
  254. # WebStats: Enable this if you are using the CGI, which writes .stats files
  255. WebStats on
  256. #
  257. # ImprobabilityDrive: Calculate odds-ratios for ham/spam, and add to
  258. # X-DSPAM-Improbability headers
  259. #
  260. #ImprobabilityDrive on
  261. #
  262. # Preferences: Specify any preferences to set by default, unless otherwise
  263. # overridden by the user (see next section) or a default.prefs file.
  264. # If user or default.prefs are found, the user's preferences will override any
  265. # defaults.
  266. #
  267. Preference "trainingMode=TEFT" # { TOE | TUM | TEFT | NOTRAIN } -> default:teft
  268. Preference "spamAction=tag" # { quarantine | tag | deliver } -> default:quarantine
  269. Preference "spamSubject=[SPAM]" # { string } -> default:[SPAM]
  270. Preference "statisticalSedation=5" # { 0 - 10 } -> default:0
  271. Preference "enableBNR=on" # { on | off } -> default:off
  272. Preference "enableWhitelist=on" # { on | off } -> default:on
  273. Preference "signatureLocation=headers" # { message | headers } -> default:message
  274. Preference "tagSpam=off" # { on | off }
  275. Preference "tagNonspam=off" # { on | off }
  276. Preference "showFactors=off" # { on | off } -> default:off
  277. Preference "optIn=off" # { on | off }
  278. Preference "optOut=off" # { on | off }
  279. Preference "whitelistThreshold=10" # { Integer } -> default:10
  280. Preference "makeCorpus=off" # { on | off } -> default:off
  281. Preference "storeFragments=off" # { on | off } -> default:off
  282. Preference "localStore=" # { on | off } -> default:username
  283. Preference "processorBias=on" # { on | off } -> default:on
  284. Preference "fallbackDomain=off" # { on | off } -> default:off
  285. Preference "trainPristine=off" # { on | off } -> default:off
  286. Preference "optOutClamAV=off" # { on | off } -> default:off
  287. Preference "ignoreRBLLookups=off" # { on | off } -> default:off
  288. Preference "RBLInoculate=off" # { on | off } -> default:off
  289. Preference "notifications=off" # { on | off } -> default:off
  290. #
  291. # Overrides: Specifies the user preferences which may override configuration
  292. # and commandline defaults. Any other preferences supplied by an untrusted user
  293. # will be ignored.
  294. #
  295. AllowOverride enableBNR
  296. AllowOverride enableWhitelist
  297. AllowOverride fallbackDomain
  298. AllowOverride ignoreGroups
  299. AllowOverride ignoreRBLLookups
  300. AllowOverride localStore
  301. AllowOverride makeCorpus
  302. AllowOverride optIn
  303. AllowOverride optOut
  304. AllowOverride optOutClamAV
  305. AllowOverride processorBias
  306. AllowOverride RBLInoculate
  307. AllowOverride showFactors
  308. AllowOverride signatureLocation
  309. AllowOverride spamAction
  310. AllowOverride spamSubject
  311. AllowOverride statisticalSedation
  312. AllowOverride storeFragments
  313. AllowOverride tagNonspam
  314. AllowOverride tagSpam
  315. AllowOverride trainPristine
  316. AllowOverride trainingMode
  317. AllowOverride whitelistThreshold
  318. AllowOverride dailyQuarantineSummary
  319. AllowOverride notifications
  320. # --- Profiles ---
  321. #
  322. # You can specify multiple storage profiles, and specify the server to
  323. # use on the commandline with --profile. For example:
  324. #
  325. #Profile DECAlpha
  326. #MySQLServer.DECAlpha 10.0.0.1
  327. #MySQLPort.DECAlpha 3306
  328. #MySQLUser.DECAlpha dspam
  329. #MySQLPass.DECAlpha changeme
  330. #MySQLDb.DECAlpha dspam
  331. #MySQLCompress.DECAlpha true
  332. #MySQLReconnect.DECAlpha true
  333. #
  334. #Profile Sun420R
  335. #MySQLServer.Sun420R 10.0.0.2
  336. #MySQLPort.Sun420R 3306
  337. #MySQLUser.Sun420R dspam
  338. #MySQLPass.Sun420R changeme
  339. #MySQLDb.Sun420R dspam
  340. #MySQLCompress.Sun420R false
  341. #MySQLReconnect.Sun420R true
  342. #
  343. #DefaultProfile DECAlpha
  344. #
  345. # If you're using storage profiles, you can set failovers for each profile.
  346. # Of course, if you'll be failing over to another database, that database
  347. # must have the same information as the first. If you're using a global
  348. # database with no training, this should be relatively simple. If you're
  349. # configuring per-user data, however, you'll need to set up some type of
  350. # replication between databases.
  351. #
  352. #Failover.DECAlpha SUN420R
  353. #Failover.Sun420R DECAlpha
  354. # If the storage fails, the agent will follow each profile's failover up to
  355. # a maximum number of failover attempts. This should be set to a maximum of
  356. # the number of profiles you have, otherwise the agent could loop and try
  357. # the same profile multiple times (unless this is your desired behavior).
  358. #
  359. #FailoverAttempts 1
  360. #
  361. # Ignored headers: If DSPAM is behind other tools which may add a header to
  362. # incoming emails, it may be beneficial to ignore these headers - especially
  363. # if they are coming from another spam filter. If you are _not_ using one of
  364. # these tools, however, leaving the appropriate headers commented out will
  365. # allow DSPAM to use them as telltale signs of forged email.
  366. #
  367. #IgnoreHeader X-Spam-Status
  368. #IgnoreHeader X-Spam-Scanned
  369. #IgnoreHeader X-Virus-Scanner-Result
  370. #
  371. # Lookup: Perform lookups on streamlined blackhole list servers (see
  372. # http://www.nuclearelephant.com/projects/sbl/). The streamlined blacklist
  373. # server is machine-automated, unsupervised blacklisting system designed to
  374. # provide real-time and highly accurate blacklisting based on network spread.
  375. # When performing a lookup, DSPAM will automatically learn the inbound message
  376. # as spam if the source IP is listed. Until an official public RABL server is
  377. # available, this feature is only useful if you are running your own
  378. # streamlined blackhole list server for internal reporting among multiple mail
  379. # servers. Provide the name of the lookup zone below to use.
  380. #
  381. # This function performs standard reverse-octet.domain lookups, and while it
  382. # will function with many RBLs, it's strongly discouraged to use those
  383. # maintained by humans as they're often inaccurate and could hurt filter
  384. # learning and accuracy.
  385. #
  386. #Lookup "sbl.yourdomain.com"
  387. #
  388. # RBLInoculate: If you want to inoculate the user from RBL'd messages it would
  389. # have otherwise missed, set this to on.
  390. #
  391. #RBLInoculate off
  392. #
  393. # Notifications: Enable the sending of notification emails to users (first
  394. # message, quarantine full, etc.)
  395. #
  396. Notifications off
  397. #
  398. # QuarantineWarnSize: You may specify a size when DSPAM should send a "Quarantine
  399. # Full" message to each user. This is only working if you enable notifications
  400. # (see above). Value is in bytes. Default is 2097152 -> 2MB.
  401. #
  402. #QuarantineWarnSize 2097152
  403. #
  404. # Purge configuration: Set dspam_clean purge default options, if not otherwise
  405. # specified on the commandline
  406. #
  407. PurgeSignatures 14 # Stale signatures
  408. PurgeNeutral 90 # Tokens with neutralish probabilities
  409. PurgeUnused 90 # Unused tokens
  410. PurgeHapaxes 30 # Tokens with less than 5 hits (hapaxes)
  411. PurgeHits1S 15 # Tokens with only 1 spam hit
  412. PurgeHits1I 15 # Tokens with only 1 innocent hit
  413. #
  414. # Purge configuration for SQL-based installations using purge.sql
  415. #
  416. #PurgeSignature off # Specified in purge.sql
  417. #PurgeNeutral 90
  418. #PurgeUnused off # Specified in purge.sql
  419. #PurgeHapaxes off # Specified in purge.sql
  420. #PurgeHits1S off # Specified in purge.sql
  421. #PurgeHits1I off # Specified in purge.sql
  422. #
  423. # Local Mail Exchangers: Used for source address tracking, tells DSPAM which
  424. # mail exchangers are local and therefore should be ignored in the Received:
  425. # header when tracking the source of an email. Note: you should use the address
  426. # of the host as appears between brackets [ ] in the Received header.
  427. # By default DSPAM is considering the following IPs always as LocalMX:
  428. # 10.0.0.0/8 - Private IP addresses (RFC 1918)
  429. # 127.0.0.0/8 - Localhost Loopback Address (RFC 1700)
  430. # 169.254.0.0/16 - Zeroconf / APIPA (RFC 3330)
  431. # 172.16.0.0/12 - Private IP addresses (RFC 1918)
  432. # 192.168.0.0/16 - Private IP addresses (RFC 1918)
  433. #
  434. LocalMX 127.0.0.1
  435. #
  436. # Logging: Disabling logging for users will make usage graphs unavailable to
  437. # them. Disabling system logging will make admin graphs unavailable.
  438. #
  439. SystemLog on
  440. UserLog on
  441. #
  442. # TrainPristine: for systems where the original message remains server side
  443. # and can therefore be presented in pristine format for retraining. This option
  444. # will cause DSPAM to cease all writing of signatures and DSPAM headers to the
  445. # message, and deliver the message in as pristine format as possible. This mode
  446. # REQUIRES that the original message in its pristine format (as of delivery)
  447. # be presented for retraining, as in the case of webmail, imap, or other
  448. # applications where the message is actually kept server-side during reading,
  449. # and is preserved. DO NOT use this switch unless the original message can be
  450. # presented for retraining with the ORIGINAL HEADERS and NO MODIFICATIONS.
  451. #
  452. # NOTE: You can't use this setting with dspam_trian; if you're going to use it,
  453. # wait until after you train any corpora.
  454. #
  455. #TrainPristine on
  456. #
  457. # Opt: in or out; determines DSPAM's default filtering behavior. If this value
  458. # is set to in, users must opt-in to filtering by dropping a .dspam file in
  459. # /var/dspam/opt-in/user.dspam (or if you have homedirs configured, a .dspam
  460. # folder in their home directory). The default is opt-out, which means all
  461. # users will be filtered unless a .nodspam file is dropped in
  462. # /var/dspam/opt-out/user.nodspam
  463. #
  464. Opt out
  465. #
  466. # TrackSources: specify which (if any) source addresses to track and report
  467. # them to syslog (mail.info). This is useful if you're running a firewall or
  468. # blacklist and would like to use this information. Spam reporting also drops
  469. # RABL blacklist files (see http://www.nuclearelephant.com/projects/rabl/).
  470. #
  471. #TrackSources spam nonspam virus
  472. #
  473. # ParseToHeaders: In lieu of setting up individual aliases for each user,
  474. # DSPAM can be configured to automatically parse the To: address for spam and
  475. # false positive forwards. From there, it can be configured to either set the
  476. # DSPAM user based on the username specified in the header and/or change the
  477. # training class and source accordingly. The options below can be used to
  478. # customize most common types of header parsing behavior to avoid the need for
  479. # multiple aliases, or if using LMTP, aliases entirely..
  480. #
  481. # ParseToHeader: Parse the To: headers of an incoming message. This must be
  482. # set to 'on' to use either of the following features.
  483. #
  484. # ChangeModeOnParse: Automatically change the class (to spam or innocent)
  485. # depending on whether spam- or notspam- was specified, and change the source
  486. # to 'error'. This is convenient if you're not using aliases at all, but
  487. # are delivering via LMTP.
  488. #
  489. # ChangeUserOnParse: Automatically change the username to match that specified
  490. # in the To: header. For example, spam-bob@domain.tld will set the username
  491. # to bob, ignoring any --user passed in. This may not always be desirable if
  492. # you are using virtual email addresses as usernames. Options:
  493. # on or user take the portion before the @ sign only
  494. # full take everything after the initial {spam,notspam}-.
  495. #
  496. #ParseToHeaders on
  497. #ChangeModeOnParse on
  498. #ChangeUserOnParse on
  499. #
  500. # Broken MTA Options: Some MTAs don't support the proper functionality
  501. # necessary. In these cases you can activate certain features in DSPAM to
  502. # compensate. 'returnCodes' causes DSPAM to return an exit code of 99 if
  503. # the message is spam, 0 if not, or a negative code if an error has occured.
  504. # Specifying 'case' causes DSPAM to force the input usernames to lowercase.
  505. # Specifying 'lineStripping' causes DSPAM to strip ^M's from messages passed
  506. # in.
  507. #
  508. #Broken returnCodes
  509. #Broken case
  510. #Broken lineStripping
  511. #
  512. # MaxMessageSize: You may specify a maximum message size for DSPAM to process.
  513. # If the message is larger than the maximum size, it will be delivered
  514. # without processing. Value is in bytes.
  515. #
  516. #MaxMessageSize 4194304
  517. # --- ClamAV ---
  518. #
  519. # Virus Checking: If you are running clamd, DSPAM can perform stream-based
  520. # virus checking using TCP. Uncomment the values below to enable virus
  521. # checking.
  522. #
  523. # ClamAVResponse: reject (reject or drop the message with a permanent failure)
  524. # accept (accept the message and quietly drop the message)
  525. # spam (treat as spam and quarantine/tag/whatever)
  526. #
  527. #ClamAVPort 3310
  528. #ClamAVHost 127.0.0.1
  529. #ClamAVResponse accept
  530. # --- CLIENT / SERVER ---
  531. #
  532. # Daemonized Server: If you are running DSPAM as a daemonized server using
  533. # --daemon, the following parameters will override the default. Use the
  534. # ServerPass option to set up accounts for each client machine. The DSPAM
  535. # server will process and deliver the message based on the parameters
  536. # specified. If you want the client machine to perform delivery, use
  537. # the --stdout option in conjunction with a local setup.
  538. #
  539. # ServerHost: Not enabling ServerHost will bind DSPAM server to all available
  540. # interfaces.
  541. #
  542. # ServerPort: Default upstream configuration is to run dspam daemon on port
  543. # 24. On Debian, dspam being run as a unprivileged user, default port is
  544. # set to 2424.
  545. #
  546. #ServerHost 127.0.0.1
  547. #ServerPort 2424
  548. #ServerQueueSize 32
  549. #ServerPID /var/run/dspam/dspam.pid
  550. #
  551. # ServerMode specifies the type of LMTP server to start. This can be one of:
  552. # dspam: DSPAM-proprietary DLMTP server, for communicating with dspamc
  553. # standard: Standard LMTP server, for communicating with Postfix or other MTA
  554. # auto: Speak both DLMTP and LMTP; auto-detect by ServerPass.IDENT
  555. #
  556. #ServerMode dspam
  557. # If supporting DLMTP (dspam) mode, dspam clients will require authentication
  558. # as they will be passing in parameters. The idents below will be used to
  559. # determine which clients will be speaking DLMTP, so if you will be using
  560. # both LMTP and DLMTP from the same host, be sure to use something other
  561. # than the server's hostname below (which will be sent by the MTA during a
  562. # standard LMTP LHLO).
  563. #
  564. #ServerPass.Relay1 "secret"
  565. #ServerPass.Relay2 "password"
  566. # If supporting standard LMTP mode, server parameters will need to be specified
  567. # here, as they will not be passed in by the mail server. The ServerIdent
  568. # specifies the 250 response code ident sent back to connecting clients and
  569. # should be set to the hostname of your server, or an alias.
  570. #
  571. # NOTE: If you specify --user in ServerParameters, the RCPT TO will be
  572. # used only for delivery, and not set as the active user for processing.
  573. #
  574. #ServerParameters "--deliver=innocent -d %u"
  575. #ServerIdent "localhost.localdomain"
  576. # If you wish to use a local domain socket instead of a TCP socket, uncomment
  577. # the following. It is strongly recommended you use local domain sockets if
  578. # you are running the client and server on the same machine, as it eliminates
  579. # much of the bandwidth overhead.
  580. #
  581. ServerDomainSocketPath "/var/run/dspam/dspam.sock"
  582. #
  583. # Client Mode: If you are running DSPAM in client/server mode, uncomment and
  584. # set these variables. A ClientHost beginning with a / will be treated as
  585. # a domain socket.
  586. #
  587. #ClientHost /var/run/dspam/dspam.sock
  588. #ClientIdent "secret@Relay1"
  589. #
  590. #ClientHost 127.0.0.1
  591. #ClientPort 2424
  592. #ClientIdent "secret@Relay1"
  593. # --- RABL ---
  594. # RABLQueue: Touch files in the RABL queue
  595. # If you are a reporting streamlined blackhole list participant, you can
  596. # touch ip addresses within the directory the rabl_client process is watching.
  597. #
  598. #RABLQueue /var/spool/rabl
  599. # --- ---
  600. # DataSource: If you are using any type of data source that does not include
  601. # email-like headers (such as documents), uncomment the line below. This
  602. # will cause the entire input to be treated like a message "body"
  603. #
  604. #DataSource document
  605. # ProcessorWordFrequency: By default, words are only counted once per message.
  606. # If you are classifying large documents, however, you may wish to count once
  607. # per occurrence instead.
  608. #
  609. #ProcessorWordFrequency occurrence
  610. # ProcessorURLContext: By default, a URL context is generated for URLs, which
  611. # records their tokens as separate from words found in documents. To use
  612. # URL tokens in the same context as words, turn this feature off.
  613. #
  614. ProcessorURLContext on
  615. # ProcessorBias: Bias causes the filter to lean more toward 'innocent', and
  616. # usually greatly reduces false positives. It is the default behavior of
  617. # most Bayesian filters (including dspam).
  618. #
  619. # NOTE: You probably DONT want this if you're using Markovian Weighting, unless
  620. # you are paranoid about false positives.
  621. #
  622. ProcessorBias on
  623. # StripRcptDomain: Cut the domain (including the at sign) from recipients.
  624. # This is particularly useful if the recipient name is equal to real user
  625. # accounts as recipients with domains tend to cause permission issues with
  626. # dspam-web.
  627. #
  628. StripRcptDomain off
  629. # --- Split Configuration File Support ---
  630. # Include a directory with configuration items.
  631. Include /etc/dspam/dspam.d/
  632. # --- ---
  633. ## EOF