Merge lp:~logan/ubuntu/raring/spamassassin/3.3.2-6ubuntu1 into lp:ubuntu/raring/spamassassin
- Raring (13.04)
- 3.3.2-6ubuntu1
- Merge into raring
Proposed by
Logan Rosen
Status: | Merged |
---|---|
Merge reported by: | Sebastien Bacher |
Merged at revision: | not available |
Proposed branch: | lp:~logan/ubuntu/raring/spamassassin/3.3.2-6ubuntu1 |
Merge into: | lp:ubuntu/raring/spamassassin |
Diff against target: |
38156 lines (+303/-37048) 75 files modified
.pc/10_change_config_paths/INSTALL (+0/-474) .pc/10_change_config_paths/README (+0/-354) .pc/10_change_config_paths/UPGRADE (+0/-309) .pc/10_change_config_paths/USAGE (+0/-248) .pc/10_change_config_paths/ldap/README (+0/-116) .pc/10_change_config_paths/lib/Mail/SpamAssassin/Conf.pm (+0/-4035) .pc/10_change_config_paths/lib/Mail/SpamAssassin/Plugin/Test.pm (+0/-72) .pc/10_change_config_paths/lib/spamassassin-run.pod (+0/-324) .pc/10_change_config_paths/rules/user_prefs.template (+0/-42) .pc/10_change_config_paths/sa-compile.raw (+0/-811) .pc/10_change_config_paths/sa-learn.raw (+0/-1345) .pc/10_change_config_paths/spamc/spamc.pod (+0/-339) .pc/10_change_config_paths/spamd/README (+0/-211) .pc/10_change_config_paths/spamd/README.vpopmail (+0/-113) .pc/10_change_config_paths/spamd/spamd.raw (+0/-3413) .pc/10_change_config_paths/sql/README (+0/-227) .pc/10_change_config_paths/sql/README.awl (+0/-176) .pc/10_change_config_paths/t/data/testplugin.pm (+0/-94) .pc/20_edit_spamc_pod/spamc/spamc.pod (+0/-339) .pc/30_edit_README/README (+0/-354) .pc/50_sa-learn_fix_empty_list_handling/sa-learn.raw (+0/-1345) .pc/55_disable_nagios_epm/sa-check_spamd.raw (+0/-463) .pc/60_bug_684709/lib/Mail/SpamAssassin/Message.pm (+0/-1205) .pc/85_disable_SSLv2/spamc/libspamc.c (+0/-2298) .pc/85_disable_SSLv2/spamc/libspamc.h (+0/-319) .pc/85_disable_SSLv2/spamc/spamc.c (+0/-1035) .pc/85_disable_SSLv2/spamc/spamc.pod (+0/-339) .pc/85_disable_SSLv2/spamd/spamd.raw (+0/-3413) .pc/90_missing_tld/lib/Mail/SpamAssassin/Util/RegistrarBoundaries.pm (+0/-419) .pc/90_pod_cleanup/lib/Mail/SpamAssassin/Conf.pm (+0/-4035) .pc/91_no_rfc_ignorant/pkgrules/20_dnsbl_tests.cf (+0/-263) .pc/91_no_rfc_ignorant/pkgrules/30_text_de.cf (+0/-400) .pc/91_no_rfc_ignorant/pkgrules/50_scores.cf (+0/-1244) .pc/91_no_rfc_ignorant/pkgrules/local.cf (+0/-102) .pc/91_no_rfc_ignorant/rules/STATISTICS-set1.txt (+0/-1109) .pc/91_no_rfc_ignorant/rules/STATISTICS-set3.txt (+0/-1109) .pc/91_no_rfc_ignorant/rules/active.list (+0/-782) .pc/95_bug694504-spamdforkscaling-crash/lib/Mail/SpamAssassin/Logger/Syslog.pm (+0/-241) .pc/95_bug694504-spamdforkscaling-crash/spamd/spamd.raw (+0/-3412) .pc/applied-patches (+0/-11) INSTALL (+1/-1) README (+10/-5) UPGRADE (+2/-2) USAGE (+3/-3) debian/changelog (+20/-0) debian/patches/96_disable_njabl (+129/-0) debian/patches/series (+1/-0) ldap/README (+1/-1) lib/Mail/SpamAssassin/Conf.pm (+3/-3) lib/Mail/SpamAssassin/Logger/Syslog.pm (+5/-9) lib/Mail/SpamAssassin/Message.pm (+2/-18) lib/Mail/SpamAssassin/Plugin/Test.pm (+1/-1) lib/Mail/SpamAssassin/Util/RegistrarBoundaries.pm (+1/-1) lib/spamassassin-run.pod (+2/-2) pkgrules/20_dnsbl_tests.cf (+29/-0) pkgrules/30_text_de.cf (+2/-0) pkgrules/50_scores.cf (+5/-0) pkgrules/local.cf (+7/-0) rules/STATISTICS-set1.txt (+2/-0) rules/STATISTICS-set3.txt (+2/-0) rules/active.list (+15/-0) rules/user_prefs.template (+1/-1) sa-check_spamd.raw (+0/-5) sa-compile.raw (+2/-2) sa-learn.raw (+3/-3) spamc/libspamc.c (+8/-4) spamc/libspamc.h (+1/-1) spamc/spamc.c (+9/-3) spamc/spamc.pod (+7/-5) spamd/README (+1/-1) spamd/README.vpopmail (+1/-1) spamd/spamd.raw (+24/-33) sql/README (+1/-1) sql/README.awl (+1/-1) t/data/testplugin.pm (+1/-1) |
To merge this branch: | bzr merge lp:~logan/ubuntu/raring/spamassassin/3.3.2-6ubuntu1 |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Ubuntu branches | Pending | ||
Review via email: mp+152997@code.launchpad.net |
Commit message
Description of the change
To post a comment you must log in.
Revision history for this message
Sebastien Bacher (seb128) wrote : | # |
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === removed directory '.pc/10_change_config_paths' |
2 | === removed file '.pc/10_change_config_paths/INSTALL' |
3 | --- .pc/10_change_config_paths/INSTALL 2010-03-01 00:57:24 +0000 |
4 | +++ .pc/10_change_config_paths/INSTALL 1970-01-01 00:00:00 +0000 |
5 | @@ -1,474 +0,0 @@ |
6 | -Upgrading SpamAssassin? |
7 | ------------------------ |
8 | - |
9 | -Please be sure to read the UPGRADE file for important changes that |
10 | -have been made since previous versions. In particular, 3.3.0 no |
11 | -longer includes a default ruleset. |
12 | - |
13 | - |
14 | -Installing or Upgrading SpamAssassin |
15 | ------------------------------------- |
16 | - |
17 | -Using CPAN via CPAN.pm: |
18 | - |
19 | - perl -MCPAN -e shell [as root] |
20 | - o conf prerequisites_policy ask |
21 | - install Mail::SpamAssassin |
22 | - quit |
23 | - |
24 | -Using Linux: |
25 | - |
26 | - Debian unstable: apt-get install spamassassin |
27 | - Gentoo: emerge mail-filter/spamassassin |
28 | - Fedora: yum install spamassassin |
29 | - |
30 | -Alternatively download the tarfile, zipfile, and/or build your own RPM |
31 | -from http://spamassassin.apache.org/. Building from tar/zip file is |
32 | -usually as simple as: |
33 | - |
34 | - [unzip/untar the archive] |
35 | - cd Mail-SpamAssassin-* |
36 | - perl Makefile.PL |
37 | - [option: add -DSPAMC_SSL to $CFLAGS to build an SSL-enabled spamc] |
38 | - make |
39 | - make install [as root] |
40 | - |
41 | -After installing SpamAssassin, you need to download and install the |
42 | -SpamAssassin ruleset using "sa-update". See the "Installing Rules" |
43 | -section below. |
44 | - |
45 | -Please make sure to read this whole document before installing, especially |
46 | -the prerequisite information further down. |
47 | - |
48 | -To install as non-root, see the directions below. |
49 | - |
50 | -If you are running AFS, you may also need to specify INSTALLSITELIB and |
51 | -SITELIBEXP. |
52 | - |
53 | -Note that you can upgrade SpamAssassin using these instructions, as long |
54 | -as you take care to read the caveats in the file UPGRADE. Upgrading |
55 | -will not delete your learnt Bayes data or local rule modifications. |
56 | - |
57 | -If you're using SunOS 4.1.x, see |
58 | -http://wiki.spamassassin.org/w/BuildingOnSunOS4 for build tips. |
59 | - |
60 | - |
61 | -Installing SpamAssassin for Personal Use (Not System-Wide) |
62 | ----------------------------------------------------------- |
63 | - |
64 | -These steps assume the following, so substitute as necessary: |
65 | - - Your UNIX login is "user" |
66 | - - Your home directory is /home/user |
67 | - - The location of the procmail executable is /usr/bin/procmail |
68 | - |
69 | -Many more details of this process are at |
70 | -http://wiki.apache.org/spamassassin/SingleUserUnixInstall |
71 | - |
72 | -1. Uncompress and extract the SpamAssassin archive, using "unzip" or |
73 | - "tar xvfz", in a temporary directory. |
74 | - |
75 | -2. change directory into it: |
76 | - |
77 | - cd Mail-SpamAssassin-* |
78 | - |
79 | -3. Make SpamAssassin as normal, but using your home directory as the |
80 | - target: |
81 | - |
82 | - perl Makefile.PL PREFIX=$HOME |
83 | - make |
84 | - make install |
85 | - |
86 | - Please see the file PACKAGING, sections "Changing paths in the Makefile" |
87 | - and "Setting further options on the command line" for more informations |
88 | - on available command line variables. |
89 | - |
90 | -4. Install the SpamAssassin ruleset using "sa-update": |
91 | - |
92 | - $HOME/bin/sa-update |
93 | - |
94 | - See the "Installing Rules" section below if you do not wish to download |
95 | - the rules directly from the internet. |
96 | - |
97 | -5. If you already use procmail, skip to step 7. If not, ensure procmail |
98 | - is installed using "which procmail" or install it from www.procmail.org. |
99 | - |
100 | -6. Create a .forward file in your home directory containing the below |
101 | - lines: |
102 | - |
103 | -"|IFS=' ' && exec /usr/bin/procmail -f- || exit 75 #user" |
104 | - |
105 | -7. Edit or create a .procmailrc file in your home directory containing the |
106 | - below lines. If you already have a .procmailrc file, add the lines to |
107 | - the top of your .procmailrc file: |
108 | - |
109 | -:0fw: spamassassin.lock |
110 | -| /home/user/bin/spamassassin |
111 | - |
112 | - The above line filters all incoming mail through SpamAssassin and tags |
113 | - probable spam with a unique header. If you would prefer to have spam |
114 | - blocked and saved to a file called "caughtspam" in your home directory, |
115 | - instead of passed through and tagged, append this directly below the above |
116 | - lines: |
117 | - |
118 | -:0: |
119 | -* ^X-Spam-Status: Yes |
120 | -caughtspam |
121 | - |
122 | -Also, see the file procmailrc.example and |
123 | -http://wiki.apache.org/spamassassin/UsedViaProcmail |
124 | - |
125 | -8. Now, you should be ready to send some test emails and ensure everything |
126 | - works as expected. First, send yourself a test email that doesn't |
127 | - contain anything suspicious. You should receive it normally, but there |
128 | - will be a header containing "X-Spam-Status: No". If you are only |
129 | - tagging your spam, send yourself a copy of the GTUBE test string to |
130 | - check to be sure it is marked as spam. GTUBE is located in the |
131 | - sample-spam.txt message distributed with SpamAssassin and also at: |
132 | - |
133 | - http://spamassassin.apache.org/gtube/ |
134 | - |
135 | - If your test emails don't get through to you, immediately rename your |
136 | - .forward file until you figure out cause of the the problem, so you |
137 | - don't lose incoming email. |
138 | - |
139 | - Note: one possible cause for this is the use of smrsh on the MTA system; |
140 | - see http://wiki.spamassassin.org/w/ProcmailVsSmrsh for details. |
141 | - |
142 | -9. You can now customize SpamAssassin. See README for more information. |
143 | - |
144 | - |
145 | -Installing Rules |
146 | ----------------- |
147 | - |
148 | -Rules are normally installed by running a sa-update command. |
149 | -The version of sa-update program should match the version of SpamAssassin |
150 | -modules, so invoking sa-update should be performed only after installing |
151 | -or upgrading SpamAssassin code, not before. |
152 | - |
153 | -Installing rules from network is done with a single command: |
154 | - |
155 | - sa-update |
156 | - |
157 | -This is normally run as root. |
158 | - |
159 | -If you wish to install rules from downloaded files, rather than "live" from |
160 | -the latest online ruleset, here is how to do it. |
161 | - |
162 | -Obtain all the following files: |
163 | - |
164 | - Mail-SpamAssassin-rules-xxx.tgz |
165 | - Mail-SpamAssassin-rules-xxx.tgz.asc |
166 | - Mail-SpamAssassin-rules-xxx.tgz.md5 |
167 | - Mail-SpamAssassin-rules-xxx.tgz.sha1 |
168 | - (where xxx may look something like '3.3.0-rc1.r893295') |
169 | - |
170 | -Save them all to the current directory. |
171 | -Obtain a rules-signing public key: |
172 | - |
173 | - curl -O http://spamassassin.apache.org/updates/GPG.KEY |
174 | - |
175 | -Import the signing key to the SpamAssassin gpg keyring, so that the rules |
176 | -files can be verified safely: |
177 | - |
178 | - sa-update --import GPG.KEY |
179 | - |
180 | -Install rules from a compressed tar archive: |
181 | - |
182 | - sa-update --install Mail-SpamAssassin-rules-xxx.tgz |
183 | - |
184 | -Note that the ".tgz.asc", ".tgz.md5" and ".tgz.sha1" files all need to |
185 | -be in the same directory, otherwise sa-update will fail. |
186 | - |
187 | - |
188 | -If the intended rules destination directory differs from a default location |
189 | -as assumed by sa-update and SpamAssassin, such as when running a content |
190 | -filter within a Unix jail or on an unusual installation, please supply the |
191 | -rules destination directory to sa-update through its option --updatedir, |
192 | -such as: |
193 | - |
194 | - sa-update --updatedir /var/jail/var/db/spamassassin/3.003000 |
195 | - |
196 | - |
197 | -CPAN |
198 | ----- |
199 | - |
200 | -Most of the modules listed below are available via the Comprehensive Perl |
201 | -Archive Network (CPAN, see http://www.cpan.org/ for more information). |
202 | -While each module is different, most can be installed via a few simple |
203 | -commands such as: |
204 | - |
205 | - $ perl -MCPAN -e shell |
206 | - cpan> o conf prerequisites_policy ask |
207 | - cpan> install Module::Name |
208 | - cpan> quit |
209 | - |
210 | -If there are problems or questions regarding the installation any of the |
211 | -modules, please see the CPAN and relevant module's documentation for more |
212 | -information. We can't provide documentation or installation support for |
213 | -third party modules. |
214 | - |
215 | -Additional information about the CPAN module is also available via |
216 | -"perldoc CPAN". |
217 | - |
218 | -Most Linux distributions also offer the CPAN modules in their own native |
219 | -formats (RPMs, Debian packages, etc.), so you should be able to find these |
220 | -through those mechanisms, too, if you prefer. |
221 | - |
222 | - |
223 | -Required Perl Interpreter |
224 | -------------------------- |
225 | - |
226 | -Perl 5.8.1 or a later version is required. |
227 | -Preferred versions are 5.8.8, or 5.10.1 or later. |
228 | - |
229 | -Most of the functions might still work with Perl 5.6.1 or 5.6.2, |
230 | -but 5.6.* is no longer a supported version. |
231 | - |
232 | - |
233 | -Required Perl Modules |
234 | ---------------------- |
235 | - |
236 | -In addition to the modules associated with Perl, some additional modules |
237 | -need to be installed or upgraded depending on the version of Perl that you |
238 | -are running. |
239 | - |
240 | -You can get an immediate report on which of these modules you may need (or |
241 | -want) to upgrade, by running "perl build/check_dependencies" from the |
242 | -SpamAssassin build directory. |
243 | - |
244 | -The list of required modules that do not ship with Perl and must be |
245 | -installed: |
246 | - |
247 | - - Digest::SHA1 (from CPAN), |
248 | - or the newer Digest::SHA which is a perl base module since Perl 5.10.0 |
249 | - |
250 | - The Digest::SHA1 module is used as a cryptographic hash for some |
251 | - tests and the Bayes subsystem if Digest::SHA module is not available. |
252 | - |
253 | - An external perl module razor-agents-2.84 as used by a Razor2 plugin |
254 | - seems to be the only remaining component depending on Digest::SHA1 |
255 | - (note that a packager may ship a patched version of razor-agents which |
256 | - can use Digest::SHA instead) |
257 | - |
258 | - Debian: apt-get install libdigest-sha1-perl |
259 | - Gentoo: emerge dev-perl/Digest-SHA1 |
260 | - Fedora: yum install perl-Digest-SHA1 |
261 | - |
262 | - - HTML::Parser >= 3.43 (from CPAN) |
263 | - |
264 | - HTML is used for an ever-increasing amount of email so this dependency |
265 | - is unavoidable. Run "perldoc -q html" for additional information. |
266 | - |
267 | - Debian: apt-get install libhtml-parser-perl |
268 | - Gentoo: emerge dev-perl/HTML-Parser |
269 | - Fedora: yum install perl-HTML-Parser |
270 | - |
271 | - - Net::DNS (from CPAN) |
272 | - |
273 | - Used for all DNS-based tests (SBL, XBL, SpamCop, DSBL, etc.), |
274 | - perform MX checks, used when manually reporting spam to SpamCop, |
275 | - and used by sa-update to gather version information. |
276 | - |
277 | - You need to make sure the Net::DNS version is sufficiently up-to-date: |
278 | - |
279 | - - version 0.34 or higher on Unix systems |
280 | - - version 0.46 or higher on Windows systems |
281 | - |
282 | - Debian/Ubuntu: apt-get install libnet-dns-perl |
283 | - Fedora: yum install perl-Net-DNS |
284 | - |
285 | - - NetAddr::IP (from CPAN) |
286 | - |
287 | - Used to parse IP addresses and IP address ranges for |
288 | - "trusted_networks". |
289 | - |
290 | - Debian/Ubuntu: apt-get install libnetaddr-ip-perl |
291 | - Fedora: yum install perl-NetAddr-IP |
292 | - |
293 | - - Time::HiRes (from CPAN) |
294 | - |
295 | - Used by asynchronous DNS lookups to operate timeouts with subsecond |
296 | - precision and to report processing times accurately. |
297 | - |
298 | - - LWP (aka libwww-perl) (from CPAN) |
299 | - |
300 | - This set of modules will include both the LWP::UserAgent and |
301 | - HTTP::Date modules, used by sa-update to retrieve update archives. |
302 | - |
303 | - Fedora: yum install perl-libwww-perl |
304 | - |
305 | - - HTTP::Date (from CPAN) |
306 | - |
307 | - Used by sa-update to deal with certain Date requests. |
308 | - |
309 | - - IO::Zlib (from CPAN) |
310 | - |
311 | - Used by sa-update to uncompress update archives. |
312 | - Version 1.04 or later is required. |
313 | - |
314 | - Fedora: yum install perl-IO-Zlib |
315 | - |
316 | - - Archive::Tar (from CPAN) |
317 | - |
318 | - Used by sa-update to expand update archives. |
319 | - Version 1.23 or later is required. |
320 | - |
321 | - Fedora: yum install perl-Archive-Tar |
322 | - |
323 | - |
324 | -Optional Modules |
325 | ----------------- |
326 | - |
327 | -In addition, the following modules will be used for some checks, if |
328 | -available and the version is high enough. If they are not available or if |
329 | -their version is too low, SpamAssassin will still work, just not as |
330 | -effectively because some of the spam-detection tests will have to be |
331 | -skipped. |
332 | - |
333 | -Note: SpamAssassin will not warn you if these are installed, but the |
334 | -version is too low for them to be used. |
335 | - |
336 | - - MIME::Base64 |
337 | - |
338 | - This module is highly recommended to increase the speed with which |
339 | - Base64 encoded messages/mail parts are decoded. |
340 | - |
341 | - |
342 | - - DB_File (from CPAN, included in many distributions) |
343 | - |
344 | - Used to store data on-disk, for the Bayes-style logic and |
345 | - auto-whitelist. *Much* more efficient than the other standard Perl |
346 | - database packages. Strongly recommended. |
347 | - |
348 | - There seems to be a bug in libdb 4.1.25, which is |
349 | - distributed by default on some versions of Linux. See |
350 | - http://wiki.apache.org/spamassassin/DbFileSleepBug for details. |
351 | - |
352 | - |
353 | - - Net::SMTP (from CPAN) |
354 | - |
355 | - Used when manually reporting spam to SpamCop. |
356 | - |
357 | - |
358 | - - Mail::SPF (from CPAN) |
359 | - |
360 | - Used to check DNS Sender Policy Framework (SPF) records to fight email |
361 | - address forgery and make it easier to identify spams. This module |
362 | - makes Mail::SPF::Query obsolete. |
363 | - |
364 | - Net::DNS version 0.58 or higher is required. |
365 | - |
366 | - Note that NetAddr::IP (required by Mail::SPF) versions up to and |
367 | - including version 4.006 include a bug that will slow down the entire |
368 | - perl interpreter. NetAddr::IP version 4.007 or later fixes this. |
369 | - |
370 | - |
371 | - - IP::Country::Fast (from CPAN) |
372 | - |
373 | - Used by the RelayCountry plugin (not enabled by default) to determine |
374 | - the domain country codes of each relay in the path of an email. |
375 | - |
376 | - |
377 | - - Net::Ident (from CPAN) |
378 | - |
379 | - If you plan to use the --auth-ident option to spamd, you will need |
380 | - to install this module. |
381 | - |
382 | - |
383 | - - IO::Socket::INET6 (from CPAN) |
384 | - |
385 | - This is required if the first nameserver listed in your IP |
386 | - configuration or /etc/resolv.conf file is available only via an IPv6 |
387 | - address. |
388 | - |
389 | - Fedora: yum install perl-IO-Socket-INET6 |
390 | - |
391 | - |
392 | - - IO::Socket::SSL (from CPAN) |
393 | - |
394 | - If you wish to use SSL encryption to communicate between spamc and |
395 | - spamd (the --ssl option to spamd), you need to install this |
396 | - module. (You will need the OpenSSL libraries and use the |
397 | - ENABLE_SSL="yes" argument to Makefile.PL to build and run an SSL |
398 | - compatibile spamc.) |
399 | - |
400 | - Fedora: yum install perl-IO-Socket-SSL |
401 | - |
402 | - |
403 | - - Compress::Zlib (from CPAN) |
404 | - |
405 | - If you wish to use the optional zlib compression for communication |
406 | - between spamc and spamd (the -z option to spamc), useful for |
407 | - long-distance use of spamc over the internet, you need to install |
408 | - this module. |
409 | - |
410 | - Fedora: yum install perl-Compress-Zlib |
411 | - |
412 | - |
413 | - - Mail::DKIM (from CPAN) |
414 | - |
415 | - If this module is installed, and you enable the DKIM plugin, |
416 | - SpamAssassin will perform DKIM lookups when a DKIM-Signature header is |
417 | - present in the message headers. Current versions of Mail::DKIM (0.20 |
418 | - or later) also perform Domain Key lookups on DomainKey-Signature headers, |
419 | - without requiring the Mail::DomainKeys module, which is now obsolete. |
420 | - Version 0.37 or later is preferred, the absolute minimal version is 0.31. |
421 | - |
422 | - Note that the Mail::DKIM module in turn requires the Digest::SHA module |
423 | - and OpenSSL libraries. |
424 | - |
425 | - |
426 | - - DBI *and* DBD driver/modules for your database (from CPAN) |
427 | - |
428 | - If you intend to use SpamAssassin with an SQL database backend for |
429 | - user configuration data, Bayes storage, or other storage, you will need |
430 | - to have these installed; both the basic DBI module and the driver for |
431 | - your database. |
432 | - |
433 | - |
434 | - - Encode::Detect (from CPAN) |
435 | - |
436 | - If you plan to use the normalize_charset config setting to detect |
437 | - charsets and convert them into Unicode, you will need to install |
438 | - this module. |
439 | - |
440 | - |
441 | - - Apache::Test (from CPAN) |
442 | - |
443 | - If you plan to run the Apache2 version of spamd in the |
444 | - "spamd-apache2" directory, you will need to install this |
445 | - module. |
446 | - |
447 | - |
448 | - - Apache 2 and mod_perl |
449 | - |
450 | - If you plan to run the Apache2 version of spamd in the "spamd-apache2" |
451 | - directory, you will need to ensure these are installed. |
452 | - |
453 | - Ubuntu: sudo apt-get install apache2 libapache2-mod-perl2 |
454 | - |
455 | - |
456 | - - Razor2 |
457 | - |
458 | - If you plan to use Vipul's Razor, note that versions up to and |
459 | - including version 2.82 include a bug that will slow down the entire |
460 | - perl interpreter. Version 2.83 or later fixes this. |
461 | - |
462 | - If you do not plan to use this plugin, be sure to comment out |
463 | - its loadplugin line in "/etc/mail/spamassassin/v310.pre". |
464 | - |
465 | - |
466 | -What Next? |
467 | ----------- |
468 | - |
469 | -Take a look at the USAGE document for more information on how to use |
470 | -SpamAssassin. |
471 | - |
472 | -The SpamAssassin Wiki <http://wiki.spamassassin.org/> contains |
473 | -information on custom plugins, extensions, and other optional modules |
474 | -included with SpamAssassin. |
475 | - |
476 | - |
477 | -(end of INSTALL) |
478 | - |
479 | -// vim:tw=74: |
480 | |
481 | === removed file '.pc/10_change_config_paths/README' |
482 | --- .pc/10_change_config_paths/README 2010-03-01 00:57:24 +0000 |
483 | +++ .pc/10_change_config_paths/README 1970-01-01 00:00:00 +0000 |
484 | @@ -1,354 +0,0 @@ |
485 | -Welcome to SpamAssassin! |
486 | ------------------------- |
487 | - |
488 | -What SpamAssassin Is |
489 | --------------------- |
490 | - |
491 | -SpamAssassin is a mail filter which attempts to identify spam using |
492 | -a variety of mechanisms including text analysis, Bayesian filtering, |
493 | -DNS blocklists, and collaborative filtering databases. |
494 | - |
495 | -SpamAssassin is a project of the Apache Software Foundation (ASF). |
496 | - |
497 | - |
498 | -What SpamAssassin Is Not |
499 | ------------------------- |
500 | - |
501 | -SpamAssassin is not a program to delete spam, route spam and ham to |
502 | -separate mailboxes or folders, or send bounces when you receive spam. |
503 | -Those are mail routing functions, and SpamAssassin is not a mail |
504 | -router. SpamAssassin is a mail filter or classifier. It will examine |
505 | -each message presented to it, and assign a score indicating the |
506 | -likelihood that the mail is spam. An external program must then |
507 | -examine this score and do any routing the user wants done. There are |
508 | -many programs that will easily perform these functions after examining |
509 | -the score assigned by SpamAssassin. |
510 | - |
511 | - |
512 | -How SpamAssassin Works |
513 | ----------------------- |
514 | - |
515 | -SpamAssassin uses a wide range of heuristic tests on mail headers and |
516 | -body text to identify "spam", also known as unsolicited commercial |
517 | -email. |
518 | - |
519 | -Once identified, the mail can then be optionally tagged as spam for |
520 | -later filtering using the user's own mail user-agent application. |
521 | - |
522 | -SpamAssassin typically differentiates successfully between spam and |
523 | -non-spam in between 95% and 100% of cases, depending on what kind of mail |
524 | -you get and your training of its Bayesian filter. Specifically, |
525 | -SpamAssassin has been shown to produce around 1.5% false negatives (spam |
526 | -that was missed) and around 0.06% false positives (ham incorrectly marked |
527 | -as spam). See the rules/STATISTICS*.txt files for more information. |
528 | - |
529 | -SpamAssassin also includes plugins to support reporting spam messages |
530 | -automatically or manually to collaborative filtering databases such as |
531 | -Pyzor, DCC, and Vipul's Razor. |
532 | - |
533 | -The distribution provides "spamassassin", a command line tool to |
534 | -perform filtering, along with the "Mail::SpamAssassin" module set |
535 | -which allows SpamAssassin to be used in spam-protection proxy SMTP or |
536 | -POP/IMAP server, or a variety of different spam-blocking scenarios. |
537 | - |
538 | -In addition, "spamd", a daemonized version of SpamAssassin which |
539 | -runs persistently, is available. Using its counterpart, "spamc", |
540 | -a lightweight client written in C, an MTA can process large volumes of |
541 | -mail through SpamAssassin without having to fork/exec a perl interpreter |
542 | -for each message. |
543 | - |
544 | - |
545 | -Questions? Need Help? |
546 | ---------------------- |
547 | - |
548 | -If you have questions about SpamAssassin, please check the Wiki[1] to |
549 | -see if someone has already posted an answer to your question. (The |
550 | -Wiki doubles as a FAQ.) Failing that, post a message to the |
551 | -spamassassin-users mailing list[2]. If you've found a bug (and you're |
552 | -sure it's a bug after checking the Wiki), please file a report in our |
553 | -Bugzilla[3]. |
554 | - |
555 | - [1]: http://wiki.apache.org/spamassassin/ |
556 | - [2]: http://wiki.apache.org/spamassassin/MailingLists |
557 | - [3]: http://issues.apache.org/SpamAssassin/ |
558 | - |
559 | -Please also be sure to read the man pages. |
560 | - |
561 | - |
562 | -Upgrading SpamAssassin |
563 | ----------------------- |
564 | - |
565 | -IMPORTANT: If you are upgrading from a previous major version of |
566 | -SpamAssassin, please be sure to read the notes in UPGRADE to find out |
567 | -what has changed in a non-backwards compatible way. |
568 | - |
569 | - |
570 | -Installing SpamAssassin |
571 | ------------------------ |
572 | - |
573 | -See the INSTALL file. |
574 | - |
575 | - |
576 | -Customising SpamAssassin |
577 | ------------------------- |
578 | - |
579 | -These are the configuration files installed by SpamAssassin. The commands |
580 | -that can be used therein are listed in the POD documentation for the |
581 | -Mail::SpamAssassin::Conf class (run the following command to read it: |
582 | -"perldoc Mail::SpamAssassin::Conf"). Note: The following directories are |
583 | -the standard defaults that people use. There is an explanation of all the |
584 | -default locations that SpamAssassin will look at the end. |
585 | - |
586 | - - /usr/share/spamassassin/*.cf: |
587 | - |
588 | - Distributed configuration files, with all defaults. Do not modify |
589 | - these, as they are overwritten when you upgrade. |
590 | - |
591 | - - /var/lib/spamassassin/*/*.cf: |
592 | - |
593 | - Local state directory; updated rulesets, overriding the |
594 | - distributed configuration files, downloaded using "sa-update". Do |
595 | - not modify these, as they are overwritten when you run |
596 | - "sa-update". |
597 | - |
598 | - - /etc/mail/spamassassin/*.cf: |
599 | - |
600 | - Site config files, for system admins to create, modify, and |
601 | - add local rules and scores to. Modifications here will be |
602 | - appended to the config loaded from the above directory. |
603 | - |
604 | - - /etc/mail/spamassassin/*.pre: |
605 | - |
606 | - Plugin control files, installed from the distribution. These are |
607 | - used to control what plugins are loaded. Modifications here will |
608 | - be loaded before any configuration loaded from the above |
609 | - directories. |
610 | - |
611 | - You want to modify these files if you want to load additional |
612 | - plugins, or inhibit loading a plugin that is enabled by default. |
613 | - If the files exist in /etc/mail/spamassassin, they will not |
614 | - be overwritten during future installs. |
615 | - |
616 | - - /usr/share/spamassassin/user_prefs.template: |
617 | - |
618 | - Distributed default user preferences. Do not modify this, as it is |
619 | - overwritten when you upgrade. |
620 | - |
621 | - - /etc/mail/spamassassin/user_prefs.template: |
622 | - |
623 | - Default user preferences, for system admins to create, modify, and |
624 | - set defaults for users' preferences files. Takes precedence over |
625 | - the above prefs file, if it exists. |
626 | - |
627 | - Do not put system-wide settings in here; put them in a file in the |
628 | - "/etc/mail/spamassassin" directory ending in ".cf". This file is |
629 | - just a template, which will be copied to a user's home directory |
630 | - for them to change. |
631 | - |
632 | - - $USER_HOME/.spamassassin: |
633 | - |
634 | - User state directory. Used to hold spamassassin state, such |
635 | - as a per-user automatic whitelist, and the user's preferences |
636 | - file. |
637 | - |
638 | - - $USER_HOME/.spamassassin/user_prefs: |
639 | - |
640 | - User preferences file. If it does not exist, one of the |
641 | - default prefs file from above will be copied here for the |
642 | - user to edit later, if they wish. |
643 | - |
644 | - Unless you're using spamd, there is no difference in |
645 | - interpretation between the rules file and the preferences file, so |
646 | - users can add new rules for their own use in the |
647 | - "~/.spamassassin/user_prefs" file, if they like. (spamd disables |
648 | - this for security and increased speed.) |
649 | - |
650 | - - $USER_HOME/.spamassassin/bayes* |
651 | - |
652 | - Statistics databases used for Bayesian filtering. If they do |
653 | - not exist, they will be created by SpamAssassin. |
654 | - |
655 | - Spamd users may wish to create a shared set of bayes databases; |
656 | - the "bayes_path" and "bayes_file_mode" configuration settings |
657 | - can be used to do this. |
658 | - |
659 | - See "perldoc sa-learn" for more documentation on how |
660 | - to train this. |
661 | - |
662 | -File Locations: |
663 | - |
664 | -SpamAssassin will look in a number of areas to find the default |
665 | -configuration files that are used. The "__*__" text are variables |
666 | -whose value you can see by looking at the first several lines of the |
667 | -"spamassassin" or "spamd" scripts. |
668 | - |
669 | -They are set on install time and can be overridden with the Makefile.PL |
670 | -command line options DATADIR (for __def_rules_dir__) and CONFDIR (for |
671 | -__local_rules_dir__). If none of these options were given, FHS-compliant |
672 | -locations based on the PREFIX (which becomes __prefix__) are chosen. |
673 | -These are: |
674 | - |
675 | - __prefix__ __def_rules_dir__ __local_rules_dir__ |
676 | - ------------------------------------------------------------------------- |
677 | - /usr /usr/share/spamassassin /etc/mail/spamassassin |
678 | - /usr/local /usr/local/share/spamassassin /etc/mail/spamassassin |
679 | - /opt/$DIR /opt/$DIR/share/spamassassin /etc/opt/mail/spamassassin |
680 | - $DIR $DIR/share/spamassassin $DIR/etc/mail/spamassassin |
681 | - |
682 | -The files themselves are then looked for in these paths: |
683 | - |
684 | - - Distributed Configuration Files |
685 | - '__def_rules_dir__' |
686 | - '__prefix__/share/spamassassin' |
687 | - '/usr/local/share/spamassassin' |
688 | - '/usr/share/spamassassin' |
689 | - |
690 | - - Site Configuration Files |
691 | - '__local_rules_dir__' |
692 | - '__prefix__/etc/mail/spamassassin' |
693 | - '__prefix__/etc/spamassassin' |
694 | - '/usr/local/etc/spamassassin' |
695 | - '/usr/pkg/etc/spamassassin' |
696 | - '/usr/etc/spamassassin' |
697 | - '/etc/mail/spamassassin' |
698 | - '/etc/spamassassin' |
699 | - |
700 | - - Default User Preferences File |
701 | - '__local_rules_dir__/user_prefs.template' |
702 | - '__prefix__/etc/mail/spamassassin/user_prefs.template' |
703 | - '__prefix__/share/spamassassin/user_prefs.template' |
704 | - '/etc/spamassassin/user_prefs.template' |
705 | - '/etc/mail/spamassassin/user_prefs.template' |
706 | - '/usr/local/share/spamassassin/user_prefs.template' |
707 | - '/usr/share/spamassassin/user_prefs.template' |
708 | - |
709 | - |
710 | -In addition, the "Distributed Configuration Files" location is overridden |
711 | -by a "Local State Directory", used to store an updated copy of the |
712 | -ruleset: |
713 | - |
714 | - __prefix__ __local_state_dir__ |
715 | - ------------------------------------------------------------------------- |
716 | - /usr /var/lib/spamassassin/__version__ |
717 | - /usr/local /var/lib/spamassassin/__version__ |
718 | - /opt/$DIR /var/opt/spamassassin/__version__ |
719 | - $DIR $DIR/var/spamassassin/__version__ |
720 | - |
721 | -This is normally written to by the "sa-update" script. "__version__" is |
722 | -replaced by a representation of the version number, so that multiple |
723 | -versions of SpamAssassin will not interfere with each other's rulesets. |
724 | - |
725 | - |
726 | -After installation, try "perldoc Mail::SpamAssassin::Conf" to see what |
727 | -can be set. Common first-time tweaks include: |
728 | - |
729 | - - required_score |
730 | - |
731 | - Set this higher to make SpamAssassin less sensitive. |
732 | - If you are installing SpamAssassin system-wide, this is |
733 | - **strongly** recommended! |
734 | - |
735 | - Statistics on how many false positives to expect at various |
736 | - different thresholds are available in the "STATISTICS.txt" file in |
737 | - the "rules" directory. |
738 | - |
739 | - - rewrite_header, add_header |
740 | - |
741 | - These options affect the way messages are tagged as spam or |
742 | - non-spam. This makes it easy to identify incoming mail. |
743 | - |
744 | - - ok_locales |
745 | - |
746 | - If you expect to receive mail in non-ISO-8859 character sets (ie. |
747 | - Chinese, Cyrillic, Japanese, Korean, or Thai) then set this. |
748 | - |
749 | - |
750 | -Learning |
751 | --------- |
752 | - |
753 | -SpamAssassin includes a Bayesian learning filter, so it is worthwhile |
754 | -training SpamAssassin with your collection of non-spam and spam, |
755 | -if possible. This will make it more accurate for your incoming mail. |
756 | -Do this using the "sa-learn" tools, like so: |
757 | - |
758 | - sa-learn --spam ~/Mail/saved-spam-folder |
759 | - sa-learn --ham ~/Mail/inbox |
760 | - sa-learn --ham ~/Mail/other-nonspam-folder |
761 | - |
762 | - |
763 | -If these are mail folders in mbox format, use the --mbox switch, for |
764 | -Maildirs use a trailing slash, like Maildir/cur/. |
765 | - |
766 | -Use as many mailboxes as you like. Note that SpamAssassin will remember |
767 | -what mails it has learnt from, so you can re-run this as often as you like. |
768 | - |
769 | - |
770 | -Locali[sz]ation |
771 | ---------------- |
772 | - |
773 | -All text displayed to users is taken from the configuration files. This |
774 | -means that you can translate messages, test descriptions, and templates |
775 | -into other languages. |
776 | - |
777 | -If you do so, we would *really* appreciate it if you could contribute |
778 | -these translations, so that they can be added to the |
779 | -distribution. Please file a bug in our Bugzilla[4], and attach your |
780 | -translations. You will, of course, be credited for this work! |
781 | - |
782 | - [4]: http://issues.apache.org/SpamAssassin/ |
783 | - |
784 | - |
785 | -Disabled code |
786 | -------------- |
787 | - |
788 | -There are some tests and code in SpamAssassin that are turned off by |
789 | -default: experimental code, slow code, or code that depends on |
790 | -non-open-source software or services that are not always free. These |
791 | -disabled tests include: |
792 | - |
793 | - - DCC: depends on non-open-source software (disabled in init.pre) |
794 | - - MAPS: commercial service (disabled in 50_scores.cf) |
795 | - - TextCat: slow (disabled in init.pre) |
796 | - - various optional plugins, disabled for speed (disabled in *.pre) |
797 | - |
798 | -To turn on tests disabled in 50_scores.cf, simply assign them a non-zero |
799 | -score, e.g. by adding score lines to your ~/.spamassassin/user_prefs file. |
800 | - |
801 | -To turn on tests disabled by commenting out the required plugin in |
802 | -init.pre, you need to uncomment the loadplugin line and make sure the |
803 | -prerequisites for proper operation of the plugin are present. |
804 | - |
805 | - |
806 | -Automatic Whitelist System |
807 | --------------------------- |
808 | - |
809 | -SpamAssassin includes automatic whitelisting; The current iteration is |
810 | -considerably more complex than the original version. The way it works is |
811 | -by tracking for each sender address the average score of messages so far |
812 | -seen from there. Then, it combines this long-term average score for the |
813 | -sender with the score for the particular message being evaluated, after |
814 | -all other rules have been applied. |
815 | - |
816 | -This functionality is on by default, and is enabled or disabled with the |
817 | -"use_auto_whitelist" option. |
818 | - |
819 | -A system-wide auto-whitelist can be used, by setting the |
820 | -auto_whitelist_path and auto_whitelist_file_mode configuration commands |
821 | -appropriately, e.g. |
822 | - |
823 | - auto_whitelist_path /var/spool/spamassassin/auto-whitelist |
824 | - auto_whitelist_file_mode 0666 |
825 | - |
826 | -The spamassassin -W and -R command line flags provide an API to add and |
827 | -remove entries 'manually', if you so desire. They operate based on an |
828 | -input mail message, to allow them to be set up as aliases which users can |
829 | -simply forward their mails to. See the spamassassin manual page for more |
830 | -details. |
831 | - |
832 | -The default address-list implementation, |
833 | -Mail::SpamAssassin::DBBasedAddrList, uses Berkeley DB files to store |
834 | -the addresses. |
835 | - |
836 | -(end of README) |
837 | - |
838 | -// vim:tw=74: |
839 | |
840 | === removed file '.pc/10_change_config_paths/UPGRADE' |
841 | --- .pc/10_change_config_paths/UPGRADE 2010-03-01 00:57:24 +0000 |
842 | +++ .pc/10_change_config_paths/UPGRADE 1970-01-01 00:00:00 +0000 |
843 | @@ -1,309 +0,0 @@ |
844 | -Note for Users Upgrading to SpamAssassin 3.3.0 |
845 | ------------------------------------------------ |
846 | - |
847 | -- Rules are no longer included with SpamAssassin "out of the box". You will |
848 | - need to immediately run "sa-update", or download the additional rules .tgz |
849 | - package and run "sa-update --install" with it, to get a ruleset. |
850 | - |
851 | -- The BETA label has been taken off of the SpamAssassin SQL support. Please |
852 | - be aware that occasional changes may still be made to this area of the |
853 | - code. You should be sure to read this upgrade document each time you |
854 | - install a new version to determine if any SQL updates need to be made to |
855 | - your local installation. |
856 | - |
857 | -- The DKIM plugin is now enabled by default for new installs, if the perl |
858 | - module Mail::DKIM is installed. However, installation of SpamAssassin |
859 | - will not overwrite existing .pre configuration files, so to use DKIM when |
860 | - upgrading from a previous release that did not use DKIM, a directive: |
861 | - |
862 | - loadplugin Mail::SpamAssassin::Plugin::DKIM |
863 | - |
864 | - will need to be uncommented in file "v312.pre", or added to some |
865 | - other .pre file, such as local.pre. |
866 | - |
867 | - |
868 | -Note for Users Upgrading to SpamAssassin 3.2.0 |
869 | ------------------------------------------------ |
870 | - |
871 | -- The "127/8" network, including 127.0.0.1, is now always implicitly part of |
872 | - "trusted_networks" and "internal_networks". It's impossible to remove these |
873 | - from the trusted/internal sets, since if you cannot trust the host where |
874 | - SpamAssassin is running, you cannot trust SpamAssassin itself. If you |
875 | - previously had "trusted_networks" and "internal_networks" lines listing those |
876 | - hosts, you should now remove them, otherwise a minor (non-lint-error) warning |
877 | - will be output. |
878 | - |
879 | -- For ISPs -- version 3.2.0 now includes a new way to specify Mail Submission |
880 | - Agents, relay hosts which accept mail from your own users and authenticates |
881 | - them appropriately. See the Mail::SpamAssassin::Conf manual page for the |
882 | - "msa_networks" setting. |
883 | - |
884 | - |
885 | -Note for Users Upgrading to SpamAssassin 3.1.0 |
886 | ------------------------------------------------ |
887 | - |
888 | -- A significant amount of core functionality has been moved into |
889 | - plugins. These include, AWL (auto-whitelist), DCC, Pyzor, Razor2, |
890 | - SpamCop reporting and TextCat. For information on configuring these |
891 | - plugins please refer to their individual documentation: |
892 | - perldoc Mail::SpamAssassin::Plugin::* (ie AWL, DCC, etc) |
893 | - |
894 | -- There are now multiple files read to enable plugins in the |
895 | - /etc/mail/spamassassin directory; previously only one, "init.pre" was |
896 | - read. Now both "init.pre", "v310.pre", and any other files ending |
897 | - in ".pre" will be read. As future releases are made, new plugins |
898 | - will be added to new files named according to the release they're |
899 | - added in. |
900 | - |
901 | -- Due to license restrictions the DCC and Razor2 plugins are disabled |
902 | - by default. We encourage you to read the appropriate license |
903 | - yourself and decide if you are able to re-enable the plugins for |
904 | - your site. |
905 | - |
906 | -- The use_auto_whitelist config option has been moved to a user config |
907 | - option, this allows individual users to turn on or off whitelisting |
908 | - regardless of what is set in the system config. If you would like to |
909 | - disable AWL (auto-whitelist) on a site-wide basis, then you can comment |
910 | - out the plugin in "v310.pre". |
911 | - |
912 | -- The bayes_auto_learn_threshold_* config options for bayes have moved |
913 | - to a plugin. In general the default should work just fine however |
914 | - if you are interested in changing these values you should see: |
915 | - perldoc Mail::SpamAssassin::Plugin::AutoLearnThreshold |
916 | - |
917 | -- The AWL support for NDBM_File databases has been dropped, due to a |
918 | - bug in that package which renders it useless (bug 4353). It appears |
919 | - that SDBM_File, the package which will be used instead, is fully |
920 | - compatible with NDBM however, so this should be unnoticeable. |
921 | - |
922 | -- The prefork algorithm for spamd has been changed. In this version spamd |
923 | - will attempt to keep a small number of "hot" child processes as busy as |
924 | - possible, and keep any others as idle as possible, using something |
925 | - similar to the Apache httpd server scaling algorithm. This reduces |
926 | - memory usage and swapping. You can use the --round-robin switch for |
927 | - spamd to disable this scaling algorithm, and the behaviour seen in the |
928 | - 3.0.x versions will be used instead, where all processes receive an |
929 | - equal load and no scaling takes place. |
930 | - |
931 | -- As of 3.1.0, in addition to the generic BayesSQL support (via |
932 | - Mail::SpamAssassin::BayesStore::SQL) usable by multiple database |
933 | - drivers there is now specific support for MySQL 4.1+ and |
934 | - PostgreSQL. This support is based on non-standard features present |
935 | - in both database servers that allow for various performance boosts. |
936 | - |
937 | - If you were using the previous BayesSQL support with MySQL, and |
938 | - already have MySQL 4.1+ installed you can begin using the new module |
939 | - immediately by replacing the bayes_store_module line in your |
940 | - configuration with: Mail::SpamAssassin::BayesStore::MySQL |
941 | - |
942 | - We do however recommend that you switch your MySQL tables over to |
943 | - InnoDB for better data integrity and multi user support. You can |
944 | - most often do this via a simple ALTER TABLE command, refer to the |
945 | - MySQL documentation for more information. |
946 | - |
947 | - If you were previously using PostgreSQL for your bayes database then |
948 | - we STRONGLY recommend switching to the PostgreSQL specific backend: |
949 | - Mail::SpamAssassin::BayesStore::PgSQL |
950 | - To switch to this backend you should first run sa-learn --backup to |
951 | - make a backup of your existing data and then drop and recreate the |
952 | - database following the instructions in sql/README.bayes. Then you |
953 | - can restore the database with sa-learn --restore. If you have |
954 | - multiple users then you will have to run --backup and --restore for |
955 | - each user to fully restore the database. |
956 | - |
957 | -- See http://wiki.apache.org/spamassassin/UpgradeTo310 for a |
958 | - supplementary list of upgrade notes. It will be updated with any |
959 | - upgrade notes not captured in this document. |
960 | - |
961 | -- Finally, this document is likely not complete. Other configuration |
962 | - options/arguments may have changed from older versions, etc. It would |
963 | - be good to double-check any custom configuration options to make sure |
964 | - they're still valid. This could be as simple as running "spamassassin |
965 | - --lint", or more complex, as required by the environment. |
966 | - |
967 | - |
968 | -Note for Users Upgrading to SpamAssassin 3.0.x |
969 | ----------------------------------------------- |
970 | - |
971 | -- The SpamAssassin 2.6x release series was the last set of releases to |
972 | - officially support perl versions earlier than perl 5.6.1. If you are |
973 | - using an earlier version of perl, you will need to upgrade before you |
974 | - can use the 3.0.0 version of SpamAssassin. You will also want to make |
975 | - sure that you have the appropriate versions of required and optional |
976 | - modules as they may have changed from old versions. The INSTALL |
977 | - document has the modules and version requirements listed. |
978 | - |
979 | -- See http://wiki.apache.org/spamassassin/UpgradeTo300 for a |
980 | - supplementary list of upgrade notes. It will be updated with any |
981 | - upgrade notes not captured in this document. |
982 | - |
983 | -- SpamAssassin 3.0.0 has a significantly different API (Application Program |
984 | - Interface) from the 2.x series of code. This means that if you use |
985 | - SpamAssassin through a third-party utility (milter, etc,) you need to make |
986 | - sure you have an updated version which supports 3.0.0. See |
987 | - http://wiki.apache.org/spamassassin/UpgradeTo300 for information about |
988 | - third-party software. |
989 | - |
990 | -- The --auto-whitelist, --whitelist and -a options for "spamd" and |
991 | - "spamassassin" to turn on the auto-whitelist have been removed and |
992 | - replaced by the "use_auto_whitelist" configuration option which is |
993 | - also now turned on by default. |
994 | - |
995 | -- The --virtual-config switch for spamd had to be dropped, due to licensing |
996 | - issues. It is replaced by the --virtual-config-dir switch. |
997 | - |
998 | -- The "rewrite_subject" and "subject_tag" configuration options were |
999 | - deprecated and are now removed. Instead, using "rewrite_header Subject |
1000 | - [your desired setting]". e.g. |
1001 | - |
1002 | - rewrite_subject 1 |
1003 | - subject_tag ****SPAM(_SCORE_)**** |
1004 | - |
1005 | - becomes |
1006 | - |
1007 | - rewrite_header Subject ****SPAM(_SCORE_)**** |
1008 | - |
1009 | -- The "sa-learn --rebuild" command has been deprecated; please use |
1010 | - "sa-learn --sync" instead. The --rebuild option will remain temporarily |
1011 | - for backwards compatability. |
1012 | - |
1013 | -- The Bayesian storage modules have been completely re-written and now |
1014 | - include Berkeley DB (DBM) storage as well as SQL based storage (see |
1015 | - sql/README.bayes for more information). In addition, a new format |
1016 | - has been introduced for the bayes database that stores tokens in fixed |
1017 | - length hashes (Bayes v3). All DBM databases should be automatically |
1018 | - converted to this new format the first time they are opened for write. |
1019 | - You can manually perform the upgrade by running "sa-learn --sync" |
1020 | - from the command line. |
1021 | - |
1022 | - Due to the database format change, you will want to do something like |
1023 | - this when upgrading: |
1024 | - |
1025 | - - stop running spamassassin/spamd (ie: you don't want it to be running |
1026 | - during the upgrade) |
1027 | - - run "sa-learn --rebuild", this will sync your journal. if you skip |
1028 | - this step, any data from the journal will be lost when the DB is |
1029 | - upgraded. |
1030 | - - upgrade SA to 3.0.0 |
1031 | - - run "sa-learn --sync", which will cause the db format to be upgraded. |
1032 | - if you want to see what is going on, you can add the "-D" option. |
1033 | - - test the new database by running some sample mails through |
1034 | - SpamAssassin, and/or at least running "sa-learn --dump" to make sure |
1035 | - the data looks valid. |
1036 | - - start running spamassassin/spamd again |
1037 | - |
1038 | - If, instead of uprading your Bayes database, you want to wipe it and |
1039 | - start fresh, you can run "sa-learn --clear" to safely remove your |
1040 | - Bayes database files. If the --clear command issues an error then |
1041 | - you can simply delete the Bayes database files ("bayes_*") while SA |
1042 | - is not running; SpamAssassin will recreate them in the current |
1043 | - format when it runs. |
1044 | - |
1045 | -- "spamd" now has a default max-children setting of 5; no more than 5 |
1046 | - child scanner processes will be run in parallel. Previously, there was |
1047 | - no default limit unless you specified the "-m" switch when starting |
1048 | - spamd. |
1049 | - |
1050 | -- If you are using a UNIX machine with all database files on local disks, |
1051 | - and no sharing of those databases across NFS filesystems, you can use a |
1052 | - more efficient, but non-NFS-safe, locking mechanism. Do this by adding |
1053 | - the line "lock_method flock" to the /etc/mail/spamassassin/local.cf |
1054 | - file. This is strongly recommended if you're not using NFS, as it is |
1055 | - much faster than the NFS-safe locker. |
1056 | - |
1057 | -- Please note that the use of the following commandline parameters for |
1058 | - spamassassin and spamd have been deprecated and may be removed in |
1059 | - upcoming versions of SpamAssassin. Please discontinue usage of these |
1060 | - options: |
1061 | - |
1062 | - in the 2.6x series: --add-from, --pipe, -F, --stop-at-threshold, |
1063 | - -S, -P (spamassassin only) |
1064 | - in the 3.0.x series: --auto-whitelist, -a, --whitelist-factory, -M, |
1065 | - --warning-from, -w, --log-to-mbox, -l |
1066 | - |
1067 | -- user_scores_sql_table is no longer supported. If you need to use a table |
1068 | - name, other than the default, create a custom query using the |
1069 | - user_scores_sql_custom_query config option. |
1070 | - |
1071 | -- SpamAssassin runs in "taint mode" by default for improved security. |
1072 | - Certain third-party modules may be incompatible with taint mode. |
1073 | - |
1074 | -- 2.6x deprecated the use of the "check_bayes_db" script, and it |
1075 | - has been removed in 3.0.0. Please see the sa-learn man/pod |
1076 | - documentation for more info. |
1077 | - |
1078 | -- Finally, this document is likely not complete. Other configuration |
1079 | - options/arguments may have changed from older versions, etc. It would |
1080 | - be good to double-check any custom configuration options to make sure |
1081 | - they're still valid. This could be as simple as running "spamassassin |
1082 | - --lint", or more complex, as required by the environment. |
1083 | - |
1084 | - An example: "require_version <version>" hasn't changed itself, but the |
1085 | - internal version representation is now "x.yyyzzz" instead of "x.yz" |
1086 | - which could cause issues if "require_version 3.00" is expected to work |
1087 | - (it won't, it needs to be "require_version 3.000000"). |
1088 | - |
1089 | - |
1090 | -Note for Users Upgrading from SpamAssassin 2.5x |
1091 | ------------------------------------------------ |
1092 | - |
1093 | -- Due to major reliability shortcomings in the database support libraries |
1094 | - other than DB_File, we now require that the DB_File module be installed |
1095 | - to use SpamAssassin's Bayes rules. |
1096 | - |
1097 | - SpamAssassin will still work without DB_File installed, but the Bayes |
1098 | - support will be disabled. |
1099 | - |
1100 | - If you install DB_File and wish to import old Bayes database data, each |
1101 | - user with a Bayes db should run "sa-learn --import" to copy old entries |
1102 | - from the other formats into a new DB_File file. |
1103 | - |
1104 | - Due to the database library change, and the change to the database |
1105 | - format itself, you will want to do something like this when upgrading: |
1106 | - |
1107 | - - stop running spamassassin/spamd (ie: you don't want it to be running |
1108 | - during the upgrade) |
1109 | - - run "sa-learn --rebuild", this will sync your journal. if you skip |
1110 | - this step, any data from the journal will be lost when the DB is |
1111 | - upgraded. |
1112 | - - install DB_File module if necessary |
1113 | - - upgrade SA to 3.0.0 |
1114 | - - if you were using another database module previously, run "sa-learn |
1115 | - --import" to migrate the data into new DB_File files |
1116 | - - run "sa-learn --sync", which will cause the db format to be upgraded. |
1117 | - if you want to see what is going on, you can add the "-D" option. |
1118 | - - test the new database by running some sample mails through |
1119 | - SpamAssassin, and/or at least running "sa-learn --dump" to make sure |
1120 | - the data looks valid. |
1121 | - - start running spamassassin/spamd again |
1122 | - |
1123 | - Obviously the steps will be different depending on your environment, but |
1124 | - you get the idea. :) |
1125 | - |
1126 | - |
1127 | -Note For Users Upgrading From SpamAssassin 2.3x or 2.4x |
1128 | -------------------------------------------------------- |
1129 | - |
1130 | -- SpamAssassin no longer includes code to handle local mail delivery, as |
1131 | - it was not reliable enough, compared to procmail. So now, if you relied |
1132 | - on spamassassin to write the mail into your mail folder, you'll have to |
1133 | - change your setup to use procmail as detailed below. If you used |
1134 | - spamassassin to filter your mail and then something else wrote it into a |
1135 | - folder for you, then you should be fine. |
1136 | - |
1137 | -- Support for versions of the optional Mail::Audit module is no longer |
1138 | - included. |
1139 | - |
1140 | -- The default mode of tagging (which used to be ***SPAM*** in the subject |
1141 | - line) no longer takes place. Instead the message is rewritten. If an |
1142 | - incoming message is tagged as spam, instead of modifying the original |
1143 | - message, SpamAssassin will create a new report message and attach the |
1144 | - original message as a message/rfc822 MIME part (ensuring the original |
1145 | - message is completely preserved and easier to recover). If you do not |
1146 | - want to modify the body of incoming spam, use the "report_safe" option. |
1147 | - The "report_header" and "defang_mime" options have been removed as a |
1148 | - result. |
1149 | - |
1150 | -(end of UPGRADE) |
1151 | - |
1152 | -//vim:tw=74: |
1153 | |
1154 | === removed file '.pc/10_change_config_paths/USAGE' |
1155 | --- .pc/10_change_config_paths/USAGE 2010-03-01 00:57:24 +0000 |
1156 | +++ .pc/10_change_config_paths/USAGE 1970-01-01 00:00:00 +0000 |
1157 | @@ -1,248 +0,0 @@ |
1158 | - |
1159 | -Important Note For Users Upgrading From Earlier Versions |
1160 | --------------------------------------------------------- |
1161 | - |
1162 | -SpamAssassin no longer includes code to handle local mail delivery, as it |
1163 | -was not reliable enough, compared to procmail. So now, if you relied on |
1164 | -spamassassin to write the mail into your mail folder, you'll have to |
1165 | -change your setup to use procmail as detailed below. |
1166 | - |
1167 | -If you used spamassassin to filter your mail and then something else wrote |
1168 | -it into a folder for you, then you should be fine. |
1169 | - |
1170 | -Steps to take for every installation: |
1171 | - |
1172 | - - Install Mail::SpamAssassin on your mail server, as per the INSTALL |
1173 | - document. |
1174 | - |
1175 | - - Test it: |
1176 | - |
1177 | - spamassassin -t < sample-nonspam.txt > nonspam.out |
1178 | - spamassassin -t < sample-spam.txt > spam.out |
1179 | - |
1180 | - Verify (using a text viewer, ie. "less" or "notepad") that nonspam.out |
1181 | - has not been tagged as spam, and that spam.out has. The files should |
1182 | - contain the full text and headers of the messages, the "spam.out" |
1183 | - message should contain the header "X-Spam-Flag: YES" and be annotated |
1184 | - with a report from SpamAssassin, and there should be no errors when you |
1185 | - run the commands. |
1186 | - |
1187 | - Even though sample-nonspam.txt is not spam, nonspam.out will |
1188 | - contain a SpamAssassin report anyway. This is a side-effect of |
1189 | - the "-t" (test) switch. However, there should be less than 5 |
1190 | - points accumulated; when the "-t" switch is not in use, the report |
1191 | - text would not be added. For more verbose (debugging) output, add |
1192 | - the "-D" switch. |
1193 | - |
1194 | - If the commands do not work, DO NOT PROCEED TO THE NEXT STEP, as you |
1195 | - will lose mail! |
1196 | - |
1197 | - |
1198 | - |
1199 | -If you use KMail: |
1200 | - |
1201 | - - http://kmail.kde.org/tools.html mentions: |
1202 | - |
1203 | - The filter setup is the work of five minutes (if that!) if you have a |
1204 | - working spamassassin set up. |
1205 | - |
1206 | - The filter in question is "<any header><matches regexp> ." |
1207 | - |
1208 | - The action is "<pipe through> spamassassin" |
1209 | - |
1210 | - Then, in the advanced options, uncheck the "If this filter matches, |
1211 | - stop processing here" box. If you keep this filter at the top, it will |
1212 | - analyze any incoming mail, decide whether it's spam or not, and flag |
1213 | - it accordingly. |
1214 | - |
1215 | - [Then add] a second filter behind it, which searches for the added |
1216 | - spam-flags and diverts them into a specific spam folder. [...] |
1217 | - |
1218 | - |
1219 | - |
1220 | -If you use procmail, or haven't decided on any of the above examples: |
1221 | - |
1222 | - - Make a backup of your .procmailrc (if you already have one). |
1223 | - |
1224 | - cp ~/.procmailrc ~/.procmailrc.bak |
1225 | - |
1226 | - - add the line from procmailrc.example to ~/.procmailrc, at the top of |
1227 | - the file before any existing recipes. |
1228 | - |
1229 | - That'll process all mail through SA, and refile spam messages to |
1230 | - a folder called "caughtspam" in your home directory. |
1231 | - |
1232 | - - Send yourself a mail message, and ensure it gets to you. If it does |
1233 | - not, copy your old backed-up .procmailrc file back into place and ask |
1234 | - your sysadmin for help! Here's commands to do that: |
1235 | - |
1236 | - cp ~/.procmailrc.bak ~/.procmailrc |
1237 | - echo "Help!" | mail root |
1238 | - |
1239 | - |
1240 | - |
1241 | -If you want to use SpamAssassin site-wide: |
1242 | - |
1243 | - - take a look at the notes on the Wiki website, currently at |
1244 | - <http://wiki.apache.org/spamassassin/UsingSiteWide>. You will probably |
1245 | - want to use 'spamd' (see below). You may want to investigate the |
1246 | - new Apache mod_perl module, in the 'spamd-apache2' directory, too. |
1247 | - |
1248 | - - *PLEASE* let your users know you've installed it, and how to turn it |
1249 | - off! This is our #1 tech support query, and the users are usually |
1250 | - pretty frustrated once it reaches that stage. |
1251 | - |
1252 | - - *PLEASE* consider setting it up as "off by default" for most accounts, |
1253 | - and let users opt-in to using it. Quite a few folks prefer not to |
1254 | - have their mail filtered, presumably because they don't use their |
1255 | - email address publically and do not get much spam. |
1256 | - |
1257 | - - Note that procmail users adding spamc to /etc/procmailrc should |
1258 | - add the line 'DROPPRIVS=yes' at the top of the file. |
1259 | - |
1260 | - |
1261 | -The Auto-Whitelist |
1262 | ------------------- |
1263 | - |
1264 | -The auto-whitelist is enabled using the 'use_auto_whitelist' option. |
1265 | -(See http://wiki.apache.org/spamassassin/AutoWhitelist for details on |
1266 | -how it works, if you're curious.) |
1267 | - |
1268 | - |
1269 | -Other Installation Notes |
1270 | ------------------------- |
1271 | - |
1272 | - |
1273 | - - Hashcash is a useful system; it requires that senders exercise a |
1274 | - CPU-intensive task before they can send mail to you, so we give that |
1275 | - some bonus points. However, it requires that you list what addresses |
1276 | - you expect to receive mail for, by adding 'hashcash_accept' lines to |
1277 | - your ~/.spamassassin/user_prefs or /etc/mail/spamassassin/local.cf |
1278 | - files. See the Mail::SpamAssassin::Plugin::Hashcash manual page for |
1279 | - details on how to specify these. |
1280 | - |
1281 | - |
1282 | - - SpamAssassin now uses a temporary file in /tmp (or $TMPDIR, if that's |
1283 | - set in the environment) for Pyzor and DCC checks. Make sure that this |
1284 | - directory is either (a) not writable by other users, or (b) not shared |
1285 | - over NFS, for security. |
1286 | - |
1287 | - |
1288 | - - You can create your own system-wide rules files in |
1289 | - /etc/mail/spamassassin; their filenames should end in ".cf". Multiple |
1290 | - files will be read, and SpamAssassin will not overwrite these files |
1291 | - when installing a new version. |
1292 | - |
1293 | - |
1294 | - - You should not modify the files in /usr/share/spamassassin; these |
1295 | - will be overwritten when you upgrade. Any changes you make in |
1296 | - files in the /etc/mail/spamassassin directory, however, will |
1297 | - override these files. |
1298 | - |
1299 | - |
1300 | - - Rules can be turned off by setting their scores to 0 in a |
1301 | - configuration or user-preference file. |
1302 | - |
1303 | - |
1304 | - - Speakers of Chinese, Japanese, Korean or Arabic may find it useful to |
1305 | - turn off the rules listed at the end of the "user_prefs.template" |
1306 | - file; we've found out that these rules are still triggering on |
1307 | - non-spam CJK mails. |
1308 | - |
1309 | - |
1310 | - - If you have an unusual network configuration, you should probably |
1311 | - set 'trusted_networks'. This allows SpamAssassin to determine where |
1312 | - your internal network ends and the internet begins, and allows DNS |
1313 | - checks to be more accurate. If your mail host is NATed, you will |
1314 | - almost certainly need to set 'trusted_networks' to get correct |
1315 | - results. |
1316 | - |
1317 | - |
1318 | - - A very handy new feature is SPF support, which allows you to check |
1319 | - that the message sender is permitted by their domain to send from the |
1320 | - IP address used. This has the potential to greatly cut down on mail |
1321 | - forgery. (see http://spf.pobox.com/ for more details.) |
1322 | - |
1323 | - |
1324 | - - MDaemon users should add this line to their "local.cf" file: |
1325 | - |
1326 | - report_safe_copy_headers X-MDRcpt-To X-MDRemoteIP X-MDaemon-Deliver-To |
1327 | - |
1328 | - Otherwise, MDaemon's internal delivery will fail when SpamAssassin |
1329 | - rewrites a message as spam. |
1330 | - |
1331 | - |
1332 | - - The distribution includes 'spamd', a daemonized version of |
1333 | - SpamAssassin which runs persistently. Using its counterpart, |
1334 | - 'spamc', a lightweight client written in C, an MTA can process |
1335 | - large volumes of mail through SpamAssassin without having to |
1336 | - fork/exec a perl interpreter for each message. Take a look in the |
1337 | - 'spamd' and 'spamc' directories for more details. |
1338 | - |
1339 | - |
1340 | - - The distribution also includes 'spamd-apache2', a mod_perl module |
1341 | - allowing the Apache HTTP server to be used as a platform for a |
1342 | - daemonized SpamAssassin, in an upwardly-compatible fashion from |
1343 | - 'spamd'. If you don't require some of the spamd features it does not |
1344 | - implement (such as switching UIDs to read per-user configuration from |
1345 | - user home directories), this may be much faster than spamd. Take a |
1346 | - look at the 'spamd-apache2' directory for details. |
1347 | - |
1348 | - |
1349 | - - spamc can now be built as a shared library for use with milters or |
1350 | - to link into other existing programs; simply run "make libspamc.so" |
1351 | - to build this. |
1352 | - |
1353 | - |
1354 | - - If you get spammed, it is helpful to everyone else if you re-run |
1355 | - spamassassin with the "-r" option to report the message in question as |
1356 | - "verified spam". This will add it to Vipul's Razor, DCC and Pyzor, |
1357 | - assuming you've set these up appropriately. |
1358 | - |
1359 | - spamassassin -r < spam-message |
1360 | - |
1361 | - If you use mutt as your mail reader, this macro will bind the X key to |
1362 | - report a spam message. |
1363 | - |
1364 | - macro index X "| spamassassin -r" |
1365 | - |
1366 | - This is, of course, optional -- but you'll get lots of good-netizen |
1367 | - karma. ;) |
1368 | - |
1369 | - |
1370 | - - Quite often, if you've been on the internet for a while, you'll have |
1371 | - accumulated a few old email accounts that nowadays get nothing but |
1372 | - spam. You can set these up as spam traps using SpamAssassin; see the |
1373 | - ''SPAM TRAPPING'' section of the spamassassin manual page for details. |
1374 | - |
1375 | - If you don't want to go to the bother of setting up a system yourself |
1376 | - to do this, take a look here [1] for a simple forwarding-based |
1377 | - alternative. |
1378 | - |
1379 | - [1]: http://wiki.apache.org/spamassassin/SpamTrapping |
1380 | - |
1381 | - |
1382 | - - Scores and other user preferences can now be loaded from, and Bayes |
1383 | - and auto-whitelist data can be stored in, an SQL database; see the |
1384 | - 'sql' subdirectory for more details. |
1385 | - |
1386 | - If you are setting up a large 'spamd' system-wide installation, with |
1387 | - Bayes and/or auto-whitelists, we strongly recommend using SQL as |
1388 | - storage. It has proven more reliable than the default DB_File storage |
1389 | - backend at several large sites. |
1390 | - |
1391 | - |
1392 | - - If you are running SpamAssassin under a disk quota, or are setting up |
1393 | - 'spamd' with users with disk quotas, be warned that the DB_File |
1394 | - database module used by SpamAssassin for Bayes and AWL storage seems |
1395 | - to be unreliable in the face of quotas (bug 3796). In this situation, |
1396 | - we recommend using SQL storage for those databases, instead of DB_File. |
1397 | - |
1398 | - |
1399 | - - Lots more ways to integrate SpamAssassin can be read at |
1400 | - http://wiki.SpamAssassin.org/ . |
1401 | - |
1402 | - |
1403 | -(end of USAGE) |
1404 | - |
1405 | -// vim:tw=74: |
1406 | |
1407 | === removed directory '.pc/10_change_config_paths/ldap' |
1408 | === removed file '.pc/10_change_config_paths/ldap/README' |
1409 | --- .pc/10_change_config_paths/ldap/README 2010-03-01 00:57:24 +0000 |
1410 | +++ .pc/10_change_config_paths/ldap/README 1970-01-01 00:00:00 +0000 |
1411 | @@ -1,116 +0,0 @@ |
1412 | - |
1413 | -Using SpamAssassin With An LDAP Server |
1414 | --------------------------------------- |
1415 | - |
1416 | -SpamAssassin can now load users' score files from an LDAP server. The concept |
1417 | -here is to have a web application (PHP/perl/ASP/etc.) that will allow users to |
1418 | -be able to update their local preferences on how SpamAssassin will filter their |
1419 | -e-mail. The most common use for a system like this would be for users to be |
1420 | -able to update the white list of addresses (whitelist_from) without the need |
1421 | -for them to update their $HOME/.spamassassin/user_prefs file. It is also quite |
1422 | -common for users listed in /etc/passwd to not have a home directory, |
1423 | -therefore, the only way to have their own local settings would be through a |
1424 | -database or LDAP server. |
1425 | - |
1426 | -SpamAssassin will check the global configuration file (ie. any file matching |
1427 | -/etc/mail/spamassassin/*.cf) for the following settings: |
1428 | - |
1429 | - user_scores_dsn ldap://host:port/dc=basedn,dc=de?attr?scope?uid=__USERNAME__ |
1430 | - user_scores_ldap_username bind dn |
1431 | - user_scores_ldap_password password |
1432 | - |
1433 | -The first option, user_scores_dsn, describes the data source name that will be |
1434 | -used to create the connection to your LDAP server. You have to write the DSN as |
1435 | -an LDAP URL, the components being the host and port to connect to, the base DN |
1436 | -for the search, the scope of the search (base, one or sub), the single |
1437 | -attribute being the multivalued attribute used to hold the configuration data |
1438 | -(space separated pairs of key and value, just as in a file) and finally the |
1439 | -filter being the expression used to filter out the wanted username. Note that |
1440 | -the filter expression uses the literal text __USERNAME__ as a placeholder for |
1441 | -the username (SpamAssassin will use a s///g statement to replace it with the |
1442 | -actual username). |
1443 | - |
1444 | -Examples: |
1445 | - |
1446 | - ldap://localhost:389/dc=koehntopp,dc=de?spamassassin?sub?uid=__USERNAME__ |
1447 | - ldap://localhost:389/o=stooges?spamassassin?sub?uid=__USERNAME__ |
1448 | - |
1449 | - |
1450 | -If the user_scores_dsn option does not exist, SpamAssassin will not attempt |
1451 | -to use an LDAP server for retrieving users' preferences. Note that this will |
1452 | -NOT look for test rules, only local scores, whitelist_from(s), and |
1453 | -required_score. |
1454 | - |
1455 | -Requirements |
1456 | ------------- |
1457 | - |
1458 | -In order for SpamAssassin to work with your LDAP database, you must have |
1459 | -the perl Net::LDAP module installed. You'll also need the URI module. |
1460 | - |
1461 | -In order for spamd to use the LDAP driver, you will have to start spamd |
1462 | -with the additional parameters '--ldap-config -x'. |
1463 | - |
1464 | -Each user that wants to utilise the SpamAssassin LDAP driver must add |
1465 | -the 'spamassassin' attribute in their object (either manually or via the |
1466 | -web interface of your making/choice) like this (see the file sa_test.ldif |
1467 | -in this directory for a full database example): |
1468 | - |
1469 | - spamassassin: add_header all Foo LDAP read |
1470 | - |
1471 | -Database Schema |
1472 | ---------------- |
1473 | - |
1474 | -You can use any schema extension to your user entries with SpamAssassin, |
1475 | -as long as the attribute is multivalued and correctly named in your LDAP url. |
1476 | -We are currently using a <customername>spamassassin field that is part of |
1477 | -our inetOrgPerson subclass. |
1478 | - |
1479 | -Here's an example for openldap's /etc/openldap/schema/inetorgperson.schema : |
1480 | - |
1481 | - # SpamAssassin |
1482 | - # see http://SpamAssassin.org/ . |
1483 | - attributetype ( 2.16.840.1.113730.3.1.217 |
1484 | - NAME 'spamassassin' |
1485 | - DESC 'SpamAssassin user preferences settings' |
1486 | - EQUALITY caseExactMatch |
1487 | - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) |
1488 | - |
1489 | -(don't forget to add "$ spamassassin" to the objectclass MAY clause.) |
1490 | - |
1491 | - |
1492 | -Testing SpamAssassin/LDAP |
1493 | -------------------------- |
1494 | - |
1495 | -To test your LDAP setup, and debug any possible problems, you should start |
1496 | -spamd with the -D option, which will keep spamd in the foreground, and will |
1497 | -output debug message to the terminal. You should then test spamd with a |
1498 | -message by calling spamc. You can use the sample-spam.txt file with the |
1499 | -following command: |
1500 | - |
1501 | - cat sample-spam.txt | spamc |
1502 | - |
1503 | -Watch the debug output from spamd and look for the following debug line: |
1504 | - |
1505 | - retrieving LDAP prefs for <username>: <value> |
1506 | - |
1507 | -If you do not see the above text, then the LDAP query was not successful, and |
1508 | -you should see any error messages reported. <username> should be the user |
1509 | -that was passed to spamd and is usually the user executing spamc. |
1510 | - |
1511 | -If you need to set up LDAP, a good guide is here: |
1512 | -http://yolinux.com/TUTORIALS/LinuxTutorialLDAP.html |
1513 | - |
1514 | -To test LDAP support using the SpamAssassin test suite, you need to |
1515 | -perform a little bit of manual configuration first. See the file |
1516 | -"ldap/README.testing" for details. |
1517 | - |
1518 | - |
1519 | -****** |
1520 | -NB: This should be considered BETA, and the interface or overall |
1521 | -operation of LDAP support may change at any time with future releases of SA. |
1522 | -****** |
1523 | - |
1524 | -Please send any comments to <kris at koehntopp.de> and file bugs via |
1525 | -<http://issues.apache.org/SpamAssassin/>. |
1526 | - |
1527 | -Kristian Köhntopp |
1528 | |
1529 | === removed directory '.pc/10_change_config_paths/lib' |
1530 | === removed directory '.pc/10_change_config_paths/lib/Mail' |
1531 | === removed directory '.pc/10_change_config_paths/lib/Mail/SpamAssassin' |
1532 | === removed file '.pc/10_change_config_paths/lib/Mail/SpamAssassin/Conf.pm' |
1533 | --- .pc/10_change_config_paths/lib/Mail/SpamAssassin/Conf.pm 2011-05-14 12:06:12 +0000 |
1534 | +++ .pc/10_change_config_paths/lib/Mail/SpamAssassin/Conf.pm 1970-01-01 00:00:00 +0000 |
1535 | @@ -1,4035 +0,0 @@ |
1536 | -# <@LICENSE> |
1537 | -# Licensed to the Apache Software Foundation (ASF) under one or more |
1538 | -# contributor license agreements. See the NOTICE file distributed with |
1539 | -# this work for additional information regarding copyright ownership. |
1540 | -# The ASF licenses this file to you under the Apache License, Version 2.0 |
1541 | -# (the "License"); you may not use this file except in compliance with |
1542 | -# the License. You may obtain a copy of the License at: |
1543 | -# |
1544 | -# http://www.apache.org/licenses/LICENSE-2.0 |
1545 | -# |
1546 | -# Unless required by applicable law or agreed to in writing, software |
1547 | -# distributed under the License is distributed on an "AS IS" BASIS, |
1548 | -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
1549 | -# See the License for the specific language governing permissions and |
1550 | -# limitations under the License. |
1551 | -# </@LICENSE> |
1552 | - |
1553 | -=head1 NAME |
1554 | - |
1555 | -Mail::SpamAssassin::Conf - SpamAssassin configuration file |
1556 | - |
1557 | -=head1 SYNOPSIS |
1558 | - |
1559 | - # a comment |
1560 | - |
1561 | - rewrite_header Subject *****SPAM***** |
1562 | - |
1563 | - full PARA_A_2_C_OF_1618 /Paragraph .a.{0,10}2.{0,10}C. of S. 1618/i |
1564 | - describe PARA_A_2_C_OF_1618 Claims compliance with senate bill 1618 |
1565 | - |
1566 | - header FROM_HAS_MIXED_NUMS From =~ /\d+[a-z]+\d+\S*@/i |
1567 | - describe FROM_HAS_MIXED_NUMS From: contains numbers mixed in with letters |
1568 | - |
1569 | - score A_HREF_TO_REMOVE 2.0 |
1570 | - |
1571 | - lang es describe FROM_FORGED_HOTMAIL Forzado From: simula ser de hotmail.com |
1572 | - |
1573 | - lang pt_BR report O programa detetor de Spam ZOE [...] |
1574 | - |
1575 | -=head1 DESCRIPTION |
1576 | - |
1577 | -SpamAssassin is configured using traditional UNIX-style configuration files, |
1578 | -loaded from the C</usr/share/spamassassin> and C</etc/mail/spamassassin> |
1579 | -directories. |
1580 | - |
1581 | -The following web page lists the most important configuration settings |
1582 | -used to configure SpamAssassin; novices are encouraged to read it first: |
1583 | - |
1584 | - http://wiki.apache.org/spamassassin/ImportantInitialConfigItems |
1585 | - |
1586 | -=head1 FILE FORMAT |
1587 | - |
1588 | -The C<#> character starts a comment, which continues until end of line. |
1589 | -B<NOTE:> if the C<#> character is to be used as part of a rule or |
1590 | -configuration option, it must be escaped with a backslash. i.e.: C<\#> |
1591 | - |
1592 | -Whitespace in the files is not significant, but please note that starting a |
1593 | -line with whitespace is deprecated, as we reserve its use for multi-line rule |
1594 | -definitions, at some point in the future. |
1595 | - |
1596 | -Currently, each rule or configuration setting must fit on one-line; multi-line |
1597 | -settings are not supported yet. |
1598 | - |
1599 | -File and directory paths can use C<~> to refer to the user's home |
1600 | -directory, but no other shell-style path extensions such as globing or |
1601 | -C<~user/> are supported. |
1602 | - |
1603 | -Where appropriate below, default values are listed in parentheses. |
1604 | - |
1605 | -=head1 USER PREFERENCES |
1606 | - |
1607 | -The following options can be used in both site-wide (C<local.cf>) and |
1608 | -user-specific (C<user_prefs>) configuration files to customize how |
1609 | -SpamAssassin handles incoming email messages. |
1610 | - |
1611 | -=cut |
1612 | - |
1613 | -package Mail::SpamAssassin::Conf; |
1614 | - |
1615 | -use strict; |
1616 | -use warnings; |
1617 | -use bytes; |
1618 | -use re 'taint'; |
1619 | - |
1620 | -use Mail::SpamAssassin::Util; |
1621 | -use Mail::SpamAssassin::NetSet; |
1622 | -use Mail::SpamAssassin::Constants qw(:sa); |
1623 | -use Mail::SpamAssassin::Conf::Parser; |
1624 | -use Mail::SpamAssassin::Logger; |
1625 | -use Mail::SpamAssassin::Util::TieOneStringHash; |
1626 | -use Mail::SpamAssassin::Util qw(untaint_var); |
1627 | -use File::Spec; |
1628 | - |
1629 | -use vars qw{ |
1630 | - @ISA $VERSION |
1631 | - $CONF_TYPE_STRING $CONF_TYPE_BOOL |
1632 | - $CONF_TYPE_NUMERIC $CONF_TYPE_HASH_KEY_VALUE |
1633 | - $CONF_TYPE_ADDRLIST $CONF_TYPE_TEMPLATE |
1634 | - $CONF_TYPE_STRINGLIST $CONF_TYPE_IPADDRLIST |
1635 | - $CONF_TYPE_NOARGS |
1636 | - $INVALID_VALUE $MISSING_REQUIRED_VALUE |
1637 | - @MIGRATED_SETTINGS |
1638 | - $COLLECT_REGRESSION_TESTS |
1639 | - |
1640 | -$TYPE_HEAD_TESTS $TYPE_HEAD_EVALS |
1641 | -$TYPE_BODY_TESTS $TYPE_BODY_EVALS $TYPE_FULL_TESTS $TYPE_FULL_EVALS |
1642 | -$TYPE_RAWBODY_TESTS $TYPE_RAWBODY_EVALS $TYPE_URI_TESTS $TYPE_URI_EVALS |
1643 | -$TYPE_META_TESTS $TYPE_RBL_EVALS $TYPE_EMPTY_TESTS |
1644 | -}; |
1645 | - |
1646 | -@ISA = qw(); |
1647 | - |
1648 | -# odd => eval test. Not constants so they can be shared with Parser |
1649 | -# TODO: move to Constants.pm? |
1650 | -$TYPE_HEAD_TESTS = 0x0008; |
1651 | -$TYPE_HEAD_EVALS = 0x0009; |
1652 | -$TYPE_BODY_TESTS = 0x000a; |
1653 | -$TYPE_BODY_EVALS = 0x000b; |
1654 | -$TYPE_FULL_TESTS = 0x000c; |
1655 | -$TYPE_FULL_EVALS = 0x000d; |
1656 | -$TYPE_RAWBODY_TESTS = 0x000e; |
1657 | -$TYPE_RAWBODY_EVALS = 0x000f; |
1658 | -$TYPE_URI_TESTS = 0x0010; |
1659 | -$TYPE_URI_EVALS = 0x0011; |
1660 | -$TYPE_META_TESTS = 0x0012; |
1661 | -$TYPE_RBL_EVALS = 0x0013; |
1662 | -$TYPE_EMPTY_TESTS = 0x0014; |
1663 | - |
1664 | -my @rule_types = ("body_tests", "uri_tests", "uri_evals", |
1665 | - "head_tests", "head_evals", "body_evals", "full_tests", |
1666 | - "full_evals", "rawbody_tests", "rawbody_evals", |
1667 | - "rbl_evals", "meta_tests"); |
1668 | - |
1669 | -$VERSION = 'bogus'; # avoid CPAN.pm picking up version strings later |
1670 | - |
1671 | -# these are variables instead of constants so that other classes can |
1672 | -# access them; if they're constants, they'd have to go in Constants.pm |
1673 | -# TODO: move to Constants.pm? |
1674 | -$CONF_TYPE_STRING = 1; |
1675 | -$CONF_TYPE_BOOL = 2; |
1676 | -$CONF_TYPE_NUMERIC = 3; |
1677 | -$CONF_TYPE_HASH_KEY_VALUE = 4; |
1678 | -$CONF_TYPE_ADDRLIST = 5; |
1679 | -$CONF_TYPE_TEMPLATE = 6; |
1680 | -$CONF_TYPE_NOARGS = 7; |
1681 | -$CONF_TYPE_STRINGLIST = 8; |
1682 | -$CONF_TYPE_IPADDRLIST = 9; |
1683 | -$MISSING_REQUIRED_VALUE = -99999999999999; |
1684 | -$INVALID_VALUE = -99999999999998; |
1685 | - |
1686 | -# set to "1" by the test suite code, to record regression tests |
1687 | -# $Mail::SpamAssassin::Conf::COLLECT_REGRESSION_TESTS = 1; |
1688 | - |
1689 | -# search for "sub new {" to find the start of the code |
1690 | -########################################################################### |
1691 | - |
1692 | -sub set_default_commands { |
1693 | - my($self) = @_; |
1694 | - |
1695 | - # see "perldoc Mail::SpamAssassin::Conf::Parser" for details on this fmt. |
1696 | - # push each config item like this, to avoid a POD bug; it can't just accept |
1697 | - # ( { ... }, { ... }, { ...} ) otherwise POD parsing dies. |
1698 | - my @cmds; |
1699 | - |
1700 | -=head2 SCORING OPTIONS |
1701 | - |
1702 | -=over 4 |
1703 | - |
1704 | -=item required_score n.nn (default: 5) |
1705 | - |
1706 | -Set the score required before a mail is considered spam. C<n.nn> can |
1707 | -be an integer or a real number. 5.0 is the default setting, and is |
1708 | -quite aggressive; it would be suitable for a single-user setup, but if |
1709 | -you're an ISP installing SpamAssassin, you should probably set the |
1710 | -default to be more conservative, like 8.0 or 10.0. It is not |
1711 | -recommended to automatically delete or discard messages marked as |
1712 | -spam, as your users B<will> complain, but if you choose to do so, only |
1713 | -delete messages with an exceptionally high score such as 15.0 or |
1714 | -higher. This option was previously known as C<required_hits> and that |
1715 | -name is still accepted, but is deprecated. |
1716 | - |
1717 | -=cut |
1718 | - |
1719 | - push (@cmds, { |
1720 | - setting => 'required_score', |
1721 | - aliases => ['required_hits'], # backwards compat |
1722 | - default => 5, |
1723 | - type => $CONF_TYPE_NUMERIC, |
1724 | - }); |
1725 | - |
1726 | -=item score SYMBOLIC_TEST_NAME n.nn [ n.nn n.nn n.nn ] |
1727 | - |
1728 | -Assign scores (the number of points for a hit) to a given test. |
1729 | -Scores can be positive or negative real numbers or integers. |
1730 | -C<SYMBOLIC_TEST_NAME> is the symbolic name used by SpamAssassin for |
1731 | -that test; for example, 'FROM_ENDS_IN_NUMS'. |
1732 | - |
1733 | -If only one valid score is listed, then that score is always used |
1734 | -for a test. |
1735 | - |
1736 | -If four valid scores are listed, then the score that is used depends |
1737 | -on how SpamAssassin is being used. The first score is used when |
1738 | -both Bayes and network tests are disabled (score set 0). The second |
1739 | -score is used when Bayes is disabled, but network tests are enabled |
1740 | -(score set 1). The third score is used when Bayes is enabled and |
1741 | -network tests are disabled (score set 2). The fourth score is used |
1742 | -when Bayes is enabled and network tests are enabled (score set 3). |
1743 | - |
1744 | -Setting a rule's score to 0 will disable that rule from running. |
1745 | - |
1746 | -If any of the score values are surrounded by parenthesis '()', then |
1747 | -all of the scores in the line are considered to be relative to the |
1748 | -already set score. ie: '(3)' means increase the score for this |
1749 | -rule by 3 points in all score sets. '(3) (0) (3) (0)' means increase |
1750 | -the score for this rule by 3 in score sets 0 and 2 only. |
1751 | - |
1752 | -If no score is given for a test by the end of the configuration, |
1753 | -a default score is assigned: a score of 1.0 is used for all tests, |
1754 | -except those whose names begin with 'T_' (this is used to indicate a |
1755 | -rule in testing) which receive 0.01. |
1756 | - |
1757 | -Note that test names which begin with '__' are indirect rules used |
1758 | -to compose meta-match rules and can also act as prerequisites to |
1759 | -other rules. They are not scored or listed in the 'tests hit' |
1760 | -reports, but assigning a score of 0 to an indirect rule will disable |
1761 | -it from running. |
1762 | - |
1763 | -=cut |
1764 | - |
1765 | - push (@cmds, { |
1766 | - setting => 'score', |
1767 | - is_frequent => 1, |
1768 | - code => sub { |
1769 | - my ($self, $key, $value, $line) = @_; |
1770 | - my($rule, @scores) = split(/\s+/, $value); |
1771 | - unless (defined $value && $value !~ /^$/ && |
1772 | - (scalar @scores == 1 || scalar @scores == 4)) { |
1773 | - info("config: score: requires a symbolic rule name and 1 or 4 scores"); |
1774 | - return $MISSING_REQUIRED_VALUE; |
1775 | - } |
1776 | - |
1777 | - # Figure out if we're doing relative scores, remove the parens if we are |
1778 | - my $relative = 0; |
1779 | - foreach (@scores) { |
1780 | - local ($1); |
1781 | - if (s/^\((-?\d+(?:\.\d+)?)\)$/$1/) { |
1782 | - $relative = 1; |
1783 | - } |
1784 | - unless (/^-?\d+(?:\.\d+)?$/) { |
1785 | - info("config: score: the non-numeric score ($_) is not valid, " . |
1786 | - "a numeric score is required"); |
1787 | - return $INVALID_VALUE; |
1788 | - } |
1789 | - } |
1790 | - |
1791 | - if ($relative && !exists $self->{scoreset}->[0]->{$rule}) { |
1792 | - info("config: score: relative score without previous setting in " . |
1793 | - "configuration"); |
1794 | - return $INVALID_VALUE; |
1795 | - } |
1796 | - |
1797 | - # If we're only passed 1 score, copy it to the other scoresets |
1798 | - if (@scores) { |
1799 | - if (@scores != 4) { |
1800 | - @scores = ( $scores[0], $scores[0], $scores[0], $scores[0] ); |
1801 | - } |
1802 | - |
1803 | - # Set the actual scoreset values appropriately |
1804 | - for my $index (0..3) { |
1805 | - my $score = $relative ? |
1806 | - $self->{scoreset}->[$index]->{$rule} + $scores[$index] : |
1807 | - $scores[$index]; |
1808 | - |
1809 | - $self->{scoreset}->[$index]->{$rule} = $score + 0.0; |
1810 | - } |
1811 | - } |
1812 | - } |
1813 | - }); |
1814 | - |
1815 | -=back |
1816 | - |
1817 | -=head2 WHITELIST AND BLACKLIST OPTIONS |
1818 | - |
1819 | -=over 4 |
1820 | - |
1821 | -=item whitelist_from user@example.com |
1822 | - |
1823 | -Used to whitelist sender addresses which send mail that is often tagged |
1824 | -(incorrectly) as spam. |
1825 | - |
1826 | -Use of this setting is not recommended, since it blindly trusts the message, |
1827 | -which is routinely and easily forged by spammers and phish senders. The |
1828 | -recommended solution is to instead use C<whitelist_auth> or other authenticated |
1829 | -whitelisting methods, or C<whitelist_from_rcvd>. |
1830 | - |
1831 | -Whitelist and blacklist addresses are now file-glob-style patterns, so |
1832 | -C<friend@somewhere.com>, C<*@isp.com>, or C<*.domain.net> will all work. |
1833 | -Specifically, C<*> and C<?> are allowed, but all other metacharacters are not. |
1834 | -Regular expressions are not used for security reasons. |
1835 | - |
1836 | -Multiple addresses per line, separated by spaces, is OK. Multiple |
1837 | -C<whitelist_from> lines is also OK. |
1838 | - |
1839 | -The headers checked for whitelist addresses are as follows: if C<Resent-From> |
1840 | -is set, use that; otherwise check all addresses taken from the following |
1841 | -set of headers: |
1842 | - |
1843 | - Envelope-Sender |
1844 | - Resent-Sender |
1845 | - X-Envelope-From |
1846 | - From |
1847 | - |
1848 | -In addition, the "envelope sender" data, taken from the SMTP envelope data |
1849 | -where this is available, is looked up. See C<envelope_sender_header>. |
1850 | - |
1851 | -e.g. |
1852 | - |
1853 | - whitelist_from joe@example.com fred@example.com |
1854 | - whitelist_from *@example.com |
1855 | - |
1856 | -=cut |
1857 | - |
1858 | - push (@cmds, { |
1859 | - setting => 'whitelist_from', |
1860 | - type => $CONF_TYPE_ADDRLIST, |
1861 | - }); |
1862 | - |
1863 | -=item unwhitelist_from user@example.com |
1864 | - |
1865 | -Used to override a default whitelist_from entry, so for example a distribution |
1866 | -whitelist_from can be overridden in a local.cf file, or an individual user can |
1867 | -override a whitelist_from entry in their own C<user_prefs> file. |
1868 | -The specified email address has to match exactly the address previously |
1869 | -used in a whitelist_from line. |
1870 | - |
1871 | -e.g. |
1872 | - |
1873 | - unwhitelist_from joe@example.com fred@example.com |
1874 | - unwhitelist_from *@example.com |
1875 | - |
1876 | -=cut |
1877 | - |
1878 | - push (@cmds, { |
1879 | - command => 'unwhitelist_from', |
1880 | - setting => 'whitelist_from', |
1881 | - type => $CONF_TYPE_ADDRLIST, |
1882 | - code => \&Mail::SpamAssassin::Conf::Parser::remove_addrlist_value |
1883 | - }); |
1884 | - |
1885 | -=item whitelist_from_rcvd addr@lists.sourceforge.net sourceforge.net |
1886 | - |
1887 | -Works similarly to whitelist_from, except that in addition to matching |
1888 | -a sender address, a relay's rDNS name must match too for the whitelisting |
1889 | -rule to fire. The first parameter is an address to whitelist, and the |
1890 | -second is a string to match the relay's rDNS. |
1891 | - |
1892 | -This string is matched against the reverse DNS lookup used during the handover |
1893 | -from the internet to your internal network's mail exchangers. It can |
1894 | -either be the full hostname, or the domain component of that hostname. In |
1895 | -other words, if the host that connected to your MX had an IP address that |
1896 | -mapped to 'sendinghost.spamassassin.org', you should specify |
1897 | -C<sendinghost.spamassassin.org> or just C<spamassassin.org> here. |
1898 | - |
1899 | -Note that this requires that C<internal_networks> be correct. For simple cases, |
1900 | -it will be, but for a complex network you may get better results by setting that |
1901 | -parameter. |
1902 | - |
1903 | -It also requires that your mail exchangers be configured to perform DNS |
1904 | -reverse lookups on the connecting host's IP address, and to record the |
1905 | -result in the generated Received: header. |
1906 | - |
1907 | -e.g. |
1908 | - |
1909 | - whitelist_from_rcvd joe@example.com example.com |
1910 | - whitelist_from_rcvd *@axkit.org sergeant.org |
1911 | - |
1912 | -=item def_whitelist_from_rcvd addr@lists.sourceforge.net sourceforge.net |
1913 | - |
1914 | -Same as C<whitelist_from_rcvd>, but used for the default whitelist entries |
1915 | -in the SpamAssassin distribution. The whitelist score is lower, because |
1916 | -these are often targets for spammer spoofing. |
1917 | - |
1918 | -=cut |
1919 | - |
1920 | - push (@cmds, { |
1921 | - setting => 'whitelist_from_rcvd', |
1922 | - type => $CONF_TYPE_ADDRLIST, |
1923 | - code => sub { |
1924 | - my ($self, $key, $value, $line) = @_; |
1925 | - unless (defined $value && $value !~ /^$/) { |
1926 | - return $MISSING_REQUIRED_VALUE; |
1927 | - } |
1928 | - unless ($value =~ /^\S+\s+\S+$/) { |
1929 | - return $INVALID_VALUE; |
1930 | - } |
1931 | - $self->{parser}->add_to_addrlist_rcvd ('whitelist_from_rcvd', |
1932 | - split(/\s+/, $value)); |
1933 | - } |
1934 | - }); |
1935 | - |
1936 | - push (@cmds, { |
1937 | - setting => 'def_whitelist_from_rcvd', |
1938 | - type => $CONF_TYPE_ADDRLIST, |
1939 | - code => sub { |
1940 | - my ($self, $key, $value, $line) = @_; |
1941 | - unless (defined $value && $value !~ /^$/) { |
1942 | - return $MISSING_REQUIRED_VALUE; |
1943 | - } |
1944 | - unless ($value =~ /^\S+\s+\S+$/) { |
1945 | - return $INVALID_VALUE; |
1946 | - } |
1947 | - $self->{parser}->add_to_addrlist_rcvd ('def_whitelist_from_rcvd', |
1948 | - split(/\s+/, $value)); |
1949 | - } |
1950 | - }); |
1951 | - |
1952 | -=item whitelist_allows_relays user@example.com |
1953 | - |
1954 | -Specify addresses which are in C<whitelist_from_rcvd> that sometimes |
1955 | -send through a mail relay other than the listed ones. By default mail |
1956 | -with a From address that is in C<whitelist_from_rcvd> that does not match |
1957 | -the relay will trigger a forgery rule. Including the address in |
1958 | -C<whitelist_allows_relay> prevents that. |
1959 | - |
1960 | -Whitelist and blacklist addresses are now file-glob-style patterns, so |
1961 | -C<friend@somewhere.com>, C<*@isp.com>, or C<*.domain.net> will all work. |
1962 | -Specifically, C<*> and C<?> are allowed, but all other metacharacters are not. |
1963 | -Regular expressions are not used for security reasons. |
1964 | - |
1965 | -Multiple addresses per line, separated by spaces, is OK. Multiple |
1966 | -C<whitelist_allows_relays> lines is also OK. |
1967 | - |
1968 | -The specified email address does not have to match exactly the address |
1969 | -previously used in a whitelist_from_rcvd line as it is compared to the |
1970 | -address in the header. |
1971 | - |
1972 | -e.g. |
1973 | - |
1974 | - whitelist_allows_relays joe@example.com fred@example.com |
1975 | - whitelist_allows_relays *@example.com |
1976 | - |
1977 | -=cut |
1978 | - |
1979 | - push (@cmds, { |
1980 | - setting => 'whitelist_allows_relays', |
1981 | - type => $CONF_TYPE_ADDRLIST, |
1982 | - }); |
1983 | - |
1984 | -=item unwhitelist_from_rcvd user@example.com |
1985 | - |
1986 | -Used to override a default whitelist_from_rcvd entry, so for example a |
1987 | -distribution whitelist_from_rcvd can be overridden in a local.cf file, |
1988 | -or an individual user can override a whitelist_from_rcvd entry in |
1989 | -their own C<user_prefs> file. |
1990 | - |
1991 | -The specified email address has to match exactly the address previously |
1992 | -used in a whitelist_from_rcvd line. |
1993 | - |
1994 | -e.g. |
1995 | - |
1996 | - unwhitelist_from_rcvd joe@example.com fred@example.com |
1997 | - unwhitelist_from_rcvd *@axkit.org |
1998 | - |
1999 | -=cut |
2000 | - |
2001 | - push (@cmds, { |
2002 | - setting => 'unwhitelist_from_rcvd', |
2003 | - type => $CONF_TYPE_ADDRLIST, |
2004 | - code => sub { |
2005 | - my ($self, $key, $value, $line) = @_; |
2006 | - unless (defined $value && $value !~ /^$/) { |
2007 | - return $MISSING_REQUIRED_VALUE; |
2008 | - } |
2009 | - unless ($value =~ /^(?:\S+(?:\s+\S+)*)$/) { |
2010 | - return $INVALID_VALUE; |
2011 | - } |
2012 | - $self->{parser}->remove_from_addrlist_rcvd('whitelist_from_rcvd', |
2013 | - split (/\s+/, $value)); |
2014 | - $self->{parser}->remove_from_addrlist_rcvd('def_whitelist_from_rcvd', |
2015 | - split (/\s+/, $value)); |
2016 | - } |
2017 | - }); |
2018 | - |
2019 | -=item blacklist_from user@example.com |
2020 | - |
2021 | -Used to specify addresses which send mail that is often tagged (incorrectly) as |
2022 | -non-spam, but which the user doesn't want. Same format as C<whitelist_from>. |
2023 | - |
2024 | -=cut |
2025 | - |
2026 | - push (@cmds, { |
2027 | - setting => 'blacklist_from', |
2028 | - type => $CONF_TYPE_ADDRLIST, |
2029 | - }); |
2030 | - |
2031 | -=item unblacklist_from user@example.com |
2032 | - |
2033 | -Used to override a default blacklist_from entry, so for example a |
2034 | -distribution blacklist_from can be overridden in a local.cf file, or |
2035 | -an individual user can override a blacklist_from entry in their own |
2036 | -C<user_prefs> file. The specified email address has to match exactly |
2037 | -the address previously used in a blacklist_from line. |
2038 | - |
2039 | - |
2040 | -e.g. |
2041 | - |
2042 | - unblacklist_from joe@example.com fred@example.com |
2043 | - unblacklist_from *@spammer.com |
2044 | - |
2045 | -=cut |
2046 | - |
2047 | - |
2048 | - push (@cmds, { |
2049 | - command => 'unblacklist_from', |
2050 | - setting => 'blacklist_from', |
2051 | - type => $CONF_TYPE_ADDRLIST, |
2052 | - code => \&Mail::SpamAssassin::Conf::Parser::remove_addrlist_value |
2053 | - }); |
2054 | - |
2055 | - |
2056 | -=item whitelist_to user@example.com |
2057 | - |
2058 | -If the given address appears as a recipient in the message headers |
2059 | -(Resent-To, To, Cc, obvious envelope recipient, etc.) the mail will |
2060 | -be whitelisted. Useful if you're deploying SpamAssassin system-wide, |
2061 | -and don't want some users to have their mail filtered. Same format |
2062 | -as C<whitelist_from>. |
2063 | - |
2064 | -There are three levels of To-whitelisting, C<whitelist_to>, C<more_spam_to> |
2065 | -and C<all_spam_to>. Users in the first level may still get some spammish |
2066 | -mails blocked, but users in C<all_spam_to> should never get mail blocked. |
2067 | - |
2068 | -The headers checked for whitelist addresses are as follows: if C<Resent-To> or |
2069 | -C<Resent-Cc> are set, use those; otherwise check all addresses taken from the |
2070 | -following set of headers: |
2071 | - |
2072 | - To |
2073 | - Cc |
2074 | - Apparently-To |
2075 | - Delivered-To |
2076 | - Envelope-Recipients |
2077 | - Apparently-Resent-To |
2078 | - X-Envelope-To |
2079 | - Envelope-To |
2080 | - X-Delivered-To |
2081 | - X-Original-To |
2082 | - X-Rcpt-To |
2083 | - X-Real-To |
2084 | - |
2085 | -=item more_spam_to user@example.com |
2086 | - |
2087 | -See above. |
2088 | - |
2089 | -=item all_spam_to user@example.com |
2090 | - |
2091 | -See above. |
2092 | - |
2093 | -=cut |
2094 | - |
2095 | - push (@cmds, { |
2096 | - setting => 'whitelist_to', |
2097 | - type => $CONF_TYPE_ADDRLIST, |
2098 | - }); |
2099 | - push (@cmds, { |
2100 | - setting => 'more_spam_to', |
2101 | - type => $CONF_TYPE_ADDRLIST, |
2102 | - }); |
2103 | - push (@cmds, { |
2104 | - setting => 'all_spam_to', |
2105 | - type => $CONF_TYPE_ADDRLIST, |
2106 | - }); |
2107 | - |
2108 | -=item blacklist_to user@example.com |
2109 | - |
2110 | -If the given address appears as a recipient in the message headers |
2111 | -(Resent-To, To, Cc, obvious envelope recipient, etc.) the mail will |
2112 | -be blacklisted. Same format as C<blacklist_from>. |
2113 | - |
2114 | -=cut |
2115 | - |
2116 | - push (@cmds, { |
2117 | - setting => 'blacklist_to', |
2118 | - type => $CONF_TYPE_ADDRLIST, |
2119 | - }); |
2120 | - |
2121 | -=item whitelist_auth user@example.com |
2122 | - |
2123 | -Used to specify addresses which send mail that is often tagged (incorrectly) as |
2124 | -spam. This is different from C<whitelist_from> and C<whitelist_from_rcvd> in |
2125 | -that it first verifies that the message was sent by an authorized sender for |
2126 | -the address, before whitelisting. |
2127 | - |
2128 | -Authorization is performed using one of the installed sender-authorization |
2129 | -schemes: SPF (using C<Mail::SpamAssassin::Plugin::SPF>), or DKIM (using |
2130 | -C<Mail::SpamAssassin::Plugin::DKIM>). Note that those plugins must be active, |
2131 | -and working, for this to operate. |
2132 | - |
2133 | -Using C<whitelist_auth> is roughly equivalent to specifying duplicate |
2134 | -C<whitelist_from_spf>, C<whitelist_from_dk>, and C<whitelist_from_dkim> lines |
2135 | -for each of the addresses specified. |
2136 | - |
2137 | -e.g. |
2138 | - |
2139 | - whitelist_auth joe@example.com fred@example.com |
2140 | - whitelist_auth *@example.com |
2141 | - |
2142 | -=item def_whitelist_auth user@example.com |
2143 | - |
2144 | -Same as C<whitelist_auth>, but used for the default whitelist entries |
2145 | -in the SpamAssassin distribution. The whitelist score is lower, because |
2146 | -these are often targets for spammer spoofing. |
2147 | - |
2148 | -=cut |
2149 | - |
2150 | - push (@cmds, { |
2151 | - setting => 'whitelist_auth', |
2152 | - type => $CONF_TYPE_ADDRLIST, |
2153 | - }); |
2154 | - |
2155 | - push (@cmds, { |
2156 | - setting => 'def_whitelist_auth', |
2157 | - type => $CONF_TYPE_ADDRLIST, |
2158 | - }); |
2159 | - |
2160 | -=item unwhitelist_auth user@example.com |
2161 | - |
2162 | -Used to override a C<whitelist_auth> entry. The specified email address has to |
2163 | -match exactly the address previously used in a C<whitelist_auth> line. |
2164 | - |
2165 | -e.g. |
2166 | - |
2167 | - unwhitelist_auth joe@example.com fred@example.com |
2168 | - unwhitelist_auth *@example.com |
2169 | - |
2170 | -=cut |
2171 | - |
2172 | - push (@cmds, { |
2173 | - command => 'unwhitelist_auth', |
2174 | - setting => 'whitelist_auth', |
2175 | - type => $CONF_TYPE_ADDRLIST, |
2176 | - code => \&Mail::SpamAssassin::Conf::Parser::remove_addrlist_value |
2177 | - }); |
2178 | - |
2179 | -=back |
2180 | - |
2181 | -=head2 BASIC MESSAGE TAGGING OPTIONS |
2182 | - |
2183 | -=over 4 |
2184 | - |
2185 | -=item rewrite_header { subject | from | to } STRING |
2186 | - |
2187 | -By default, suspected spam messages will not have the C<Subject>, |
2188 | -C<From> or C<To> lines tagged to indicate spam. By setting this option, |
2189 | -the header will be tagged with C<STRING> to indicate that a message is |
2190 | -spam. For the From or To headers, this will take the form of an RFC 2822 |
2191 | -comment following the address in parantheses. For the Subject header, |
2192 | -this will be prepended to the original subject. Note that you should |
2193 | -only use the _REQD_ and _SCORE_ tags when rewriting the Subject header |
2194 | -if C<report_safe> is 0. Otherwise, you may not be able to remove |
2195 | -the SpamAssassin markup via the normal methods. More information |
2196 | -about tags is explained below in the B<TEMPLATE TAGS> section. |
2197 | - |
2198 | -Parentheses are not permitted in STRING if rewriting the From or To headers. |
2199 | -(They will be converted to square brackets.) |
2200 | - |
2201 | -If C<rewrite_header subject> is used, but the message being rewritten |
2202 | -does not already contain a C<Subject> header, one will be created. |
2203 | - |
2204 | -A null value for C<STRING> will remove any existing rewrite for the specified |
2205 | -header. |
2206 | - |
2207 | -=cut |
2208 | - |
2209 | - push (@cmds, { |
2210 | - setting => 'rewrite_header', |
2211 | - type => $CONF_TYPE_HASH_KEY_VALUE, |
2212 | - code => sub { |
2213 | - my ($self, $key, $value, $line) = @_; |
2214 | - my($hdr, $string) = split(/\s+/, $value, 2); |
2215 | - $hdr = ucfirst(lc($hdr)); |
2216 | - |
2217 | - if ($hdr =~ /^$/) { |
2218 | - return $MISSING_REQUIRED_VALUE; |
2219 | - } |
2220 | - # We only deal with From, Subject, and To ... |
2221 | - elsif ($hdr =~ /^(?:From|Subject|To)$/) { |
2222 | - unless (defined $string && $string =~ /\S/) { |
2223 | - delete $self->{rewrite_header}->{$hdr}; |
2224 | - return; |
2225 | - } |
2226 | - |
2227 | - if ($hdr ne 'Subject') { |
2228 | - $string =~ tr/()/[]/; |
2229 | - } |
2230 | - $self->{rewrite_header}->{$hdr} = $string; |
2231 | - return; |
2232 | - } |
2233 | - else { |
2234 | - # if we get here, note the issue, then we'll fail through for an error. |
2235 | - info("config: rewrite_header: ignoring $hdr, not From, Subject, or To"); |
2236 | - return $INVALID_VALUE; |
2237 | - } |
2238 | - } |
2239 | - }); |
2240 | - |
2241 | -=item add_header { spam | ham | all } header_name string |
2242 | - |
2243 | -Customized headers can be added to the specified type of messages (spam, |
2244 | -ham, or "all" to add to either). All headers begin with C<X-Spam-> |
2245 | -(so a C<header_name> Foo will generate a header called X-Spam-Foo). |
2246 | -header_name is restricted to the character set [A-Za-z0-9_-]. |
2247 | - |
2248 | -The order of C<add_header> configuration options is preserved, inserted |
2249 | -headers will follow this order of declarations. When combining C<add_header> |
2250 | -with C<clear_headers> and C<remove_header>, keep in mind that C<add_header> |
2251 | -appends a new header to the current list, after first removing any existing |
2252 | -header fields of the same name. Note also that C<add_header>, C<clear_headers> |
2253 | -and C<remove_header> may appear in multiple .cf files, which are interpreted |
2254 | -in alphabetic order. |
2255 | - |
2256 | -C<string> can contain tags as explained below in the B<TEMPLATE TAGS> section. |
2257 | -You can also use C<\n> and C<\t> in the header to add newlines and tabulators |
2258 | -as desired. A backslash has to be written as \\, any other escaped chars will |
2259 | -be silently removed. |
2260 | - |
2261 | -All headers will be folded if fold_headers is set to C<1>. Note: Manually |
2262 | -adding newlines via C<\n> disables any further automatic wrapping (ie: |
2263 | -long header lines are possible). The lines will still be properly folded |
2264 | -(marked as continuing) though. |
2265 | - |
2266 | -You can customize existing headers with B<add_header> (only the specified |
2267 | -subset of messages will be changed). |
2268 | - |
2269 | -See also C<clear_headers> and C<remove_header> for removing headers. |
2270 | - |
2271 | -Here are some examples (these are the defaults, note that Checker-Version can |
2272 | -not be changed or removed): |
2273 | - |
2274 | - add_header spam Flag _YESNOCAPS_ |
2275 | - add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_ |
2276 | - add_header all Level _STARS(*)_ |
2277 | - add_header all Checker-Version SpamAssassin _VERSION_ (_SUBVERSION_) on _HOSTNAME_ |
2278 | - |
2279 | -=cut |
2280 | - |
2281 | - push (@cmds, { |
2282 | - setting => 'add_header', |
2283 | - code => sub { |
2284 | - my ($self, $key, $value, $line) = @_; |
2285 | - local ($1,$2,$3); |
2286 | - if ($value !~ /^(ham|spam|all)\s+([A-Za-z0-9_-]+)\s+(.*?)\s*$/) { |
2287 | - return $INVALID_VALUE; |
2288 | - } |
2289 | - |
2290 | - my ($type, $name, $hline) = ($1, $2, $3); |
2291 | - if ($hline =~ /^"(.*)"$/) { |
2292 | - $hline = $1; |
2293 | - } |
2294 | - my @line = split( |
2295 | - /\\\\/, # split at double backslashes, |
2296 | - $hline."\n" # newline needed to make trailing backslashes work |
2297 | - ); |
2298 | - foreach (@line) { |
2299 | - s/\\t/\t/g; # expand tabs |
2300 | - s/\\n/\n/g; # expand newlines |
2301 | - s/\\.//g; # purge all other escapes |
2302 | - }; |
2303 | - $hline = join("\\", @line); |
2304 | - chop($hline); # remove dummy newline again |
2305 | - if (($type eq "ham") || ($type eq "all")) { |
2306 | - $self->{headers_ham} = |
2307 | - [ grep { lc($_->[0]) ne lc($name) } @{$self->{headers_ham}} ]; |
2308 | - push(@{$self->{headers_ham}}, [$name, $hline]); |
2309 | - } |
2310 | - if (($type eq "spam") || ($type eq "all")) { |
2311 | - $self->{headers_spam} = |
2312 | - [ grep { lc($_->[0]) ne lc($name) } @{$self->{headers_spam}} ]; |
2313 | - push(@{$self->{headers_spam}}, [$name, $hline]); |
2314 | - } |
2315 | - } |
2316 | - }); |
2317 | - |
2318 | -=item remove_header { spam | ham | all } header_name |
2319 | - |
2320 | -Headers can be removed from the specified type of messages (spam, ham, |
2321 | -or "all" to remove from either). All headers begin with C<X-Spam-> |
2322 | -(so C<header_name> will be appended to C<X-Spam->). |
2323 | - |
2324 | -See also C<clear_headers> for removing all the headers at once. |
2325 | - |
2326 | -Note that B<X-Spam-Checker-Version> is not removable because the version |
2327 | -information is needed by mail administrators and developers to debug |
2328 | -problems. Without at least one header, it might not even be possible to |
2329 | -determine that SpamAssassin is running. |
2330 | - |
2331 | -=cut |
2332 | - |
2333 | - push (@cmds, { |
2334 | - setting => 'remove_header', |
2335 | - code => sub { |
2336 | - my ($self, $key, $value, $line) = @_; |
2337 | - local ($1,$2); |
2338 | - if ($value !~ /^(ham|spam|all)\s+([A-Za-z0-9_-]+)\s*$/) { |
2339 | - return $INVALID_VALUE; |
2340 | - } |
2341 | - |
2342 | - my ($type, $name) = ($1, $2); |
2343 | - return if ( $name eq "Checker-Version" ); |
2344 | - |
2345 | - $name = lc($name); |
2346 | - if (($type eq "ham") || ($type eq "all")) { |
2347 | - $self->{headers_ham} = |
2348 | - [ grep { lc($_->[0]) ne $name } @{$self->{headers_ham}} ]; |
2349 | - } |
2350 | - if (($type eq "spam") || ($type eq "all")) { |
2351 | - $self->{headers_spam} = |
2352 | - [ grep { lc($_->[0]) ne $name } @{$self->{headers_spam}} ]; |
2353 | - } |
2354 | - } |
2355 | - }); |
2356 | - |
2357 | -=item clear_headers |
2358 | - |
2359 | -Clear the list of headers to be added to messages. You may use this |
2360 | -before any B<add_header> options to prevent the default headers from being |
2361 | -added to the message. |
2362 | - |
2363 | -C<add_header>, C<clear_headers> and C<remove_header> may appear in multiple |
2364 | -.cf files, which are interpreted in alphabetic order, so C<clear_headers> |
2365 | -in a later file will remove all added headers from previously interpreted |
2366 | -configuration files, which may or may not be desired. |
2367 | - |
2368 | -Note that B<X-Spam-Checker-Version> is not removable because the version |
2369 | -information is needed by mail administrators and developers to debug |
2370 | -problems. Without at least one header, it might not even be possible to |
2371 | -determine that SpamAssassin is running. |
2372 | - |
2373 | -=cut |
2374 | - |
2375 | - push (@cmds, { |
2376 | - setting => 'clear_headers', |
2377 | - type => $CONF_TYPE_NOARGS, |
2378 | - code => sub { |
2379 | - my ($self, $key, $value, $line) = @_; |
2380 | - unless (!defined $value || $value eq '') { |
2381 | - return $INVALID_VALUE; |
2382 | - } |
2383 | - my @h = grep { lc($_->[0]) eq "checker-version" } |
2384 | - @{$self->{headers_ham}}; |
2385 | - $self->{headers_ham} = !@h ? [] : [ $h[0] ]; |
2386 | - $self->{headers_spam} = !@h ? [] : [ $h[0] ]; |
2387 | - } |
2388 | - }); |
2389 | - |
2390 | -=item report_safe ( 0 | 1 | 2 ) (default: 1) |
2391 | - |
2392 | -if this option is set to 1, if an incoming message is tagged as spam, |
2393 | -instead of modifying the original message, SpamAssassin will create a |
2394 | -new report message and attach the original message as a message/rfc822 |
2395 | -MIME part (ensuring the original message is completely preserved, not |
2396 | -easily opened, and easier to recover). |
2397 | - |
2398 | -If this option is set to 2, then original messages will be attached with |
2399 | -a content type of text/plain instead of message/rfc822. This setting |
2400 | -may be required for safety reasons on certain broken mail clients that |
2401 | -automatically load attachments without any action by the user. This |
2402 | -setting may also make it somewhat more difficult to extract or view the |
2403 | -original message. |
2404 | - |
2405 | -If this option is set to 0, incoming spam is only modified by adding |
2406 | -some C<X-Spam-> headers and no changes will be made to the body. In |
2407 | -addition, a header named B<X-Spam-Report> will be added to spam. You |
2408 | -can use the B<remove_header> option to remove that header after setting |
2409 | -B<report_safe> to 0. |
2410 | - |
2411 | -See B<report_safe_copy_headers> if you want to copy headers from |
2412 | -the original mail into tagged messages. |
2413 | - |
2414 | -=cut |
2415 | - |
2416 | - push (@cmds, { |
2417 | - setting => 'report_safe', |
2418 | - default => 1, |
2419 | - type => $CONF_TYPE_NUMERIC, |
2420 | - code => sub { |
2421 | - my ($self, $key, $value, $line) = @_; |
2422 | - if ($value eq '') { |
2423 | - return $MISSING_REQUIRED_VALUE; |
2424 | - } |
2425 | - elsif ($value !~ /^[012]$/) { |
2426 | - return $INVALID_VALUE; |
2427 | - } |
2428 | - |
2429 | - $self->{report_safe} = $value+0; |
2430 | - if (! $self->{report_safe} && |
2431 | - ! (grep { lc($_->[0]) eq "report" } @{$self->{headers_spam}}) ) { |
2432 | - push(@{$self->{headers_spam}}, ["Report", "_REPORT_"]); |
2433 | - } |
2434 | - } |
2435 | - }); |
2436 | - |
2437 | -=back |
2438 | - |
2439 | -=head2 LANGUAGE OPTIONS |
2440 | - |
2441 | -=over 4 |
2442 | - |
2443 | -=item ok_locales xx [ yy zz ... ] (default: all) |
2444 | - |
2445 | -This option is used to specify which locales are considered OK for |
2446 | -incoming mail. Mail using the B<character sets> that are allowed by |
2447 | -this option will not be marked as possibly being spam in a foreign |
2448 | -language. |
2449 | - |
2450 | -If you receive lots of spam in foreign languages, and never get any non-spam in |
2451 | -these languages, this may help. Note that all ISO-8859-* character sets, and |
2452 | -Windows code page character sets, are always permitted by default. |
2453 | - |
2454 | -Set this to C<all> to allow all character sets. This is the default. |
2455 | - |
2456 | -The rules C<CHARSET_FARAWAY>, C<CHARSET_FARAWAY_BODY>, and |
2457 | -C<CHARSET_FARAWAY_HEADERS> are triggered based on how this is set. |
2458 | - |
2459 | -Examples: |
2460 | - |
2461 | - ok_locales all (allow all locales) |
2462 | - ok_locales en (only allow English) |
2463 | - ok_locales en ja zh (allow English, Japanese, and Chinese) |
2464 | - |
2465 | -Note: if there are multiple ok_locales lines, only the last one is used. |
2466 | - |
2467 | -Select the locales to allow from the list below: |
2468 | - |
2469 | -=over 4 |
2470 | - |
2471 | -=item en - Western character sets in general |
2472 | - |
2473 | -=item ja - Japanese character sets |
2474 | - |
2475 | -=item ko - Korean character sets |
2476 | - |
2477 | -=item ru - Cyrillic character sets |
2478 | - |
2479 | -=item th - Thai character sets |
2480 | - |
2481 | -=item zh - Chinese (both simplified and traditional) character sets |
2482 | - |
2483 | -=back |
2484 | - |
2485 | -=cut |
2486 | - |
2487 | - push (@cmds, { |
2488 | - setting => 'ok_locales', |
2489 | - default => 'all', |
2490 | - type => $CONF_TYPE_STRING, |
2491 | - }); |
2492 | - |
2493 | -=item normalize_charset ( 0 | 1) (default: 0) |
2494 | - |
2495 | -Whether to detect character sets and normalize message content to |
2496 | -Unicode. Requires the Encode::Detect module, HTML::Parser version |
2497 | -3.46 or later, and Perl 5.8.5 or later. |
2498 | - |
2499 | -=cut |
2500 | - |
2501 | - push (@cmds, { |
2502 | - setting => 'normalize_charset', |
2503 | - default => 0, |
2504 | - type => $CONF_TYPE_BOOL, |
2505 | - code => sub { |
2506 | - my ($self, $key, $value, $line) = @_; |
2507 | - unless (defined $value && $value !~ /^$/) { |
2508 | - return $MISSING_REQUIRED_VALUE; |
2509 | - } |
2510 | - return undef if $value == 0; |
2511 | - return $INVALID_VALUE unless $value == 1; |
2512 | - |
2513 | - unless ($] > 5.008004) { |
2514 | - $self->{parser}->lint_warn("config: normalize_charset requires Perl 5.8.5 or later"); |
2515 | - return $INVALID_VALUE; |
2516 | - } |
2517 | - require HTML::Parser; |
2518 | - unless ($HTML::Parser::VERSION >= 3.46) { |
2519 | - $self->{parser}->lint_warn("config: normalize_charset requires HTML::Parser 3.46 or later"); |
2520 | - return $INVALID_VALUE; |
2521 | - } |
2522 | - unless (eval 'require Encode::Detect::Detector') { |
2523 | - $self->{parser}->lint_warn("config: normalize_charset requires Encode::Detect"); |
2524 | - return $INVALID_VALUE; |
2525 | - } |
2526 | - unless (eval 'require Encode') { |
2527 | - $self->{parser}->lint_warn("config: normalize_charset requires Encode"); |
2528 | - return $INVALID_VALUE; |
2529 | - } |
2530 | - |
2531 | - $self->{normalize_charset} = 1; |
2532 | - } |
2533 | - }); |
2534 | - |
2535 | - |
2536 | -=back |
2537 | - |
2538 | -=head2 NETWORK TEST OPTIONS |
2539 | - |
2540 | -=over 4 |
2541 | - |
2542 | -=item trusted_networks ip.add.re.ss[/mask] ... (default: none) |
2543 | - |
2544 | -What networks or hosts are 'trusted' in your setup. B<Trusted> in this case |
2545 | -means that relay hosts on these networks are considered to not be potentially |
2546 | -operated by spammers, open relays, or open proxies. A trusted host could |
2547 | -conceivably relay spam, but will not originate it, and will not forge header |
2548 | -data. DNS blacklist checks will never query for hosts on these networks. |
2549 | - |
2550 | -See C<http://wiki.apache.org/spamassassin/TrustPath> for more information. |
2551 | - |
2552 | -MXes for your domain(s) and internal relays should B<also> be specified using |
2553 | -the C<internal_networks> setting. When there are 'trusted' hosts that |
2554 | -are not MXes or internal relays for your domain(s) they should B<only> be |
2555 | -specified in C<trusted_networks>. |
2556 | - |
2557 | -If a C</mask> is specified, it's considered a CIDR-style 'netmask', specified |
2558 | -in bits. If it is not specified, but less than 4 octets are specified with a |
2559 | -trailing dot, that's considered a mask to allow all addresses in the remaining |
2560 | -octets. If a mask is not specified, and there is not trailing dot, then just |
2561 | -the single IP address specified is used, as if the mask was C</32>. |
2562 | - |
2563 | -If a network or host address is prefaced by a C<!> the network or host will be |
2564 | -excluded (or included) in a first listed match fashion. |
2565 | - |
2566 | -Note: 127/8 and ::1 are always included in trusted_networks, regardless of |
2567 | -your config. |
2568 | - |
2569 | -Examples: |
2570 | - |
2571 | - trusted_networks 192.168/16 # all in 192.168.*.* |
2572 | - trusted_networks 212.17.35.15 # just that host |
2573 | - trusted_networks !10.0.1.5 10.0.1/24 # all in 10.0.1.* but not 10.0.1.5 |
2574 | - trusted_networks DEAD:BEEF::/32 # all in that ipv6 prefix |
2575 | - |
2576 | -This operates additively, so a C<trusted_networks> line after another one |
2577 | -will append new entries to the list of trusted networks. To clear out the |
2578 | -existing entries, use C<clear_trusted_networks>. |
2579 | - |
2580 | -If C<trusted_networks> is not set and C<internal_networks> is, the value |
2581 | -of C<internal_networks> will be used for this parameter. |
2582 | - |
2583 | -If neither C<trusted_networks> or C<internal_networks> is set, a basic |
2584 | -inference algorithm is applied. This works as follows: |
2585 | - |
2586 | -=over 4 |
2587 | - |
2588 | -=item * |
2589 | - |
2590 | -If the 'from' host has an IP address in a private (RFC 1918) network range, |
2591 | -then it's trusted |
2592 | - |
2593 | -=item * |
2594 | - |
2595 | -If there are authentication tokens in the received header, and |
2596 | -the previous host was trusted, then this host is also trusted |
2597 | - |
2598 | -=item * |
2599 | - |
2600 | -Otherwise this host, and all further hosts, are consider untrusted. |
2601 | - |
2602 | -=back |
2603 | - |
2604 | -=cut |
2605 | - |
2606 | - push (@cmds, { |
2607 | - setting => 'trusted_networks', |
2608 | - type => $CONF_TYPE_IPADDRLIST, |
2609 | - }); |
2610 | - |
2611 | -=item clear_trusted_networks |
2612 | - |
2613 | -Empty the list of trusted networks. |
2614 | - |
2615 | -=cut |
2616 | - |
2617 | - push (@cmds, { |
2618 | - setting => 'clear_trusted_networks', |
2619 | - type => $CONF_TYPE_NOARGS, |
2620 | - code => sub { |
2621 | - my ($self, $key, $value, $line) = @_; |
2622 | - unless (!defined $value || $value eq '') { |
2623 | - return $INVALID_VALUE; |
2624 | - } |
2625 | - $self->{trusted_networks} = $self->new_netset(); |
2626 | - $self->{trusted_networks_configured} = 0; |
2627 | - } |
2628 | - }); |
2629 | - |
2630 | -=item internal_networks ip.add.re.ss[/mask] ... (default: none) |
2631 | - |
2632 | -What networks or hosts are 'internal' in your setup. B<Internal> means |
2633 | -that relay hosts on these networks are considered to be MXes for your |
2634 | -domain(s), or internal relays. This uses the same format as |
2635 | -C<trusted_networks>, above. |
2636 | - |
2637 | -This value is used when checking 'dial-up' or dynamic IP address |
2638 | -blocklists, in order to detect direct-to-MX spamming. |
2639 | - |
2640 | -Trusted relays that accept mail directly from dial-up connections |
2641 | -(i.e. are also performing a role of mail submission agents - MSA) |
2642 | -should not be listed in C<internal_networks>. List them only in |
2643 | -C<trusted_networks>. |
2644 | - |
2645 | -If C<trusted_networks> is set and C<internal_networks> is not, the value |
2646 | -of C<trusted_networks> will be used for this parameter. |
2647 | - |
2648 | -If neither C<trusted_networks> nor C<internal_networks> is set, no addresses |
2649 | -will be considered local; in other words, any relays past the machine where |
2650 | -SpamAssassin is running will be considered external. |
2651 | - |
2652 | -Every entry in C<internal_networks> must appear in C<trusted_networks>; in |
2653 | -other words, C<internal_networks> is always a subset of the trusted set. |
2654 | - |
2655 | -Note: 127/8 and ::1 are always included in internal_networks, regardless of |
2656 | -your config. |
2657 | - |
2658 | -=cut |
2659 | - |
2660 | - push (@cmds, { |
2661 | - setting => 'internal_networks', |
2662 | - type => $CONF_TYPE_IPADDRLIST, |
2663 | - }); |
2664 | - |
2665 | -=item clear_internal_networks |
2666 | - |
2667 | -Empty the list of internal networks. |
2668 | - |
2669 | -=cut |
2670 | - |
2671 | - push (@cmds, { |
2672 | - setting => 'clear_internal_networks', |
2673 | - type => $CONF_TYPE_NOARGS, |
2674 | - code => sub { |
2675 | - my ($self, $key, $value, $line) = @_; |
2676 | - unless (!defined $value || $value eq '') { |
2677 | - return $INVALID_VALUE; |
2678 | - } |
2679 | - $self->{internal_networks} = $self->new_netset(); |
2680 | - $self->{internal_networks_configured} = 0; |
2681 | - } |
2682 | - }); |
2683 | - |
2684 | -=item msa_networks ip.add.re.ss[/mask] ... (default: none) |
2685 | - |
2686 | -The networks or hosts which are acting as MSAs in your setup (but not also as |
2687 | -MX relays). B<MSA> means that the relay hosts on these networks accept mail |
2688 | -from your own users and authenticates them appropriately. These relays |
2689 | -will never accept mail from hosts that aren't authenticated in some way. |
2690 | -Examples of authentication include, IP lists, SMTP AUTH, POP-before-SMTP, etc. |
2691 | - |
2692 | -All relays found in the message headers after the MSA relay will take |
2693 | -on the same trusted and internal classifications as the MSA relay itself, |
2694 | -as defined by your I<trusted_networks> and I<internal_networks> configuration. |
2695 | - |
2696 | -For example, if the MSA relay is trusted and internal so will all of the |
2697 | -relays that precede it. |
2698 | - |
2699 | -When using msa_networks to identify an MSA it is recommended that you treat |
2700 | -that MSA as both trusted and internal. When an MSA is not included in |
2701 | -msa_networks you should treat the MSA as trusted but not internal, however |
2702 | -if the MSA is also acting as an MX or intermediate relay you must always |
2703 | -treat it as both trusted and internal and ensure that the MSA includes |
2704 | -visible auth tokens in its Received header to identify submission clients. |
2705 | - |
2706 | -B<Warning:> Never include an MSA that also acts as an MX (or is also an |
2707 | -intermediate relay for an MX) or otherwise accepts mail from |
2708 | -non-authenticated users in msa_networks. Doing so will result in unknown |
2709 | -external relays being trusted. |
2710 | - |
2711 | -=cut |
2712 | - |
2713 | - push (@cmds, { |
2714 | - setting => 'msa_networks', |
2715 | - type => $CONF_TYPE_IPADDRLIST, |
2716 | - }); |
2717 | - |
2718 | -=item clear_msa_networks |
2719 | - |
2720 | -Empty the list of msa networks. |
2721 | - |
2722 | -=cut |
2723 | - |
2724 | - push (@cmds, { |
2725 | - setting => 'clear_msa_networks', |
2726 | - type => $CONF_TYPE_NOARGS, |
2727 | - code => sub { |
2728 | - my ($self, $key, $value, $line) = @_; |
2729 | - unless (!defined $value || $value eq '') { |
2730 | - return $INVALID_VALUE; |
2731 | - } |
2732 | - $self->{msa_networks} = Mail::SpamAssassin::NetSet->new(); # not new_netset |
2733 | - $self->{msa_networks_configured} = 0; |
2734 | - } |
2735 | - }); |
2736 | - |
2737 | -=item originating_ip_headers header ... (default: X-Yahoo-Post-IP X-Originating-IP X-Apparently-From X-SenderIP) |
2738 | - |
2739 | -A list of header field names from which an originating IP address can |
2740 | -be obtained. For example, webmail servers may record a client IP address |
2741 | -in X-Originating-IP. |
2742 | - |
2743 | -These IP addresses are virtually appended into the Received: chain, so they |
2744 | -are used in RBL checks where appropriate. |
2745 | - |
2746 | -Currently the IP addresses are not added into X-Spam-Relays-* header fields, |
2747 | -but they may be in the future. |
2748 | - |
2749 | -=cut |
2750 | - |
2751 | - push (@cmds, { |
2752 | - setting => 'originating_ip_headers', |
2753 | - default => [], |
2754 | - type => $CONF_TYPE_STRINGLIST, |
2755 | - code => sub { |
2756 | - my ($self, $key, $value, $line) = @_; |
2757 | - unless (defined $value && $value !~ /^$/) { |
2758 | - return $MISSING_REQUIRED_VALUE; |
2759 | - } |
2760 | - foreach my $hfname (split(/\s+/, $value)) { |
2761 | - # avoid duplicates, consider header field names case-insensitive |
2762 | - push(@{$self->{originating_ip_headers}}, $hfname) |
2763 | - if !grep(lc($_) eq lc($hfname), @{$self->{originating_ip_headers}}); |
2764 | - } |
2765 | - } |
2766 | - }); |
2767 | - |
2768 | -=item clear_originating_ip_headers |
2769 | - |
2770 | -Empty the list of 'originating IP address' header field names. |
2771 | - |
2772 | -=cut |
2773 | - |
2774 | - push (@cmds, { |
2775 | - setting => 'clear_originating_ip_headers', |
2776 | - type => $CONF_TYPE_NOARGS, |
2777 | - code => sub { |
2778 | - my ($self, $key, $value, $line) = @_; |
2779 | - unless (!defined $value || $value eq '') { |
2780 | - return $INVALID_VALUE; |
2781 | - } |
2782 | - $self->{originating_ip_headers} = []; |
2783 | - } |
2784 | - }); |
2785 | - |
2786 | -=item always_trust_envelope_sender ( 0 | 1 ) (default: 0) |
2787 | - |
2788 | -Trust the envelope sender even if the message has been passed through one or |
2789 | -more trusted relays. See also C<envelope_sender_header>. |
2790 | - |
2791 | -=cut |
2792 | - |
2793 | - push (@cmds, { |
2794 | - setting => 'always_trust_envelope_sender', |
2795 | - default => 0, |
2796 | - type => $CONF_TYPE_BOOL, |
2797 | - }); |
2798 | - |
2799 | -=item skip_rbl_checks ( 0 | 1 ) (default: 0) |
2800 | - |
2801 | -Turning on the skip_rbl_checks setting will disable the DNSEval plugin, |
2802 | -which implements Real-time Block List (or: Blackhole List) (RBL) lookups. |
2803 | - |
2804 | -By default, SpamAssassin will run RBL checks. Individual blocklists may |
2805 | -be disabled selectively by setting a score of a corresponding rule to 0. |
2806 | - |
2807 | -See also a related configuration parameter skip_uribl_checks, |
2808 | -which controls the URIDNSBL plugin (documented in the URIDNSBL man page). |
2809 | - |
2810 | -=cut |
2811 | - |
2812 | - push (@cmds, { |
2813 | - setting => 'skip_rbl_checks', |
2814 | - default => 0, |
2815 | - type => $CONF_TYPE_BOOL, |
2816 | - }); |
2817 | - |
2818 | -=item dns_available { yes | test[: name1 name2...] | no } (default: test) |
2819 | - |
2820 | -By default, SpamAssassin will query some default hosts on the internet to |
2821 | -attempt to check if DNS is working or not. The problem is that it can |
2822 | -introduce some delay if your network connection is down, and in some cases it |
2823 | -can wrongly guess that DNS is unavailable because the test connections failed. |
2824 | -SpamAssassin includes a default set of 13 servers, among which 3 are picked |
2825 | -randomly. |
2826 | - |
2827 | -You can however specify your own list by specifying |
2828 | - |
2829 | - dns_available test: domain1.tld domain2.tld domain3.tld |
2830 | - |
2831 | -Please note, the DNS test queries for NS records. |
2832 | - |
2833 | -=cut |
2834 | - |
2835 | - push (@cmds, { |
2836 | - setting => 'dns_available', |
2837 | - default => 'test', |
2838 | - type => $CONF_TYPE_STRING, |
2839 | - code => sub { |
2840 | - my ($self, $key, $value, $line) = @_; |
2841 | - if ($value =~ /^test(?::\s+.+)?$/) { |
2842 | - $self->{dns_available} = $value; |
2843 | - } |
2844 | - elsif ($value =~ /^(?:yes|1)$/) { |
2845 | - $self->{dns_available} = 'yes'; |
2846 | - } |
2847 | - elsif ($value =~ /^(?:no|0)$/) { |
2848 | - $self->{dns_available} = 'no'; |
2849 | - } |
2850 | - else { |
2851 | - return $INVALID_VALUE; |
2852 | - } |
2853 | - } |
2854 | - }); |
2855 | - |
2856 | -=item dns_test_interval n (default: 600 seconds) |
2857 | - |
2858 | -If dns_available is set to 'test' (which is the default), the dns_test_interval |
2859 | -time in number of seconds will tell SpamAssassin how often to retest for working DNS. |
2860 | - |
2861 | -=cut |
2862 | - |
2863 | - push (@cmds, { |
2864 | - setting => 'dns_test_interval', |
2865 | - default => 600, |
2866 | - type => $CONF_TYPE_NUMERIC, |
2867 | - code => sub { |
2868 | - my ($self, $key, $value, $line) = @_; |
2869 | - if ($value !~ /^\d+$/) { return $INVALID_VALUE; } |
2870 | - $self->{dns_test_interval} = $value; |
2871 | - } |
2872 | - }); |
2873 | - |
2874 | -=item dns_options rotate (default: empty) |
2875 | - |
2876 | -If set to 'rotate', this causes SpamAssassin to choose a DNS server at random |
2877 | -from all servers listed in C</etc/resolv.conf> every 'dns_test_interval' |
2878 | -seconds, effectively spreading the load over all currently available DNS |
2879 | -servers when there are many spamd workers. |
2880 | - |
2881 | -=cut |
2882 | - |
2883 | - push (@cmds, { |
2884 | - setting => 'dns_options', |
2885 | - type => $CONF_TYPE_HASH_KEY_VALUE, |
2886 | - code => sub { |
2887 | - my ($self, $key, $value, $line) = @_; |
2888 | - my $allowed_opts = "rotate"; |
2889 | - |
2890 | - foreach my $option (split (/\s+/, $value)) { |
2891 | - if ($allowed_opts !~ /^$option$/) { return $INVALID_VALUE; } |
2892 | - else { $self->{dns_options}->{$option} = 1; } |
2893 | - } |
2894 | - } |
2895 | - }); |
2896 | - |
2897 | -=back |
2898 | - |
2899 | -=head2 LEARNING OPTIONS |
2900 | - |
2901 | -=over 4 |
2902 | - |
2903 | -=item use_learner ( 0 | 1 ) (default: 1) |
2904 | - |
2905 | -Whether to use any machine-learning classifiers with SpamAssassin, such as the |
2906 | -default 'BAYES_*' rules. Setting this to 0 will disable use of any and all |
2907 | -human-trained classifiers. |
2908 | - |
2909 | -=cut |
2910 | - |
2911 | - push (@cmds, { |
2912 | - setting => 'use_learner', |
2913 | - default => 1, |
2914 | - type => $CONF_TYPE_BOOL, |
2915 | - }); |
2916 | - |
2917 | -=item use_bayes ( 0 | 1 ) (default: 1) |
2918 | - |
2919 | -Whether to use the naive-Bayesian-style classifier built into |
2920 | -SpamAssassin. This is a master on/off switch for all Bayes-related |
2921 | -operations. |
2922 | - |
2923 | -=cut |
2924 | - |
2925 | - push (@cmds, { |
2926 | - setting => 'use_bayes', |
2927 | - default => 1, |
2928 | - type => $CONF_TYPE_BOOL, |
2929 | - }); |
2930 | - |
2931 | -=item use_bayes_rules ( 0 | 1 ) (default: 1) |
2932 | - |
2933 | -Whether to use rules using the naive-Bayesian-style classifier built |
2934 | -into SpamAssassin. This allows you to disable the rules while leaving |
2935 | -auto and manual learning enabled. |
2936 | - |
2937 | -=cut |
2938 | - |
2939 | - push (@cmds, { |
2940 | - setting => 'use_bayes_rules', |
2941 | - default => 1, |
2942 | - type => $CONF_TYPE_BOOL, |
2943 | - }); |
2944 | - |
2945 | -=item bayes_auto_learn ( 0 | 1 ) (default: 1) |
2946 | - |
2947 | -Whether SpamAssassin should automatically feed high-scoring mails (or |
2948 | -low-scoring mails, for non-spam) into its learning systems. The only |
2949 | -learning system supported currently is a naive-Bayesian-style classifier. |
2950 | - |
2951 | -See the documentation for the |
2952 | -C<Mail::SpamAssassin::Plugin::AutoLearnThreshold> plugin module |
2953 | -for details on how Bayes auto-learning is implemented by default. |
2954 | - |
2955 | -=cut |
2956 | - |
2957 | - push (@cmds, { |
2958 | - setting => 'bayes_auto_learn', |
2959 | - default => 1, |
2960 | - type => $CONF_TYPE_BOOL, |
2961 | - }); |
2962 | - |
2963 | -=item bayes_ignore_header header_name |
2964 | - |
2965 | -If you receive mail filtered by upstream mail systems, like |
2966 | -a spam-filtering ISP or mailing list, and that service adds |
2967 | -new headers (as most of them do), these headers may provide |
2968 | -inappropriate cues to the Bayesian classifier, allowing it |
2969 | -to take a "short cut". To avoid this, list the headers using this |
2970 | -setting. Example: |
2971 | - |
2972 | - bayes_ignore_header X-Upstream-Spamfilter |
2973 | - bayes_ignore_header X-Upstream-SomethingElse |
2974 | - |
2975 | -=cut |
2976 | - |
2977 | - push (@cmds, { |
2978 | - setting => 'bayes_ignore_header', |
2979 | - default => [], |
2980 | - type => $CONF_TYPE_STRINGLIST, |
2981 | - code => sub { |
2982 | - my ($self, $key, $value, $line) = @_; |
2983 | - if ($value eq '') { |
2984 | - return $MISSING_REQUIRED_VALUE; |
2985 | - } |
2986 | - push (@{$self->{bayes_ignore_headers}}, split(/\s+/, $value)); |
2987 | - } |
2988 | - }); |
2989 | - |
2990 | -=item bayes_ignore_from user@example.com |
2991 | - |
2992 | -Bayesian classification and autolearning will not be performed on mail |
2993 | -from the listed addresses. Program C<sa-learn> will also ignore the |
2994 | -listed addresses if it is invoked using the C<--use-ignores> option. |
2995 | -One or more addresses can be listed, see C<whitelist_from>. |
2996 | - |
2997 | -Spam messages from certain senders may contain many words that |
2998 | -frequently occur in ham. For example, one might read messages from a |
2999 | -preferred bookstore but also get unwanted spam messages from other |
3000 | -bookstores. If the unwanted messages are learned as spam then any |
3001 | -messages discussing books, including the preferred bookstore and |
3002 | -antiquarian messages would be in danger of being marked as spam. The |
3003 | -addresses of the annoying bookstores would be listed. (Assuming they |
3004 | -were halfway legitimate and didn't send you mail through myriad |
3005 | -affiliates.) |
3006 | - |
3007 | -Those who have pieces of spam in legitimate messages or otherwise |
3008 | -receive ham messages containing potentially spammy words might fear |
3009 | -that some spam messages might be in danger of being marked as ham. |
3010 | -The addresses of the spam mailing lists, correspondents, etc. would |
3011 | -be listed. |
3012 | - |
3013 | -=cut |
3014 | - |
3015 | - push (@cmds, { |
3016 | - setting => 'bayes_ignore_from', |
3017 | - type => $CONF_TYPE_ADDRLIST, |
3018 | - }); |
3019 | - |
3020 | -=item bayes_ignore_to user@example.com |
3021 | - |
3022 | -Bayesian classification and autolearning will not be performed on mail |
3023 | -to the listed addresses. See C<bayes_ignore_from> for details. |
3024 | - |
3025 | -=cut |
3026 | - |
3027 | - push (@cmds, { |
3028 | - setting => 'bayes_ignore_to', |
3029 | - type => $CONF_TYPE_ADDRLIST, |
3030 | - }); |
3031 | - |
3032 | -=item bayes_min_ham_num (Default: 200) |
3033 | - |
3034 | -=item bayes_min_spam_num (Default: 200) |
3035 | - |
3036 | -To be accurate, the Bayes system does not activate until a certain number of |
3037 | -ham (non-spam) and spam have been learned. The default is 200 of each ham and |
3038 | -spam, but you can tune these up or down with these two settings. |
3039 | - |
3040 | -=cut |
3041 | - |
3042 | - push (@cmds, { |
3043 | - setting => 'bayes_min_ham_num', |
3044 | - default => 200, |
3045 | - type => $CONF_TYPE_NUMERIC, |
3046 | - }); |
3047 | - push (@cmds, { |
3048 | - setting => 'bayes_min_spam_num', |
3049 | - default => 200, |
3050 | - type => $CONF_TYPE_NUMERIC, |
3051 | - }); |
3052 | - |
3053 | -=item bayes_learn_during_report (Default: 1) |
3054 | - |
3055 | -The Bayes system will, by default, learn any reported messages |
3056 | -(C<spamassassin -r>) as spam. If you do not want this to happen, set |
3057 | -this option to 0. |
3058 | - |
3059 | -=cut |
3060 | - |
3061 | - push (@cmds, { |
3062 | - setting => 'bayes_learn_during_report', |
3063 | - default => 1, |
3064 | - type => $CONF_TYPE_BOOL, |
3065 | - }); |
3066 | - |
3067 | -=item bayes_sql_override_username |
3068 | - |
3069 | -Used by BayesStore::SQL storage implementation. |
3070 | - |
3071 | -If this options is set the BayesStore::SQL module will override the set |
3072 | -username with the value given. This could be useful for implementing global or |
3073 | -group bayes databases. |
3074 | - |
3075 | -=cut |
3076 | - |
3077 | - push (@cmds, { |
3078 | - setting => 'bayes_sql_override_username', |
3079 | - default => '', |
3080 | - type => $CONF_TYPE_STRING, |
3081 | - }); |
3082 | - |
3083 | -=item bayes_use_hapaxes (default: 1) |
3084 | - |
3085 | -Should the Bayesian classifier use hapaxes (words/tokens that occur only |
3086 | -once) when classifying? This produces significantly better hit-rates, but |
3087 | -increases database size by about a factor of 8 to 10. |
3088 | - |
3089 | -=cut |
3090 | - |
3091 | - push (@cmds, { |
3092 | - setting => 'bayes_use_hapaxes', |
3093 | - default => 1, |
3094 | - type => $CONF_TYPE_BOOL, |
3095 | - }); |
3096 | - |
3097 | -=item bayes_journal_max_size (default: 102400) |
3098 | - |
3099 | -SpamAssassin will opportunistically sync the journal and the database. |
3100 | -It will do so once a day, but will sync more often if the journal file |
3101 | -size goes above this setting, in bytes. If set to 0, opportunistic |
3102 | -syncing will not occur. |
3103 | - |
3104 | -=cut |
3105 | - |
3106 | - push (@cmds, { |
3107 | - setting => 'bayes_journal_max_size', |
3108 | - default => 102400, |
3109 | - type => $CONF_TYPE_NUMERIC, |
3110 | - }); |
3111 | - |
3112 | -=item bayes_expiry_max_db_size (default: 150000) |
3113 | - |
3114 | -What should be the maximum size of the Bayes tokens database? When expiry |
3115 | -occurs, the Bayes system will keep either 75% of the maximum value, or |
3116 | -100,000 tokens, whichever has a larger value. 150,000 tokens is roughly |
3117 | -equivalent to a 8Mb database file. |
3118 | - |
3119 | -=cut |
3120 | - |
3121 | - push (@cmds, { |
3122 | - setting => 'bayes_expiry_max_db_size', |
3123 | - default => 150000, |
3124 | - type => $CONF_TYPE_NUMERIC, |
3125 | - }); |
3126 | - |
3127 | -=item bayes_auto_expire (default: 1) |
3128 | - |
3129 | -If enabled, the Bayes system will try to automatically expire old tokens |
3130 | -from the database. Auto-expiry occurs when the number of tokens in the |
3131 | -database surpasses the bayes_expiry_max_db_size value. |
3132 | - |
3133 | -=cut |
3134 | - |
3135 | - push (@cmds, { |
3136 | - setting => 'bayes_auto_expire', |
3137 | - default => 1, |
3138 | - type => $CONF_TYPE_BOOL, |
3139 | - }); |
3140 | - |
3141 | -=item bayes_learn_to_journal (default: 0) |
3142 | - |
3143 | -If this option is set, whenever SpamAssassin does Bayes learning, it |
3144 | -will put the information into the journal instead of directly into the |
3145 | -database. This lowers contention for locking the database to execute |
3146 | -an update, but will also cause more access to the journal and cause a |
3147 | -delay before the updates are actually committed to the Bayes database. |
3148 | - |
3149 | -=cut |
3150 | - |
3151 | - push (@cmds, { |
3152 | - setting => 'bayes_learn_to_journal', |
3153 | - default => 0, |
3154 | - type => $CONF_TYPE_BOOL, |
3155 | - }); |
3156 | - |
3157 | -=back |
3158 | - |
3159 | -=head2 MISCELLANEOUS OPTIONS |
3160 | - |
3161 | -=over 4 |
3162 | - |
3163 | -=item time_limit n (default: 300) |
3164 | - |
3165 | -Specifies a limit on elapsed time in seconds that SpamAssassin is allowed |
3166 | -to spend before providing a result. The value may be fractional and must |
3167 | -not be negative, zero is interpreted as unlimited. The default is 300 |
3168 | -seconds for consistency with the spamd default setting of --timeout-child . |
3169 | - |
3170 | -This is a best-effort advisory setting, processing will not be abruptly |
3171 | -aborted at an arbitrary point in processing when the time limit is exceeded, |
3172 | -but only on reaching one of locations in the program flow equipped with a |
3173 | -time test. Currently equipped with the test are the main checking loop, |
3174 | -asynchronous DNS lookups, plugins which are calling external programs. |
3175 | -Rule evaluation is guarded by starting a timer (alarm) on each set of |
3176 | -compiled rules. |
3177 | - |
3178 | -When a message is passed to Mail::SpamAssassin::parse, a deadline time |
3179 | -is established as a sum of current time and the C<time_limit> setting. |
3180 | - |
3181 | -This deadline may also be specified by a caller through an option |
3182 | -'master_deadline' in $suppl_attrib on a call to parse(), possibly providing |
3183 | -a more accurate deadline taking into account past and expected future |
3184 | -processing of a message in a mail filtering setup. If both the config |
3185 | -option as well as a 'master_deadline' option in a call are provided, |
3186 | -the shorter time limit of the two is used (since version 3.3.2). |
3187 | -Note that spamd (and possibly third-party callers of SpamAssassin) will |
3188 | -supply the 'master_deadline' option in a call based on its --timeout-child |
3189 | -option (or equivalent), unlike the command line C<spamassassin>, which has |
3190 | -no such command line option. |
3191 | - |
3192 | -When a time limit is exceeded, most of the remaining tests will be skipped, |
3193 | -as well as auto-learning. Whatever tests fired so far will determine the |
3194 | -final score. The behaviour is similar to short-circuiting with attribute 'on', |
3195 | -as implemented by a Shortcircuit plugin. A synthetic hit on a rule named |
3196 | -TIME_LIMIT_EXCEEDED with a near-zero default score is generated, so that |
3197 | -the report will reflect the event. A score for TIME_LIMIT_EXCEEDED may |
3198 | -be provided explicitly in a configuration file, for example to achieve |
3199 | -whitelisting or blacklisting effect for messages with long processing times. |
3200 | - |
3201 | -The C<time_limit> option is a useful protection against excessive processing |
3202 | -time on certain degenerate or unusually long or complex mail messages, as well |
3203 | -as against some DoS attacks. It is also needed in time-critical pre-queue |
3204 | -filtering setups (e.g. milter, proxy, integration with MTA), where message |
3205 | -processing must finish before a SMTP client times out. RFC 5321 prescribes |
3206 | -in section 4.5.3.2.6 the 'DATA Termination' time limit of 10 minutes, |
3207 | -although it is not unusual to see some SMTP clients abort sooner on waiting |
3208 | -for a response. A sensible C<time_limit> for a pre-queue filtering setup is |
3209 | -maybe 50 seconds, assuming that clients are willing to wait at least a minute. |
3210 | - |
3211 | -=cut |
3212 | - |
3213 | - push (@cmds, { |
3214 | - setting => 'time_limit', |
3215 | - default => 300, |
3216 | - type => $CONF_TYPE_NUMERIC, |
3217 | - code => sub { |
3218 | - my ($self, $key, $value, $line) = @_; |
3219 | - if ($value !~ /^\d+(?:\.\d*)?$/) { return $INVALID_VALUE } |
3220 | - $value = 0+$value; |
3221 | - if ($value < 0) { return $INVALID_VALUE } |
3222 | - $self->{time_limit} = $value; |
3223 | - } |
3224 | - }); |
3225 | - |
3226 | -=item lock_method type |
3227 | - |
3228 | -Select the file-locking method used to protect database files on-disk. By |
3229 | -default, SpamAssassin uses an NFS-safe locking method on UNIX; however, if you |
3230 | -are sure that the database files you'll be using for Bayes and AWL storage will |
3231 | -never be accessed over NFS, a non-NFS-safe locking system can be selected. |
3232 | - |
3233 | -This will be quite a bit faster, but may risk file corruption if the files are |
3234 | -ever accessed by multiple clients at once, and one or more of them is accessing |
3235 | -them through an NFS filesystem. |
3236 | - |
3237 | -Note that different platforms require different locking systems. |
3238 | - |
3239 | -The supported locking systems for C<type> are as follows: |
3240 | - |
3241 | -=over 4 |
3242 | - |
3243 | -=item I<nfssafe> - an NFS-safe locking system |
3244 | - |
3245 | -=item I<flock> - simple UNIX C<flock()> locking |
3246 | - |
3247 | -=item I<win32> - Win32 locking using C<sysopen (..., O_CREAT|O_EXCL)>. |
3248 | - |
3249 | -=back |
3250 | - |
3251 | -nfssafe and flock are only available on UNIX, and win32 is only available |
3252 | -on Windows. By default, SpamAssassin will choose either nfssafe or |
3253 | -win32 depending on the platform in use. |
3254 | - |
3255 | -=cut |
3256 | - |
3257 | - push (@cmds, { |
3258 | - setting => 'lock_method', |
3259 | - default => '', |
3260 | - type => $CONF_TYPE_STRING, |
3261 | - code => sub { |
3262 | - my ($self, $key, $value, $line) = @_; |
3263 | - if ($value !~ /^(nfssafe|flock|win32)$/) { |
3264 | - return $INVALID_VALUE; |
3265 | - } |
3266 | - |
3267 | - $self->{lock_method} = $value; |
3268 | - # recreate the locker |
3269 | - $self->{main}->create_locker(); |
3270 | - } |
3271 | - }); |
3272 | - |
3273 | -=item fold_headers ( 0 | 1 ) (default: 1) |
3274 | - |
3275 | -By default, headers added by SpamAssassin will be whitespace folded. |
3276 | -In other words, they will be broken up into multiple lines instead of |
3277 | -one very long one and each continuation line will have a tabulator |
3278 | -prepended to mark it as a continuation of the preceding one. |
3279 | - |
3280 | -The automatic wrapping can be disabled here. Note that this can generate very |
3281 | -long lines. RFC 2822 required that header lines do not exceed 998 characters |
3282 | -(not counting the final CRLF). |
3283 | - |
3284 | -=cut |
3285 | - |
3286 | - push (@cmds, { |
3287 | - setting => 'fold_headers', |
3288 | - default => 1, |
3289 | - type => $CONF_TYPE_BOOL, |
3290 | - }); |
3291 | - |
3292 | -=item report_safe_copy_headers header_name ... |
3293 | - |
3294 | -If using C<report_safe>, a few of the headers from the original message |
3295 | -are copied into the wrapper header (From, To, Cc, Subject, Date, etc.) |
3296 | -If you want to have other headers copied as well, you can add them |
3297 | -using this option. You can specify multiple headers on the same line, |
3298 | -separated by spaces, or you can just use multiple lines. |
3299 | - |
3300 | -=cut |
3301 | - |
3302 | - push (@cmds, { |
3303 | - setting => 'report_safe_copy_headers', |
3304 | - default => [], |
3305 | - type => $CONF_TYPE_STRINGLIST, |
3306 | - code => sub { |
3307 | - my ($self, $key, $value, $line) = @_; |
3308 | - if ($value eq '') { |
3309 | - return $MISSING_REQUIRED_VALUE; |
3310 | - } |
3311 | - push(@{$self->{report_safe_copy_headers}}, split(/\s+/, $value)); |
3312 | - } |
3313 | - }); |
3314 | - |
3315 | -=item envelope_sender_header Name-Of-Header |
3316 | - |
3317 | -SpamAssassin will attempt to discover the address used in the 'MAIL FROM:' |
3318 | -phase of the SMTP transaction that delivered this message, if this data has |
3319 | -been made available by the SMTP server. This is used in the C<EnvelopeFrom> |
3320 | -pseudo-header, and for various rules such as SPF checking. |
3321 | - |
3322 | -By default, various MTAs will use different headers, such as the following: |
3323 | - |
3324 | - X-Envelope-From |
3325 | - Envelope-Sender |
3326 | - X-Sender |
3327 | - Return-Path |
3328 | - |
3329 | -SpamAssassin will attempt to use these, if some heuristics (such as the header |
3330 | -placement in the message, or the absence of fetchmail signatures) appear to |
3331 | -indicate that they are safe to use. However, it may choose the wrong headers |
3332 | -in some mailserver configurations. (More discussion of this can be found |
3333 | -in bug 2142 and bug 4747 in the SpamAssassin BugZilla.) |
3334 | - |
3335 | -To avoid this heuristic failure, the C<envelope_sender_header> setting may be |
3336 | -helpful. Name the header that your MTA or MDA adds to messages containing the |
3337 | -address used at the MAIL FROM step of the SMTP transaction. |
3338 | - |
3339 | -If the header in question contains C<E<lt>> or C<E<gt>> characters at the start |
3340 | -and end of the email address in the right-hand side, as in the SMTP |
3341 | -transaction, these will be stripped. |
3342 | - |
3343 | -If the header is not found in a message, or if it's value does not contain an |
3344 | -C<@> sign, SpamAssassin will issue a warning in the logs and fall back to its |
3345 | -default heuristics. |
3346 | - |
3347 | -(Note for MTA developers: we would prefer if the use of a single header be |
3348 | -avoided in future, since that precludes 'downstream' spam scanning. |
3349 | -C<http://wiki.apache.org/spamassassin/EnvelopeSenderInReceived> details a |
3350 | -better proposal, storing the envelope sender at each hop in the C<Received> |
3351 | -header.) |
3352 | - |
3353 | -example: |
3354 | - |
3355 | - envelope_sender_header X-SA-Exim-Mail-From |
3356 | - |
3357 | -=cut |
3358 | - |
3359 | - push (@cmds, { |
3360 | - setting => 'envelope_sender_header', |
3361 | - default => undef, |
3362 | - type => $CONF_TYPE_STRING, |
3363 | - }); |
3364 | - |
3365 | -=item describe SYMBOLIC_TEST_NAME description ... |
3366 | - |
3367 | -Used to describe a test. This text is shown to users in the detailed report. |
3368 | - |
3369 | -Note that test names which begin with '__' are reserved for meta-match |
3370 | -sub-rules, and are not scored or listed in the 'tests hit' reports. |
3371 | - |
3372 | -Also note that by convention, rule descriptions should be limited in |
3373 | -length to no more than 50 characters. |
3374 | - |
3375 | -=cut |
3376 | - |
3377 | - push (@cmds, { |
3378 | - command => 'describe', |
3379 | - setting => 'descriptions', |
3380 | - is_frequent => 1, |
3381 | - type => $CONF_TYPE_HASH_KEY_VALUE, |
3382 | - }); |
3383 | - |
3384 | -=item report_charset CHARSET (default: unset) |
3385 | - |
3386 | -Set the MIME Content-Type charset used for the text/plain report which |
3387 | -is attached to spam mail messages. |
3388 | - |
3389 | -=cut |
3390 | - |
3391 | - push (@cmds, { |
3392 | - setting => 'report_charset', |
3393 | - default => '', |
3394 | - type => $CONF_TYPE_STRING, |
3395 | - }); |
3396 | - |
3397 | -=item report ...some text for a report... |
3398 | - |
3399 | -Set the report template which is attached to spam mail messages. See the |
3400 | -C<10_default_prefs.cf> configuration file in C</usr/share/spamassassin> for an |
3401 | -example. |
3402 | - |
3403 | -If you change this, try to keep it under 78 columns. Each C<report> |
3404 | -line appends to the existing template, so use C<clear_report_template> |
3405 | -to restart. |
3406 | - |
3407 | -Tags can be included as explained above. |
3408 | - |
3409 | -=cut |
3410 | - |
3411 | - push (@cmds, { |
3412 | - command => 'report', |
3413 | - setting => 'report_template', |
3414 | - default => '', |
3415 | - type => $CONF_TYPE_TEMPLATE, |
3416 | - }); |
3417 | - |
3418 | -=item clear_report_template |
3419 | - |
3420 | -Clear the report template. |
3421 | - |
3422 | -=cut |
3423 | - |
3424 | - push (@cmds, { |
3425 | - command => 'clear_report_template', |
3426 | - setting => 'report_template', |
3427 | - type => $CONF_TYPE_NOARGS, |
3428 | - code => \&Mail::SpamAssassin::Conf::Parser::set_template_clear |
3429 | - }); |
3430 | - |
3431 | -=item report_contact ...text of contact address... |
3432 | - |
3433 | -Set what _CONTACTADDRESS_ is replaced with in the above report text. |
3434 | -By default, this is 'the administrator of that system', since the hostname |
3435 | -of the system the scanner is running on is also included. |
3436 | - |
3437 | -=cut |
3438 | - |
3439 | - push (@cmds, { |
3440 | - setting => 'report_contact', |
3441 | - default => 'the administrator of that system', |
3442 | - type => $CONF_TYPE_STRING, |
3443 | - }); |
3444 | - |
3445 | -=item report_hostname ...hostname to use... |
3446 | - |
3447 | -Set what _HOSTNAME_ is replaced with in the above report text. |
3448 | -By default, this is determined dynamically as whatever the host running |
3449 | -SpamAssassin calls itself. |
3450 | - |
3451 | -=cut |
3452 | - |
3453 | - push (@cmds, { |
3454 | - setting => 'report_hostname', |
3455 | - default => '', |
3456 | - type => $CONF_TYPE_STRING, |
3457 | - }); |
3458 | - |
3459 | -=item unsafe_report ...some text for a report... |
3460 | - |
3461 | -Set the report template which is attached to spam mail messages which contain a |
3462 | -non-text/plain part. See the C<10_default_prefs.cf> configuration file in |
3463 | -C</usr/share/spamassassin> for an example. |
3464 | - |
3465 | -Each C<unsafe-report> line appends to the existing template, so use |
3466 | -C<clear_unsafe_report_template> to restart. |
3467 | - |
3468 | -Tags can be used in this template (see above for details). |
3469 | - |
3470 | -=cut |
3471 | - |
3472 | - push (@cmds, { |
3473 | - command => 'unsafe_report', |
3474 | - setting => 'unsafe_report_template', |
3475 | - default => '', |
3476 | - type => $CONF_TYPE_TEMPLATE, |
3477 | - }); |
3478 | - |
3479 | -=item clear_unsafe_report_template |
3480 | - |
3481 | -Clear the unsafe_report template. |
3482 | - |
3483 | -=cut |
3484 | - |
3485 | - push (@cmds, { |
3486 | - command => 'clear_unsafe_report_template', |
3487 | - setting => 'unsafe_report_template', |
3488 | - type => $CONF_TYPE_NOARGS, |
3489 | - code => \&Mail::SpamAssassin::Conf::Parser::set_template_clear |
3490 | - }); |
3491 | - |
3492 | -=back |
3493 | - |
3494 | -=head1 RULE DEFINITIONS AND PRIVILEGED SETTINGS |
3495 | - |
3496 | -These settings differ from the ones above, in that they are considered |
3497 | -'privileged'. Only users running C<spamassassin> from their procmailrc's or |
3498 | -forward files, or sysadmins editing a file in C</etc/mail/spamassassin>, can |
3499 | -use them. C<spamd> users cannot use them in their C<user_prefs> files, for |
3500 | -security and efficiency reasons, unless C<allow_user_rules> is enabled (and |
3501 | -then, they may only add rules from below). |
3502 | - |
3503 | -=over 4 |
3504 | - |
3505 | -=item allow_user_rules ( 0 | 1 ) (default: 0) |
3506 | - |
3507 | -This setting allows users to create rules (and only rules) in their |
3508 | -C<user_prefs> files for use with C<spamd>. It defaults to off, because |
3509 | -this could be a severe security hole. It may be possible for users to |
3510 | -gain root level access if C<spamd> is run as root. It is NOT a good |
3511 | -idea, unless you have some other way of ensuring that users' tests are |
3512 | -safe. Don't use this unless you are certain you know what you are |
3513 | -doing. Furthermore, this option causes spamassassin to recompile all |
3514 | -the tests each time it processes a message for a user with a rule in |
3515 | -his/her C<user_prefs> file, which could have a significant effect on |
3516 | -server load. It is not recommended. |
3517 | - |
3518 | -Note that it is not currently possible to use C<allow_user_rules> to modify an |
3519 | -existing system rule from a C<user_prefs> file with C<spamd>. |
3520 | - |
3521 | -=cut |
3522 | - |
3523 | - push (@cmds, { |
3524 | - setting => 'allow_user_rules', |
3525 | - is_priv => 1, |
3526 | - default => 0, |
3527 | - type => $CONF_TYPE_BOOL, |
3528 | - code => sub { |
3529 | - my ($self, $key, $value, $line) = @_; |
3530 | - if ($value eq '') { |
3531 | - return $MISSING_REQUIRED_VALUE; |
3532 | - } |
3533 | - elsif ($value !~ /^[01]$/) { |
3534 | - return $INVALID_VALUE; |
3535 | - } |
3536 | - |
3537 | - $self->{allow_user_rules} = $value+0; |
3538 | - dbg("config: " . ($self->{allow_user_rules} ? "allowing":"not allowing") . " user rules!"); |
3539 | - } |
3540 | - }); |
3541 | - |
3542 | -=item redirector_pattern /pattern/modifiers |
3543 | - |
3544 | -A regex pattern that matches both the redirector site portion, and |
3545 | -the target site portion of a URI. |
3546 | - |
3547 | -Note: The target URI portion must be surrounded in parentheses and |
3548 | - no other part of the pattern may create a backreference. |
3549 | - |
3550 | -Example: http://chkpt.zdnet.com/chkpt/whatever/spammer.domain/yo/dude |
3551 | - |
3552 | - redirector_pattern /^https?:\/\/(?:opt\.)?chkpt\.zdnet\.com\/chkpt\/\w+\/(.*)$/i |
3553 | - |
3554 | -=cut |
3555 | - |
3556 | - push (@cmds, { |
3557 | - setting => 'redirector_pattern', |
3558 | - is_priv => 1, |
3559 | - code => sub { |
3560 | - my ($self, $key, $value, $line) = @_; |
3561 | - if ($value eq '') { |
3562 | - return $MISSING_REQUIRED_VALUE; |
3563 | - } |
3564 | - elsif (!$self->{parser}->is_delimited_regexp_valid("redirector_pattern", $value)) { |
3565 | - return $INVALID_VALUE; |
3566 | - } |
3567 | - |
3568 | - # convert to qr// while including modifiers |
3569 | - local ($1,$2,$3); |
3570 | - $value =~ /^m?(\W)(.*)(?:\1|>|}|\)|\])(.*?)$/; |
3571 | - my $pattern = $2; |
3572 | - $pattern = "(?".$3.")".$pattern if $3; |
3573 | - $pattern = qr/$pattern/; |
3574 | - |
3575 | - push @{$self->{main}->{conf}->{redirector_patterns}}, $pattern; |
3576 | - # dbg("config: adding redirector regex: " . $value); |
3577 | - } |
3578 | - }); |
3579 | - |
3580 | -=item header SYMBOLIC_TEST_NAME header op /pattern/modifiers [if-unset: STRING] |
3581 | - |
3582 | -Define a test. C<SYMBOLIC_TEST_NAME> is a symbolic test name, such as |
3583 | -'FROM_ENDS_IN_NUMS'. C<header> is the name of a mail header field, |
3584 | -such as 'Subject', 'To', 'From', etc. Header field names are matched |
3585 | -case-insensitively (conforming to RFC 5322 section 1.2.2), except for |
3586 | -all-capitals metaheader fields such as ALL, MESSAGEID, ALL-TRUSTED. |
3587 | - |
3588 | -Appending a modifier C<:raw> to a header field name will inhibit decoding of |
3589 | -quoted-printable or base-64 encoded strings, and will preserve all whitespace |
3590 | -inside the header string. The C<:raw> may also be applied to pseudo-headers |
3591 | -e.g. C<ALL:raw> will return a pristine (unmodified) header section. |
3592 | - |
3593 | -Appending a modifier C<:addr> to a header field name will cause everything |
3594 | -except the first email address to be removed from the header field. It is |
3595 | -mainly applicable to header fields 'From', 'Sender', 'To', 'Cc' along with |
3596 | -their 'Resent-*' counterparts, and the 'Return-Path'. |
3597 | - |
3598 | -Appending a modifier C<:name> to a header field name will cause everything |
3599 | -except the first display name to be removed from the header field. It is |
3600 | -mainly applicable to header fields 'From' and 'Resent-From'. |
3601 | - |
3602 | -It is syntactically permitted to append more than one modifier to a header |
3603 | -field name, although currently most combinations achieve no additional effect, |
3604 | -for example C<From:addr:raw> or C<From:raw:addr> is currently the same as |
3605 | -C<From:addr> . |
3606 | - |
3607 | -=over 4 |
3608 | - |
3609 | -=item example@foo |
3610 | - |
3611 | -=item example@foo (Foo Blah) |
3612 | - |
3613 | -=item example@foo, example@bar |
3614 | - |
3615 | -=item display: example@foo (Foo Blah), example@bar ; |
3616 | - |
3617 | -=item Foo Blah <example@foo> |
3618 | - |
3619 | -=item "Foo Blah" <example@foo> |
3620 | - |
3621 | -=item "'Foo Blah'" <example@foo> |
3622 | - |
3623 | -=back |
3624 | - |
3625 | -Appending C<:name> to the header name will cause everything except |
3626 | -the first real name to be removed from the header. For example, |
3627 | -all of the following will result in "Foo Blah" |
3628 | - |
3629 | -=over 4 |
3630 | - |
3631 | -=item example@foo (Foo Blah) |
3632 | - |
3633 | -=item example@foo (Foo Blah), example@bar |
3634 | - |
3635 | -=item display: example@foo (Foo Blah), example@bar ; |
3636 | - |
3637 | -=item Foo Blah <example@foo> |
3638 | - |
3639 | -=item "Foo Blah" <example@foo> |
3640 | - |
3641 | -=item "'Foo Blah'" <example@foo> |
3642 | - |
3643 | -=back |
3644 | - |
3645 | -There are several special pseudo-headers that can be specified: |
3646 | - |
3647 | -=over 4 |
3648 | - |
3649 | -=item C<ALL> can be used to mean the text of all the message's headers. |
3650 | -Note that all whitespace inside the headers, at line folds, is currently |
3651 | -compressed into a single space (' ') character. To obtain a pristine |
3652 | -(unmodified) header section, use C<ALL:raw> - the :raw modifier is documented |
3653 | -above. |
3654 | - |
3655 | -=item C<ToCc> can be used to mean the contents of both the 'To' and 'Cc' |
3656 | -headers. |
3657 | - |
3658 | -=item C<EnvelopeFrom> is the address used in the 'MAIL FROM:' phase of the SMTP |
3659 | -transaction that delivered this message, if this data has been made available |
3660 | -by the SMTP server. See C<envelope_sender_header> for more information |
3661 | -on how to set this. |
3662 | - |
3663 | -=item C<MESSAGEID> is a symbol meaning all Message-Id's found in the message; |
3664 | -some mailing list software moves the real 'Message-Id' to 'Resent-Message-Id' |
3665 | -or to 'X-Message-Id', then uses its own one in the 'Message-Id' header. |
3666 | -The value returned for this symbol is the text from all 3 headers, separated |
3667 | -by newlines. |
3668 | - |
3669 | -=item C<X-Spam-Relays-Untrusted>, C<X-Spam-Relays-Trusted>, |
3670 | -C<X-Spam-Relays-Internal> and C<X-Spam-Relays-External> represent a portable, |
3671 | -pre-parsed representation of the message's network path, as recorded in the |
3672 | -Received headers, divided into 'trusted' vs 'untrusted' and 'internal' vs |
3673 | -'external' sets. See C<http://wiki.apache.org/spamassassin/TrustedRelays> for |
3674 | -more details. |
3675 | - |
3676 | -=back |
3677 | - |
3678 | -C<op> is either C<=~> (contains regular expression) or C<!~> (does not contain |
3679 | -regular expression), and C<pattern> is a valid Perl regular expression, with |
3680 | -C<modifiers> as regexp modifiers in the usual style. Note that multi-line |
3681 | -rules are not supported, even if you use C<x> as a modifier. Also note that |
3682 | -the C<#> character must be escaped (C<\#>) or else it will be considered to be |
3683 | -the start of a comment and not part of the regexp. |
3684 | - |
3685 | -If the C<[if-unset: STRING]> tag is present, then C<STRING> will |
3686 | -be used if the header is not found in the mail message. |
3687 | - |
3688 | -Test names must not start with a number, and must contain only |
3689 | -alphanumerics and underscores. It is suggested that lower-case characters |
3690 | -not be used, and names have a length of no more than 22 characters, |
3691 | -as an informal convention. Dashes are not allowed. |
3692 | - |
3693 | -Note that test names which begin with '__' are reserved for meta-match |
3694 | -sub-rules, and are not scored or listed in the 'tests hit' reports. |
3695 | -Test names which begin with 'T_' are reserved for tests which are |
3696 | -undergoing QA, and these are given a very low score. |
3697 | - |
3698 | -If you add or modify a test, please be sure to run a sanity check afterwards |
3699 | -by running C<spamassassin --lint>. This will avoid confusing error |
3700 | -messages, or other tests being skipped as a side-effect. |
3701 | - |
3702 | -=item header SYMBOLIC_TEST_NAME exists:name_of_header |
3703 | - |
3704 | -Define a header existence test. C<name_of_header> is the name of a |
3705 | -header field to test for existence. This is just a very simple version |
3706 | -of the above header tests. |
3707 | - |
3708 | -=item header SYMBOLIC_TEST_NAME eval:name_of_eval_method([arguments]) |
3709 | - |
3710 | -Define a header eval test. C<name_of_eval_method> is the name of |
3711 | -a method on the C<Mail::SpamAssassin::EvalTests> object. C<arguments> |
3712 | -are optional arguments to the function call. |
3713 | - |
3714 | -=item header SYMBOLIC_TEST_NAME eval:check_rbl('set', 'zone' [, 'sub-test']) |
3715 | - |
3716 | -Check a DNSBL (a DNS blacklist or whitelist). This will retrieve Received: |
3717 | -headers from the message, extract the IP addresses, select which ones are |
3718 | -'untrusted' based on the C<trusted_networks> logic, and query that DNSBL |
3719 | -zone. There's a few things to note: |
3720 | - |
3721 | -=over 4 |
3722 | - |
3723 | -=item duplicated or private IPs |
3724 | - |
3725 | -Duplicated IPs are only queried once and reserved IPs are not queried. |
3726 | -Private IPs are those listed in |
3727 | -<http://www.iana.org/assignments/ipv4-address-space>, |
3728 | -<http://duxcw.com/faq/network/privip.htm>, |
3729 | -<http://duxcw.com/faq/network/autoip.htm>, or |
3730 | -<ftp://ftp.rfc-editor.org/in-notes/rfc3330.txt> as private. |
3731 | - |
3732 | -=item the 'set' argument |
3733 | - |
3734 | -This is used as a 'zone ID'. If you want to look up a multiple-meaning zone |
3735 | -like NJABL or SORBS, you can then query the results from that zone using it; |
3736 | -but all check_rbl_sub() calls must use that zone ID. |
3737 | - |
3738 | -Also, if more than one IP address gets a DNSBL hit for a particular rule, it |
3739 | -does not affect the score because rules only trigger once per message. |
3740 | - |
3741 | -=item the 'zone' argument |
3742 | - |
3743 | -This is the root zone of the DNSBL, ending in a period. |
3744 | - |
3745 | -=item the 'sub-test' argument |
3746 | - |
3747 | -This optional argument behaves the same as the sub-test argument in |
3748 | -C<check_rbl_sub()> below. |
3749 | - |
3750 | -=item selecting all IPs except for the originating one |
3751 | - |
3752 | -This is accomplished by placing '-notfirsthop' at the end of the set name. |
3753 | -This is useful for querying against DNS lists which list dialup IP |
3754 | -addresses; the first hop may be a dialup, but as long as there is at least |
3755 | -one more hop, via their outgoing SMTP server, that's legitimate, and so |
3756 | -should not gain points. If there is only one hop, that will be queried |
3757 | -anyway, as it should be relaying via its outgoing SMTP server instead of |
3758 | -sending directly to your MX (mail exchange). |
3759 | - |
3760 | -=item selecting IPs by whether they are trusted |
3761 | - |
3762 | -When checking a 'nice' DNSBL (a DNS whitelist), you cannot trust the IP |
3763 | -addresses in Received headers that were not added by trusted relays. To |
3764 | -test the first IP address that can be trusted, place '-firsttrusted' at the |
3765 | -end of the set name. That should test the IP address of the relay that |
3766 | -connected to the most remote trusted relay. |
3767 | - |
3768 | -Note that this requires that SpamAssassin know which relays are trusted. For |
3769 | -simple cases, SpamAssassin can make a good estimate. For complex cases, you |
3770 | -may get better results by setting C<trusted_networks> manually. |
3771 | - |
3772 | -In addition, you can test all untrusted IP addresses by placing '-untrusted' |
3773 | -at the end of the set name. Important note -- this does NOT include the |
3774 | -IP address from the most recent 'untrusted line', as used in '-firsttrusted' |
3775 | -above. That's because we're talking about the trustworthiness of the |
3776 | -IP address data, not the source header line, here; and in the case of |
3777 | -the most recent header (the 'firsttrusted'), that data can be trusted. |
3778 | -See the Wiki page at C<http://wiki.apache.org/spamassassin/TrustedRelays> |
3779 | -for more information on this. |
3780 | - |
3781 | -=item Selecting just the last external IP |
3782 | - |
3783 | -By using '-lastexternal' at the end of the set name, you can select only |
3784 | -the external host that connected to your internal network, or at least |
3785 | -the last external host with a public IP. |
3786 | - |
3787 | -=back |
3788 | - |
3789 | -=item header SYMBOLIC_TEST_NAME eval:check_rbl_txt('set', 'zone') |
3790 | - |
3791 | -Same as check_rbl(), except querying using IN TXT instead of IN A records. |
3792 | -If the zone supports it, it will result in a line of text describing |
3793 | -why the IP is listed, typically a hyperlink to a database entry. |
3794 | - |
3795 | -=item header SYMBOLIC_TEST_NAME eval:check_rbl_sub('set', 'sub-test') |
3796 | - |
3797 | -Create a sub-test for 'set'. If you want to look up a multi-meaning zone |
3798 | -like relays.osirusoft.com, you can then query the results from that zone |
3799 | -using the zone ID from the original query. The sub-test may either be an |
3800 | -IPv4 dotted address for RBLs that return multiple A records or a |
3801 | -non-negative decimal number to specify a bitmask for RBLs that return a |
3802 | -single A record containing a bitmask of results, a SenderBase test |
3803 | -beginning with "sb:", or (if none of the preceding options seem to fit) a |
3804 | -regular expression. |
3805 | - |
3806 | -Note: the set name must be exactly the same for as the main query rule, |
3807 | -including selections like '-notfirsthop' appearing at the end of the set |
3808 | -name. |
3809 | - |
3810 | -=cut |
3811 | - |
3812 | - push (@cmds, { |
3813 | - setting => 'header', |
3814 | - is_frequent => 1, |
3815 | - is_priv => 1, |
3816 | - code => sub { |
3817 | - my ($self, $key, $value, $line) = @_; |
3818 | - local ($1,$2); |
3819 | - if ($value =~ /^(\S+)\s+(?:rbl)?eval:(.*)$/) { |
3820 | - my ($name, $fn) = ($1, $2); |
3821 | - |
3822 | - if ($fn =~ /^check_(?:rbl|dns)/) { |
3823 | - $self->{parser}->add_test ($name, $fn, $TYPE_RBL_EVALS); |
3824 | - } |
3825 | - else { |
3826 | - $self->{parser}->add_test ($name, $fn, $TYPE_HEAD_EVALS); |
3827 | - } |
3828 | - } |
3829 | - elsif ($value =~ /^(\S+)\s+exists:([!-9;-\176]+)$/) { |
3830 | - # RFC 5322 section 3.6.8, ftext printable US-ASCII ch not including ":" |
3831 | - $self->{parser}->add_test ($1, "defined($2)", $TYPE_HEAD_TESTS); |
3832 | - $self->{descriptions}->{$1} = "Found a $2 header"; |
3833 | - } |
3834 | - else { |
3835 | - my @values = split(/\s+/, $value, 2); |
3836 | - if (@values != 2) { |
3837 | - return $MISSING_REQUIRED_VALUE; |
3838 | - } |
3839 | - $self->{parser}->add_test (@values, $TYPE_HEAD_TESTS); |
3840 | - } |
3841 | - } |
3842 | - }); |
3843 | - |
3844 | -=item body SYMBOLIC_TEST_NAME /pattern/modifiers |
3845 | - |
3846 | -Define a body pattern test. C<pattern> is a Perl regular expression. Note: |
3847 | -as per the header tests, C<#> must be escaped (C<\#>) or else it is considered |
3848 | -the beginning of a comment. |
3849 | - |
3850 | -The 'body' in this case is the textual parts of the message body; |
3851 | -any non-text MIME parts are stripped, and the message decoded from |
3852 | -Quoted-Printable or Base-64-encoded format if necessary. The message |
3853 | -Subject header is considered part of the body and becomes the first |
3854 | -paragraph when running the rules. All HTML tags and line breaks will |
3855 | -be removed before matching. |
3856 | - |
3857 | -=item body SYMBOLIC_TEST_NAME eval:name_of_eval_method([args]) |
3858 | - |
3859 | -Define a body eval test. See above. |
3860 | - |
3861 | -=cut |
3862 | - |
3863 | - push (@cmds, { |
3864 | - setting => 'body', |
3865 | - is_frequent => 1, |
3866 | - is_priv => 1, |
3867 | - code => sub { |
3868 | - my ($self, $key, $value, $line) = @_; |
3869 | - local ($1,$2); |
3870 | - if ($value =~ /^(\S+)\s+eval:(.*)$/) { |
3871 | - $self->{parser}->add_test ($1, $2, $TYPE_BODY_EVALS); |
3872 | - } |
3873 | - else { |
3874 | - my @values = split(/\s+/, $value, 2); |
3875 | - if (@values != 2) { |
3876 | - return $MISSING_REQUIRED_VALUE; |
3877 | - } |
3878 | - $self->{parser}->add_test (@values, $TYPE_BODY_TESTS); |
3879 | - } |
3880 | - } |
3881 | - }); |
3882 | - |
3883 | -=item uri SYMBOLIC_TEST_NAME /pattern/modifiers |
3884 | - |
3885 | -Define a uri pattern test. C<pattern> is a Perl regular expression. Note: as |
3886 | -per the header tests, C<#> must be escaped (C<\#>) or else it is considered |
3887 | -the beginning of a comment. |
3888 | - |
3889 | -The 'uri' in this case is a list of all the URIs in the body of the email, |
3890 | -and the test will be run on each and every one of those URIs, adjusting the |
3891 | -score if a match is found. Use this test instead of one of the body tests |
3892 | -when you need to match a URI, as it is more accurately bound to the start/end |
3893 | -points of the URI, and will also be faster. |
3894 | - |
3895 | -=cut |
3896 | - |
3897 | -# we don't do URI evals yet - maybe later |
3898 | -# if (/^uri\s+(\S+)\s+eval:(.*)$/) { |
3899 | -# $self->{parser}->add_test ($1, $2, $TYPE_URI_EVALS); |
3900 | -# next; |
3901 | -# } |
3902 | - push (@cmds, { |
3903 | - setting => 'uri', |
3904 | - is_priv => 1, |
3905 | - code => sub { |
3906 | - my ($self, $key, $value, $line) = @_; |
3907 | - my @values = split(/\s+/, $value, 2); |
3908 | - if (@values != 2) { |
3909 | - return $MISSING_REQUIRED_VALUE; |
3910 | - } |
3911 | - $self->{parser}->add_test (@values, $TYPE_URI_TESTS); |
3912 | - } |
3913 | - }); |
3914 | - |
3915 | -=item rawbody SYMBOLIC_TEST_NAME /pattern/modifiers |
3916 | - |
3917 | -Define a raw-body pattern test. C<pattern> is a Perl regular expression. |
3918 | -Note: as per the header tests, C<#> must be escaped (C<\#>) or else it is |
3919 | -considered the beginning of a comment. |
3920 | - |
3921 | -The 'raw body' of a message is the raw data inside all textual parts. The |
3922 | -text will be decoded from base64 or quoted-printable encoding, but HTML |
3923 | -tags and line breaks will still be present. Multiline expressions will |
3924 | -need to be used to match strings that are broken by line breaks. |
3925 | - |
3926 | -=item rawbody SYMBOLIC_TEST_NAME eval:name_of_eval_method([args]) |
3927 | - |
3928 | -Define a raw-body eval test. See above. |
3929 | - |
3930 | -=cut |
3931 | - |
3932 | - push (@cmds, { |
3933 | - setting => 'rawbody', |
3934 | - is_frequent => 1, |
3935 | - is_priv => 1, |
3936 | - code => sub { |
3937 | - my ($self, $key, $value, $line) = @_; |
3938 | - local ($1,$2); |
3939 | - if ($value =~ /^(\S+)\s+eval:(.*)$/) { |
3940 | - $self->{parser}->add_test ($1, $2, $TYPE_RAWBODY_EVALS); |
3941 | - } else { |
3942 | - my @values = split(/\s+/, $value, 2); |
3943 | - if (@values != 2) { |
3944 | - return $MISSING_REQUIRED_VALUE; |
3945 | - } |
3946 | - $self->{parser}->add_test (@values, $TYPE_RAWBODY_TESTS); |
3947 | - } |
3948 | - } |
3949 | - }); |
3950 | - |
3951 | -=item full SYMBOLIC_TEST_NAME /pattern/modifiers |
3952 | - |
3953 | -Define a full message pattern test. C<pattern> is a Perl regular expression. |
3954 | -Note: as per the header tests, C<#> must be escaped (C<\#>) or else it is |
3955 | -considered the beginning of a comment. |
3956 | - |
3957 | -The full message is the pristine message headers plus the pristine message |
3958 | -body, including all MIME data such as images, other attachments, MIME |
3959 | -boundaries, etc. |
3960 | - |
3961 | -=item full SYMBOLIC_TEST_NAME eval:name_of_eval_method([args]) |
3962 | - |
3963 | -Define a full message eval test. See above. |
3964 | - |
3965 | -=cut |
3966 | - |
3967 | - push (@cmds, { |
3968 | - setting => 'full', |
3969 | - is_priv => 1, |
3970 | - code => sub { |
3971 | - my ($self, $key, $value, $line) = @_; |
3972 | - local ($1,$2); |
3973 | - if ($value =~ /^(\S+)\s+eval:(.*)$/) { |
3974 | - $self->{parser}->add_test ($1, $2, $TYPE_FULL_EVALS); |
3975 | - } else { |
3976 | - my @values = split(/\s+/, $value, 2); |
3977 | - if (@values != 2) { |
3978 | - return $MISSING_REQUIRED_VALUE; |
3979 | - } |
3980 | - $self->{parser}->add_test (@values, $TYPE_FULL_TESTS); |
3981 | - } |
3982 | - } |
3983 | - }); |
3984 | - |
3985 | -=item meta SYMBOLIC_TEST_NAME boolean expression |
3986 | - |
3987 | -Define a boolean expression test in terms of other tests that have |
3988 | -been hit or not hit. For example: |
3989 | - |
3990 | -meta META1 TEST1 && !(TEST2 || TEST3) |
3991 | - |
3992 | -Note that English language operators ("and", "or") will be treated as |
3993 | -rule names, and that there is no C<XOR> operator. |
3994 | - |
3995 | -=item meta SYMBOLIC_TEST_NAME boolean arithmetic expression |
3996 | - |
3997 | -Can also define an arithmetic expression in terms of other tests, |
3998 | -with an unhit test having the value "0" and a hit test having a |
3999 | -nonzero value. The value of a hit meta test is that of its arithmetic |
4000 | -expression. The value of a hit eval test is that returned by its |
4001 | -method. The value of a hit header, body, rawbody, uri, or full test |
4002 | -which has the "multiple" tflag is the number of times the test hit. |
4003 | -The value of any other type of hit test is "1". |
4004 | - |
4005 | -For example: |
4006 | - |
4007 | -meta META2 (3 * TEST1 - 2 * TEST2) > 0 |
4008 | - |
4009 | -Note that Perl builtins and functions, like C<abs()>, B<can't> be |
4010 | -used, and will be treated as rule names. |
4011 | - |
4012 | -If you want to define a meta-rule, but do not want its individual sub-rules to |
4013 | -count towards the final score unless the entire meta-rule matches, give the |
4014 | -sub-rules names that start with '__' (two underscores). SpamAssassin will |
4015 | -ignore these for scoring. |
4016 | - |
4017 | -=cut |
4018 | - |
4019 | - push (@cmds, { |
4020 | - setting => 'meta', |
4021 | - is_frequent => 1, |
4022 | - is_priv => 1, |
4023 | - code => sub { |
4024 | - my ($self, $key, $value, $line) = @_; |
4025 | - my @values = split(/\s+/, $value, 2); |
4026 | - if (@values != 2) { |
4027 | - return $MISSING_REQUIRED_VALUE; |
4028 | - } |
4029 | - if ($values[1] =~ /\*\s*\*/) { |
4030 | - info("config: found invalid '**' or '* *' operator in meta command"); |
4031 | - return $INVALID_VALUE; |
4032 | - } |
4033 | - $self->{parser}->add_test (@values, $TYPE_META_TESTS); |
4034 | - } |
4035 | - }); |
4036 | - |
4037 | -=item reuse SYMBOLIC_TEST_NAME [ OLD_SYMBOLIC_TEST_NAME_1 ... ] |
4038 | - |
4039 | -Defines the name of a test that should be "reused" during the scoring |
4040 | -process. If a message has an X-Spam-Status header that shows a hit for |
4041 | -this rule or any of the old rule names given, a hit will be added for |
4042 | -this rule when B<mass-check --reuse> is used. Examples: |
4043 | - |
4044 | -C<reuse SPF_PASS> |
4045 | - |
4046 | -C<reuse MY_NET_RULE_V2 MY_NET_RULE_V1> |
4047 | - |
4048 | -The actual logic for reuse tests is done by |
4049 | -B<Mail::SpamAssassin::Plugin::Reuse>. |
4050 | - |
4051 | -=cut |
4052 | - |
4053 | - push (@cmds, { |
4054 | - setting => 'reuse', |
4055 | - is_priv => 1, |
4056 | - code => sub { |
4057 | - my ($self, $key, $value, $line) = @_; |
4058 | - if ($value !~ /\s*(\w+)(?:\s+(?:\w+(?:\s+\w+)*))?\s*$/) { |
4059 | - return $INVALID_VALUE; |
4060 | - } |
4061 | - my $rule_name = $1; |
4062 | - # don't overwrite tests, just define them so scores, priorities work |
4063 | - if (!exists $self->{tests}->{$rule_name}) { |
4064 | - $self->{parser}->add_test($rule_name, undef, $TYPE_EMPTY_TESTS); |
4065 | - } |
4066 | - } |
4067 | - }); |
4068 | - |
4069 | -=item tflags SYMBOLIC_TEST_NAME [ {net|nice|learn|userconf|noautolearn|multiple} ] |
4070 | - |
4071 | -Used to set flags on a test. These flags are used in the |
4072 | -score-determination back end system for details of the test's |
4073 | -behaviour. Please see C<bayes_auto_learn> for more information |
4074 | -about tflag interaction with those systems. The following flags |
4075 | -can be set: |
4076 | - |
4077 | -=over 4 |
4078 | - |
4079 | -=item net |
4080 | - |
4081 | -The test is a network test, and will not be run in the mass checking system |
4082 | -or if B<-L> is used, therefore its score should not be modified. |
4083 | - |
4084 | -=item nice |
4085 | - |
4086 | -The test is intended to compensate for common false positives, and should be |
4087 | -assigned a negative score. |
4088 | - |
4089 | -=item userconf |
4090 | - |
4091 | -The test requires user configuration before it can be used (like language- |
4092 | -specific tests). |
4093 | - |
4094 | -=item learn |
4095 | - |
4096 | -The test requires training before it can be used. |
4097 | - |
4098 | -=item noautolearn |
4099 | - |
4100 | -The test will explicitly be ignored when calculating the score for |
4101 | -learning systems. |
4102 | - |
4103 | -=item multiple |
4104 | - |
4105 | -The test will be evaluated multiple times, for use with meta rules. |
4106 | -Only affects header, body, rawbody, uri, and full tests. |
4107 | - |
4108 | -=back |
4109 | - |
4110 | -=cut |
4111 | - |
4112 | - push (@cmds, { |
4113 | - setting => 'tflags', |
4114 | - is_frequent => 1, |
4115 | - is_priv => 1, |
4116 | - type => $CONF_TYPE_HASH_KEY_VALUE, |
4117 | - }); |
4118 | - |
4119 | -=item priority SYMBOLIC_TEST_NAME n |
4120 | - |
4121 | -Assign a specific priority to a test. All tests, except for DNS and Meta |
4122 | -tests, are run in increasing priority value order (negative priority values |
4123 | -are run before positive priority values). The default test priority is 0 |
4124 | -(zero). |
4125 | - |
4126 | -The values <-99999999999999> and <-99999999999998> have a special meaning |
4127 | -internally, and should not be used. |
4128 | - |
4129 | -=cut |
4130 | - |
4131 | - push (@cmds, { |
4132 | - setting => 'priority', |
4133 | - is_priv => 1, |
4134 | - type => $CONF_TYPE_HASH_KEY_VALUE, |
4135 | - }); |
4136 | - |
4137 | -=back |
4138 | - |
4139 | -=head1 ADMINISTRATOR SETTINGS |
4140 | - |
4141 | -These settings differ from the ones above, in that they are considered 'more |
4142 | -privileged' -- even more than the ones in the B<PRIVILEGED SETTINGS> section. |
4143 | -No matter what C<allow_user_rules> is set to, these can never be set from a |
4144 | -user's C<user_prefs> file when spamc/spamd is being used. However, all |
4145 | -settings can be used by local programs run directly by the user. |
4146 | - |
4147 | -=over 4 |
4148 | - |
4149 | -=item version_tag string |
4150 | - |
4151 | -This tag is appended to the SA version in the X-Spam-Status header. You should |
4152 | -include it when modify your ruleset, especially if you plan to distribute it. |
4153 | -A good choice for I<string> is your last name or your initials followed by a |
4154 | -number which you increase with each change. |
4155 | - |
4156 | -The version_tag will be lowercased, and any non-alphanumeric or period |
4157 | -character will be replaced by an underscore. |
4158 | - |
4159 | -e.g. |
4160 | - |
4161 | - version_tag myrules1 # version=2.41-myrules1 |
4162 | - |
4163 | -=cut |
4164 | - |
4165 | - push (@cmds, { |
4166 | - setting => 'version_tag', |
4167 | - is_admin => 1, |
4168 | - code => sub { |
4169 | - my ($self, $key, $value, $line) = @_; |
4170 | - if ($value eq '') { |
4171 | - return $MISSING_REQUIRED_VALUE; |
4172 | - } |
4173 | - my $tag = lc($value); |
4174 | - $tag =~ tr/a-z0-9./_/c; |
4175 | - foreach (@Mail::SpamAssassin::EXTRA_VERSION) { |
4176 | - if($_ eq $tag) { $tag = undef; last; } |
4177 | - } |
4178 | - push(@Mail::SpamAssassin::EXTRA_VERSION, $tag) if($tag); |
4179 | - } |
4180 | - }); |
4181 | - |
4182 | -=item test SYMBOLIC_TEST_NAME (ok|fail) Some string to test against |
4183 | - |
4184 | -Define a regression testing string. You can have more than one regression test |
4185 | -string per symbolic test name. Simply specify a string that you wish the test |
4186 | -to match. |
4187 | - |
4188 | -These tests are only run as part of the test suite - they should not affect the |
4189 | -general running of SpamAssassin. |
4190 | - |
4191 | -=cut |
4192 | - |
4193 | - push (@cmds, { |
4194 | - setting => 'test', |
4195 | - is_admin => 1, |
4196 | - code => sub { |
4197 | - return unless defined $COLLECT_REGRESSION_TESTS; |
4198 | - my ($self, $key, $value, $line) = @_; |
4199 | - local ($1,$2,$3); |
4200 | - if ($value !~ /^(\S+)\s+(ok|fail)\s+(.*)$/) { return $INVALID_VALUE; } |
4201 | - $self->{parser}->add_regression_test($1, $2, $3); |
4202 | - } |
4203 | - }); |
4204 | - |
4205 | -=item rbl_timeout t [t_min] [zone] (default: 15 3) |
4206 | - |
4207 | -All DNS queries are made at the beginning of a check and we try to read |
4208 | -the results at the end. This value specifies the maximum period of time |
4209 | -(in seconds) to wait for a DNS query. If most of the DNS queries have |
4210 | -succeeded for a particular message, then SpamAssassin will not wait for |
4211 | -the full period to avoid wasting time on unresponsive server(s), but will |
4212 | -shrink the timeout according to a percentage of queries already completed. |
4213 | -As the number of queries remaining approaches 0, the timeout value will |
4214 | -gradually approach a t_min value, which is an optional second parameter |
4215 | -and defaults to 0.2 * t. If t is smaller than t_min, the initial timeout |
4216 | -is set to t_min. Here is a chart of queries remaining versus the timeout |
4217 | -in seconds, for the default 15 second / 3 second timeout setting: |
4218 | - |
4219 | - queries left 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% |
4220 | - timeout 15 14.9 14.5 13.9 13.1 12.0 10.7 9.1 7.3 5.3 3 |
4221 | - |
4222 | -For example, if 20 queries are made at the beginning of a message check |
4223 | -and 16 queries have returned (leaving 20%), the remaining 4 queries should |
4224 | -finish within 7.3 seconds since their query started or they will be timed out. |
4225 | -Note that timed out queries are only aborted when there is nothing else left |
4226 | -for SpamAssassin to do - long evaluation of other rules may grant queries |
4227 | -additional time. |
4228 | - |
4229 | -If a parameter 'zone' is specified (it must end with a letter, which |
4230 | -distinguishes it from other numeric parametrs), then the setting only |
4231 | -applies to DNS queries against the specified DNS domain (host, domain or |
4232 | -RBL (sub)zone). Matching is case-insensitive, the actual domain may be a |
4233 | -subdomain of the specified zone. |
4234 | - |
4235 | -=cut |
4236 | - |
4237 | - push (@cmds, { |
4238 | - setting => 'rbl_timeout', |
4239 | - is_admin => 1, |
4240 | - default => 15, |
4241 | - code => sub { |
4242 | - my ($self, $key, $value, $line) = @_; |
4243 | - unless (defined $value && $value !~ /^$/) { |
4244 | - return $MISSING_REQUIRED_VALUE; |
4245 | - } |
4246 | - local ($1,$2,$3); |
4247 | - unless ($value =~ /^ ( [+-]? \d+ (?: \. \d*)? ) |
4248 | - (?: \s+ ( [+-]? \d+ (?: \. \d*)? ) )? |
4249 | - (?: \s+ (\S* [a-zA-Z]) )? $/xs) { |
4250 | - return $INVALID_VALUE; |
4251 | - } |
4252 | - my $zone = $3; |
4253 | - if (!defined $zone) { # a global setting |
4254 | - $self->{rbl_timeout} = $1+0; |
4255 | - $self->{rbl_timeout_min} = $2+0 if defined $2; |
4256 | - } |
4257 | - else { # per-zone settings |
4258 | - $zone =~ s/^\.//; $zone =~ s/\.$//; # strip leading and trailing dot |
4259 | - $zone = lc $zone; |
4260 | - $self->{by_zone}{$zone}{rbl_timeout} = $1+0; |
4261 | - $self->{by_zone}{$zone}{rbl_timeout_min} = $2+0 if defined $2; |
4262 | - } |
4263 | - }, |
4264 | - type => $CONF_TYPE_NUMERIC, |
4265 | - }); |
4266 | - |
4267 | -=item util_rb_tld tld1 tld2 ... |
4268 | - |
4269 | -This option allows the addition of new TLDs to the RegistrarBoundaries code. |
4270 | -Updates to the list usually happen when new versions of SpamAssassin are |
4271 | -released, but sometimes it's necessary to add in new TLDs faster than a |
4272 | -release can occur. TLDs include things like com, net, org, etc. |
4273 | - |
4274 | -=cut |
4275 | - |
4276 | - push (@cmds, { |
4277 | - setting => 'util_rb_tld', |
4278 | - is_admin => 1, |
4279 | - code => sub { |
4280 | - my ($self, $key, $value, $line) = @_; |
4281 | - unless (defined $value && $value !~ /^$/) { |
4282 | - return $MISSING_REQUIRED_VALUE; |
4283 | - } |
4284 | - unless ($value =~ /^[a-zA-Z]+(?:\s+[a-zA-Z]+)*$/) { |
4285 | - return $INVALID_VALUE; |
4286 | - } |
4287 | - foreach (split(/\s+/, $value)) { |
4288 | - $Mail::SpamAssassin::Util::RegistrarBoundaries::VALID_TLDS{lc $_} = 1; |
4289 | - } |
4290 | - } |
4291 | - }); |
4292 | - |
4293 | -=item util_rb_2tld 2tld-1.tld 2tld-2.tld ... |
4294 | - |
4295 | -This option allows the addition of new 2nd-level TLDs (2TLD) to the |
4296 | -RegistrarBoundaries code. Updates to the list usually happen when new |
4297 | -versions of SpamAssassin are released, but sometimes it's necessary to add in |
4298 | -new 2TLDs faster than a release can occur. 2TLDs include things like co.uk, |
4299 | -fed.us, etc. |
4300 | - |
4301 | -=cut |
4302 | - |
4303 | - push (@cmds, { |
4304 | - setting => 'util_rb_2tld', |
4305 | - is_admin => 1, |
4306 | - code => sub { |
4307 | - my ($self, $key, $value, $line) = @_; |
4308 | - unless (defined $value && $value !~ /^$/) { |
4309 | - return $MISSING_REQUIRED_VALUE; |
4310 | - } |
4311 | - unless ($value =~ /^[^\s.]+\.[^\s.]+(?:\s+[^\s.]+\.[^\s.]+)*$/) { |
4312 | - return $INVALID_VALUE; |
4313 | - } |
4314 | - foreach (split(/\s+/, $value)) { |
4315 | - $Mail::SpamAssassin::Util::RegistrarBoundaries::TWO_LEVEL_DOMAINS{lc $_} = 1; |
4316 | - } |
4317 | - } |
4318 | - }); |
4319 | - |
4320 | -=item util_rb_3tld 3tld1.some.tld 3tld2.other.tld ... |
4321 | - |
4322 | -This option allows the addition of new 3rd-level TLDs (3TLD) to the |
4323 | -RegistrarBoundaries code. Updates to the list usually happen when new |
4324 | -versions of SpamAssassin are released, but sometimes it's necessary to add in |
4325 | -new 3TLDs faster than a release can occur. 3TLDs include things like |
4326 | -demon.co.uk, plc.co.im, etc. |
4327 | - |
4328 | -=cut |
4329 | - |
4330 | - push (@cmds, { |
4331 | - setting => 'util_rb_3tld', |
4332 | - is_admin => 1, |
4333 | - code => sub { |
4334 | - my ($self, $key, $value, $line) = @_; |
4335 | - unless (defined $value && $value !~ /^$/) { |
4336 | - return $MISSING_REQUIRED_VALUE; |
4337 | - } |
4338 | - unless ($value =~ /^[^\s.]+\.[^\s.]+\.[^\s.]+(?:\s+[^\s.]+\.[^\s.]+)*$/) { |
4339 | - return $INVALID_VALUE; |
4340 | - } |
4341 | - foreach (split(/\s+/, $value)) { |
4342 | - $Mail::SpamAssassin::Util::RegistrarBoundaries::THREE_LEVEL_DOMAINS{lc $_} = 1; |
4343 | - } |
4344 | - } |
4345 | - }); |
4346 | - |
4347 | -=item bayes_path /path/filename (default: ~/.spamassassin/bayes) |
4348 | - |
4349 | -This is the directory and filename for Bayes databases. Several databases |
4350 | -will be created, with this as the base directory and filename, with C<_toks>, |
4351 | -C<_seen>, etc. appended to the base. The default setting results in files |
4352 | -called C<~/.spamassassin/bayes_seen>, C<~/.spamassassin/bayes_toks>, etc. |
4353 | - |
4354 | -By default, each user has their own in their C<~/.spamassassin> directory with |
4355 | -mode 0700/0600. For system-wide SpamAssassin use, you may want to reduce disk |
4356 | -space usage by sharing this across all users. However, Bayes appears to be |
4357 | -more effective with individual user databases. |
4358 | - |
4359 | -=cut |
4360 | - |
4361 | - push (@cmds, { |
4362 | - setting => 'bayes_path', |
4363 | - is_admin => 1, |
4364 | - default => '__userstate__/bayes', |
4365 | - type => $CONF_TYPE_STRING, |
4366 | - code => sub { |
4367 | - my ($self, $key, $value, $line) = @_; |
4368 | - unless (defined $value && $value !~ /^$/) { |
4369 | - return $MISSING_REQUIRED_VALUE; |
4370 | - } |
4371 | - if (-d $value) { |
4372 | - return $INVALID_VALUE; |
4373 | - } |
4374 | - $self->{bayes_path} = $value; |
4375 | - } |
4376 | - }); |
4377 | - |
4378 | -=item bayes_file_mode (default: 0700) |
4379 | - |
4380 | -The file mode bits used for the Bayesian filtering database files. |
4381 | - |
4382 | -Make sure you specify this using the 'x' mode bits set, as it may also be used |
4383 | -to create directories. However, if a file is created, the resulting file will |
4384 | -not have any execute bits set (the umask is set to 111). The argument is a |
4385 | -string of octal digits, it is converted to a numeric value internally. |
4386 | - |
4387 | -=cut |
4388 | - |
4389 | - push (@cmds, { |
4390 | - setting => 'bayes_file_mode', |
4391 | - is_admin => 1, |
4392 | - default => '0700', |
4393 | - type => $CONF_TYPE_NUMERIC, |
4394 | - code => sub { |
4395 | - my ($self, $key, $value, $line) = @_; |
4396 | - if ($value !~ /^0?\d{3}$/) { return $INVALID_VALUE } |
4397 | - $self->{bayes_file_mode} = untaint_var($value); |
4398 | - } |
4399 | - }); |
4400 | - |
4401 | -=item bayes_store_module Name::Of::BayesStore::Module |
4402 | - |
4403 | -If this option is set, the module given will be used as an alternate |
4404 | -to the default bayes storage mechanism. It must conform to the |
4405 | -published storage specification (see |
4406 | -Mail::SpamAssassin::BayesStore). For example, set this to |
4407 | -Mail::SpamAssassin::BayesStore::SQL to use the generic SQL storage |
4408 | -module. |
4409 | - |
4410 | -=cut |
4411 | - |
4412 | - push (@cmds, { |
4413 | - setting => 'bayes_store_module', |
4414 | - is_admin => 1, |
4415 | - default => '', |
4416 | - type => $CONF_TYPE_STRING, |
4417 | - code => sub { |
4418 | - my ($self, $key, $value, $line) = @_; |
4419 | - local ($1); |
4420 | - if ($value !~ /^([_A-Za-z0-9:]+)$/) { return $INVALID_VALUE; } |
4421 | - $self->{bayes_store_module} = $1; |
4422 | - } |
4423 | - }); |
4424 | - |
4425 | -=item bayes_sql_dsn DBI::databasetype:databasename:hostname:port |
4426 | - |
4427 | -Used for BayesStore::SQL storage implementation. |
4428 | - |
4429 | -This option give the connect string used to connect to the SQL based Bayes storage. |
4430 | - |
4431 | -=cut |
4432 | - |
4433 | - push (@cmds, { |
4434 | - setting => 'bayes_sql_dsn', |
4435 | - is_admin => 1, |
4436 | - default => '', |
4437 | - type => $CONF_TYPE_STRING, |
4438 | - }); |
4439 | - |
4440 | -=item bayes_sql_username |
4441 | - |
4442 | -Used by BayesStore::SQL storage implementation. |
4443 | - |
4444 | -This option gives the username used by the above DSN. |
4445 | - |
4446 | -=cut |
4447 | - |
4448 | - push (@cmds, { |
4449 | - setting => 'bayes_sql_username', |
4450 | - is_admin => 1, |
4451 | - default => '', |
4452 | - type => $CONF_TYPE_STRING, |
4453 | - }); |
4454 | - |
4455 | -=item bayes_sql_password |
4456 | - |
4457 | -Used by BayesStore::SQL storage implementation. |
4458 | - |
4459 | -This option gives the password used by the above DSN. |
4460 | - |
4461 | -=cut |
4462 | - |
4463 | - push (@cmds, { |
4464 | - setting => 'bayes_sql_password', |
4465 | - is_admin => 1, |
4466 | - default => '', |
4467 | - type => $CONF_TYPE_STRING, |
4468 | - }); |
4469 | - |
4470 | -=item bayes_sql_username_authorized ( 0 | 1 ) (default: 0) |
4471 | - |
4472 | -Whether to call the services_authorized_for_username plugin hook in BayesSQL. |
4473 | -If the hook does not determine that the user is allowed to use bayes or is |
4474 | -invalid then then database will not be initialized. |
4475 | - |
4476 | -NOTE: By default the user is considered invalid until a plugin returns |
4477 | -a true value. If you enable this, but do not have a proper plugin |
4478 | -loaded, all users will turn up as invalid. |
4479 | - |
4480 | -The username passed into the plugin can be affected by the |
4481 | -bayes_sql_override_username config option. |
4482 | - |
4483 | -=cut |
4484 | - |
4485 | - push (@cmds, { |
4486 | - setting => 'bayes_sql_username_authorized', |
4487 | - is_admin => 1, |
4488 | - default => 0, |
4489 | - type => $CONF_TYPE_BOOL, |
4490 | - }); |
4491 | - |
4492 | -=item user_scores_dsn DBI:databasetype:databasename:hostname:port |
4493 | - |
4494 | -If you load user scores from an SQL database, this will set the DSN |
4495 | -used to connect. Example: C<DBI:mysql:spamassassin:localhost> |
4496 | - |
4497 | -If you load user scores from an LDAP directory, this will set the DSN used to |
4498 | -connect. You have to write the DSN as an LDAP URL, the components being the |
4499 | -host and port to connect to, the base DN for the search, the scope of the |
4500 | -search (base, one or sub), the single attribute being the multivalued attribute |
4501 | -used to hold the configuration data (space separated pairs of key and value, |
4502 | -just as in a file) and finally the filter being the expression used to filter |
4503 | -out the wanted username. Note that the filter expression is being used in a |
4504 | -sprintf statement with the username as the only parameter, thus is can hold a |
4505 | -single __USERNAME__ expression. This will be replaced with the username. |
4506 | - |
4507 | -Example: C<ldap://localhost:389/dc=koehntopp,dc=de?saconfig?uid=__USERNAME__> |
4508 | - |
4509 | -=cut |
4510 | - |
4511 | - push (@cmds, { |
4512 | - setting => 'user_scores_dsn', |
4513 | - is_admin => 1, |
4514 | - default => '', |
4515 | - type => $CONF_TYPE_STRING, |
4516 | - }); |
4517 | - |
4518 | -=item user_scores_sql_username username |
4519 | - |
4520 | -The authorized username to connect to the above DSN. |
4521 | - |
4522 | -=cut |
4523 | - |
4524 | - push (@cmds, { |
4525 | - setting => 'user_scores_sql_username', |
4526 | - is_admin => 1, |
4527 | - default => '', |
4528 | - type => $CONF_TYPE_STRING, |
4529 | - }); |
4530 | - |
4531 | -=item user_scores_sql_password password |
4532 | - |
4533 | -The password for the database username, for the above DSN. |
4534 | - |
4535 | -=cut |
4536 | - |
4537 | - push (@cmds, { |
4538 | - setting => 'user_scores_sql_password', |
4539 | - is_admin => 1, |
4540 | - default => '', |
4541 | - type => $CONF_TYPE_STRING, |
4542 | - }); |
4543 | - |
4544 | -=item user_scores_sql_custom_query query |
4545 | - |
4546 | -This option gives you the ability to create a custom SQL query to |
4547 | -retrieve user scores and preferences. In order to work correctly your |
4548 | -query should return two values, the preference name and value, in that |
4549 | -order. In addition, there are several "variables" that you can use |
4550 | -as part of your query, these variables will be substituted for the |
4551 | -current values right before the query is run. The current allowed |
4552 | -variables are: |
4553 | - |
4554 | -=over 4 |
4555 | - |
4556 | -=item _TABLE_ |
4557 | - |
4558 | -The name of the table where user scores and preferences are stored. Currently |
4559 | -hardcoded to userpref, to change this value you need to create a new custom |
4560 | -query with the new table name. |
4561 | - |
4562 | -=item _USERNAME_ |
4563 | - |
4564 | -The current user's username. |
4565 | - |
4566 | -=item _MAILBOX_ |
4567 | - |
4568 | -The portion before the @ as derived from the current user's username. |
4569 | - |
4570 | -=item _DOMAIN_ |
4571 | - |
4572 | -The portion after the @ as derived from the current user's username, this |
4573 | -value may be null. |
4574 | - |
4575 | -=back |
4576 | - |
4577 | -The query must be one continuous line in order to parse correctly. |
4578 | - |
4579 | -Here are several example queries, please note that these are broken up |
4580 | -for easy reading, in your config it should be one continuous line. |
4581 | - |
4582 | -=over 4 |
4583 | - |
4584 | -=item Current default query: |
4585 | - |
4586 | -C<SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '@GLOBAL' ORDER BY username ASC> |
4587 | - |
4588 | -=item Use global and then domain level defaults: |
4589 | - |
4590 | -C<SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '@GLOBAL' OR username = '@~'||_DOMAIN_ ORDER BY username ASC> |
4591 | - |
4592 | -=item Maybe global prefs should override user prefs: |
4593 | - |
4594 | -C<SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '@GLOBAL' ORDER BY username DESC> |
4595 | - |
4596 | -=back |
4597 | - |
4598 | -=cut |
4599 | - |
4600 | - push (@cmds, { |
4601 | - setting => 'user_scores_sql_custom_query', |
4602 | - is_admin => 1, |
4603 | - default => undef, |
4604 | - type => $CONF_TYPE_STRING, |
4605 | - }); |
4606 | - |
4607 | -=item user_scores_ldap_username |
4608 | - |
4609 | -This is the Bind DN used to connect to the LDAP server. It defaults |
4610 | -to the empty string (""), allowing anonymous binding to work. |
4611 | - |
4612 | -Example: C<cn=master,dc=koehntopp,dc=de> |
4613 | - |
4614 | -=cut |
4615 | - |
4616 | - push (@cmds, { |
4617 | - setting => 'user_scores_ldap_username', |
4618 | - is_admin => 1, |
4619 | - default => '', |
4620 | - type => $CONF_TYPE_STRING, |
4621 | - }); |
4622 | - |
4623 | -=item user_scores_ldap_password |
4624 | - |
4625 | -This is the password used to connect to the LDAP server. It defaults |
4626 | -to the empty string (""). |
4627 | - |
4628 | -=cut |
4629 | - |
4630 | - push (@cmds, { |
4631 | - setting => 'user_scores_ldap_password', |
4632 | - is_admin => 1, |
4633 | - default => '', |
4634 | - type => $CONF_TYPE_STRING, |
4635 | - }); |
4636 | - |
4637 | -=item loadplugin PluginModuleName [/path/module.pm] |
4638 | - |
4639 | -Load a SpamAssassin plugin module. The C<PluginModuleName> is the perl module |
4640 | -name, used to create the plugin object itself. |
4641 | - |
4642 | -C</path/to/module.pm> is the file to load, containing the module's perl code; |
4643 | -if it's specified as a relative path, it's considered to be relative to the |
4644 | -current configuration file. If it is omitted, the module will be loaded |
4645 | -using perl's search path (the C<@INC> array). |
4646 | - |
4647 | -See C<Mail::SpamAssassin::Plugin> for more details on writing plugins. |
4648 | - |
4649 | -=cut |
4650 | - |
4651 | - push (@cmds, { |
4652 | - setting => 'loadplugin', |
4653 | - is_admin => 1, |
4654 | - code => sub { |
4655 | - my ($self, $key, $value, $line) = @_; |
4656 | - if ($value eq '') { |
4657 | - return $MISSING_REQUIRED_VALUE; |
4658 | - } |
4659 | - my ($package, $path); |
4660 | - local ($1,$2); |
4661 | - if ($value =~ /^(\S+)\s+(\S+)$/) { |
4662 | - ($package, $path) = ($1, $2); |
4663 | - } elsif ($value =~ /^\S+$/) { |
4664 | - ($package, $path) = ($value, undef); |
4665 | - } else { |
4666 | - return $INVALID_VALUE; |
4667 | - } |
4668 | - # is blindly untainting safe? it is no worse than before |
4669 | - $_ = untaint_var($_) for ($package,$path); |
4670 | - $self->load_plugin ($package, $path); |
4671 | - } |
4672 | - }); |
4673 | - |
4674 | -=item tryplugin PluginModuleName [/path/module.pm] |
4675 | - |
4676 | -Same as C<loadplugin>, but silently ignored if the .pm file cannot be found in |
4677 | -the filesystem. |
4678 | - |
4679 | -=cut |
4680 | - |
4681 | - push (@cmds, { |
4682 | - setting => 'tryplugin', |
4683 | - is_admin => 1, |
4684 | - code => sub { |
4685 | - my ($self, $key, $value, $line) = @_; |
4686 | - if ($value eq '') { |
4687 | - return $MISSING_REQUIRED_VALUE; |
4688 | - } |
4689 | - my ($package, $path); |
4690 | - local ($1,$2); |
4691 | - if ($value =~ /^(\S+)\s+(\S+)$/) { |
4692 | - ($package, $path) = ($1, $2); |
4693 | - } elsif ($value =~ /^\S+$/) { |
4694 | - ($package, $path) = ($value, undef); |
4695 | - } else { |
4696 | - return $INVALID_VALUE; |
4697 | - } |
4698 | - # is blindly untainting safe? it is no worse than before |
4699 | - $_ = untaint_var($_) for ($package,$path); |
4700 | - $self->load_plugin ($package, $path, 1); |
4701 | - } |
4702 | - }); |
4703 | - |
4704 | -=item ignore_always_matching_regexps (Default: 0) |
4705 | - |
4706 | -Ignore any rule which contains a regexp which always matches. |
4707 | -Currently only catches regexps which contain '||', or which begin or |
4708 | -end with a '|'. Also ignore rules with C<some> combinatorial explosions. |
4709 | - |
4710 | -=cut |
4711 | - |
4712 | - push (@cmds, { |
4713 | - setting => 'ignore_always_matching_regexps', |
4714 | - is_admin => 1, |
4715 | - default => 0, |
4716 | - type => $CONF_TYPE_BOOL, |
4717 | - }); |
4718 | - |
4719 | -=back |
4720 | - |
4721 | -=head1 PREPROCESSING OPTIONS |
4722 | - |
4723 | -=over 4 |
4724 | - |
4725 | -=item include filename |
4726 | - |
4727 | -Include configuration lines from C<filename>. Relative paths are considered |
4728 | -relative to the current configuration file or user preferences file. |
4729 | - |
4730 | -=item if (boolean perl expression) |
4731 | - |
4732 | -Used to support conditional interpretation of the configuration |
4733 | -file. Lines between this and a corresponding C<else> or C<endif> line |
4734 | -will be ignored unless the expression evaluates as true |
4735 | -(in the perl sense; that is, defined and non-0 and non-empty string). |
4736 | - |
4737 | -The conditional accepts a limited subset of perl for security -- just enough to |
4738 | -perform basic arithmetic comparisons. The following input is accepted: |
4739 | - |
4740 | -=over 4 |
4741 | - |
4742 | -=item numbers, whitespace, arithmetic operations and grouping |
4743 | - |
4744 | -Namely these characters and ranges: |
4745 | - |
4746 | - ( ) - + * / _ . , < = > ! ~ 0-9 whitespace |
4747 | - |
4748 | -=item version |
4749 | - |
4750 | -This will be replaced with the version number of the currently-running |
4751 | -SpamAssassin engine. Note: The version used is in the internal SpamAssassin |
4752 | -version format which is C<x.yyyzzz>, where x is major version, y is minor |
4753 | -version, and z is maintenance version. So 3.0.0 is C<3.000000>, and 3.4.80 is |
4754 | -C<3.004080>. |
4755 | - |
4756 | -=item plugin(Name::Of::Plugin) |
4757 | - |
4758 | -This is a function call that returns C<1> if the plugin named |
4759 | -C<Name::Of::Plugin> is loaded, or C<undef> otherwise. |
4760 | - |
4761 | -=item can(Name::Of::Package::function_name) |
4762 | - |
4763 | -This is a function call that returns C<1> if the perl package named |
4764 | -C<Name::Of::Package> includes a function called C<function_name>, or C<undef> |
4765 | -otherwise. Note that packages can be SpamAssassin plugins or built-in classes, |
4766 | -there's no difference in this respect. |
4767 | - |
4768 | -=back |
4769 | - |
4770 | -If the end of a configuration file is reached while still inside a |
4771 | -C<if> scope, a warning will be issued, but parsing will restart on |
4772 | -the next file. |
4773 | - |
4774 | -For example: |
4775 | - |
4776 | - if (version > 3.000000) |
4777 | - header MY_FOO ... |
4778 | - endif |
4779 | - |
4780 | - loadplugin MyPlugin plugintest.pm |
4781 | - |
4782 | - if plugin (MyPlugin) |
4783 | - header MY_PLUGIN_FOO eval:check_for_foo() |
4784 | - score MY_PLUGIN_FOO 0.1 |
4785 | - endif |
4786 | - |
4787 | -=item ifplugin PluginModuleName |
4788 | - |
4789 | -An alias for C<if plugin(PluginModuleName)>. |
4790 | - |
4791 | -=item else |
4792 | - |
4793 | -Used to support conditional interpretation of the configuration |
4794 | -file. Lines between this and a corresponding C<endif> line, |
4795 | -will be ignored unless the conditional expression evaluates as false |
4796 | -(in the perl sense; that is, not defined and not 0 and non-empty string). |
4797 | - |
4798 | -=item require_version n.nnnnnn |
4799 | - |
4800 | -Indicates that the entire file, from this line on, requires a certain |
4801 | -version of SpamAssassin to run. If a different (older or newer) version |
4802 | -of SpamAssassin tries to read the configuration from this file, it will |
4803 | -output a warning instead, and ignore it. |
4804 | - |
4805 | -Note: The version used is in the internal SpamAssassin version format which is |
4806 | -C<x.yyyzzz>, where x is major version, y is minor version, and z is maintenance |
4807 | -version. So 3.0.0 is C<3.000000>, and 3.4.80 is C<3.004080>. |
4808 | - |
4809 | -=cut |
4810 | - |
4811 | - push (@cmds, { |
4812 | - setting => 'require_version', |
4813 | - type => $CONF_TYPE_STRING, |
4814 | - code => sub { |
4815 | - } |
4816 | - }); |
4817 | - |
4818 | -=back |
4819 | - |
4820 | -=head1 TEMPLATE TAGS |
4821 | - |
4822 | -The following C<tags> can be used as placeholders in certain options. |
4823 | -They will be replaced by the corresponding value when they are used. |
4824 | - |
4825 | -Some tags can take an argument (in parentheses). The argument is |
4826 | -optional, and the default is shown below. |
4827 | - |
4828 | - _YESNO_ "Yes" for spam, "No" for nonspam (=ham) |
4829 | - _YESNO(spam_str,ham_str)_ returns the first argument ("Yes" if missing) |
4830 | - for spam, and the second argument ("No" if missing) for ham |
4831 | - _YESNOCAPS_ "YES" for spam, "NO" for nonspam (=ham) |
4832 | - _YESNOCAPS(spam_str,ham_str)_ same as _YESNO(...)_, but uppercased |
4833 | - _SCORE(PAD)_ message score, if PAD is included and is either spaces or |
4834 | - zeroes, then pad scores with that many spaces or zeroes |
4835 | - (default, none) ie: _SCORE(0)_ makes 2.4 become 02.4, |
4836 | - _SCORE(00)_ is 002.4. 12.3 would be 12.3 and 012.3 |
4837 | - respectively. |
4838 | - _REQD_ message threshold |
4839 | - _VERSION_ version (eg. 3.0.0 or 3.1.0-r26142-foo1) |
4840 | - _SUBVERSION_ sub-version/code revision date (eg. 2004-01-10) |
4841 | - _HOSTNAME_ hostname of the machine the mail was processed on |
4842 | - _REMOTEHOSTNAME_ hostname of the machine the mail was sent from, only |
4843 | - available with spamd |
4844 | - _REMOTEHOSTADDR_ ip address of the machine the mail was sent from, only |
4845 | - available with spamd |
4846 | - _BAYES_ bayes score |
4847 | - _TOKENSUMMARY_ number of new, neutral, spammy, and hammy tokens found |
4848 | - _BAYESTC_ number of new tokens found |
4849 | - _BAYESTCLEARNED_ number of seen tokens found |
4850 | - _BAYESTCSPAMMY_ number of spammy tokens found |
4851 | - _BAYESTCHAMMY_ number of hammy tokens found |
4852 | - _HAMMYTOKENS(N)_ the N most significant hammy tokens (default, 5) |
4853 | - _SPAMMYTOKENS(N)_ the N most significant spammy tokens (default, 5) |
4854 | - _DATE_ rfc-2822 date of scan |
4855 | - _STARS(*)_ one "*" (use any character) for each full score point |
4856 | - (note: limited to 50 'stars') |
4857 | - _RELAYSTRUSTED_ relays used and deemed to be trusted (see the |
4858 | - 'X-Spam-Relays-Trusted' pseudo-header) |
4859 | - _RELAYSUNTRUSTED_ relays used that can not be trusted (see the |
4860 | - 'X-Spam-Relays-Untrusted' pseudo-header) |
4861 | - _RELAYSINTERNAL_ relays used and deemed to be internal (see the |
4862 | - 'X-Spam-Relays-Internal' pseudo-header) |
4863 | - _RELAYSEXTERNAL_ relays used and deemed to be external (see the |
4864 | - 'X-Spam-Relays-External' pseudo-header) |
4865 | - _LASTEXTERNALIP_ IP address of client in the external-to-internal |
4866 | - SMTP handover |
4867 | - _LASTEXTERNALRDNS_ reverse-DNS of client in the external-to-internal |
4868 | - SMTP handover |
4869 | - _LASTEXTERNALHELO_ HELO string used by client in the external-to-internal |
4870 | - SMTP handover |
4871 | - _AUTOLEARN_ autolearn status ("ham", "no", "spam", "disabled", |
4872 | - "failed", "unavailable") |
4873 | - _AUTOLEARNSCORE_ portion of message score used by autolearn |
4874 | - _TESTS(,)_ tests hit separated by "," (or other separator) |
4875 | - _TESTSSCORES(,)_ as above, except with scores appended (eg. AWL=-3.0,...) |
4876 | - _SUBTESTS(,)_ subtests (start with "__") hit separated by "," |
4877 | - (or other separator) |
4878 | - _DCCB_ DCC's "Brand" |
4879 | - _DCCR_ DCC's results |
4880 | - _PYZOR_ Pyzor results |
4881 | - _RBL_ full results for positive RBL queries in DNS URI format |
4882 | - _LANGUAGES_ possible languages of mail |
4883 | - _PREVIEW_ content preview |
4884 | - _REPORT_ terse report of tests hit (for header reports) |
4885 | - _SUMMARY_ summary of tests hit for standard report (for body reports) |
4886 | - _CONTACTADDRESS_ contents of the 'report_contact' setting |
4887 | - _HEADER(NAME)_ includes the value of a message header. value is the same |
4888 | - as is found for header rules (see elsewhere in this doc) |
4889 | - _TIMING_ timing breakdown report |
4890 | - _ADDEDHEADERHAM_ resulting header fields as requested by add_header for spam |
4891 | - _ADDEDHEADERSPAM_ resulting header fields as requested by add_header for ham |
4892 | - _ADDEDHEADER_ same as ADDEDHEADERHAM for ham or ADDEDHEADERSPAM for spam |
4893 | - |
4894 | -If a tag reference uses the name of a tag which is not in this list or defined |
4895 | -by a loaded plugin, the reference will be left intact and not replaced by any |
4896 | -value. |
4897 | - |
4898 | -The C<HAMMYTOKENS> and C<SPAMMYTOKENS> tags have an optional second argument |
4899 | -which specifies a format. See the B<HAMMYTOKENS/SPAMMYTOKENS TAG FORMAT> |
4900 | -section, below, for details. |
4901 | - |
4902 | -=head2 HAMMYTOKENS/SPAMMYTOKENS TAG FORMAT |
4903 | - |
4904 | -The C<HAMMYTOKENS> and C<SPAMMYTOKENS> tags have an optional second argument |
4905 | -which specifies a format: C<_SPAMMYTOKENS(N,FMT)_>, C<_HAMMYTOKENS(N,FMT)_> |
4906 | -The following formats are available: |
4907 | - |
4908 | -=over 4 |
4909 | - |
4910 | -=item short |
4911 | - |
4912 | -Only the tokens themselves are listed. |
4913 | -I<For example, preference file entry:> |
4914 | - |
4915 | -C<add_header all Spammy _SPAMMYTOKENS(2,short)_> |
4916 | - |
4917 | -I<Results in message header:> |
4918 | - |
4919 | -C<X-Spam-Spammy: remove.php, UD:jpg> |
4920 | - |
4921 | -Indicating that the top two spammy tokens found are C<remove.php> |
4922 | -and C<UD:jpg>. (The token itself follows the last colon, the |
4923 | -text before the colon indicates something about the token. |
4924 | -C<UD> means the token looks like it might be part of a domain name.) |
4925 | - |
4926 | -=item compact |
4927 | - |
4928 | -The token probability, an abbreviated declassification distance (see |
4929 | -example), and the token are listed. |
4930 | -I<For example, preference file entry:> |
4931 | - |
4932 | -C<add_header all Spammy _SPAMMYTOKENS(2,compact)_> |
4933 | - |
4934 | -I<Results in message header:> |
4935 | - |
4936 | -C<0.989-6--remove.php, 0.988-+--UD:jpg> |
4937 | - |
4938 | -Indicating that the probabilities of the top two tokens are 0.989 and |
4939 | -0.988, respectively. The first token has a declassification distance |
4940 | -of 6, meaning that if the token had appeared in at least 6 more ham |
4941 | -messages it would not be considered spammy. The C<+> for the second |
4942 | -token indicates a declassification distance greater than 9. |
4943 | - |
4944 | -=item long |
4945 | - |
4946 | -Probability, declassification distance, number of times seen in a ham |
4947 | -message, number of times seen in a spam message, age and the token are |
4948 | -listed. |
4949 | - |
4950 | -I<For example, preference file entry:> |
4951 | - |
4952 | -C<add_header all Spammy _SPAMMYTOKENS(2,long)_> |
4953 | - |
4954 | -I<Results in message header:> |
4955 | - |
4956 | -C<X-Spam-Spammy: 0.989-6--0h-4s--4d--remove.php, 0.988-33--2h-25s--1d--UD:jpg> |
4957 | - |
4958 | -In addition to the information provided by the compact option, |
4959 | -the long option shows that the first token appeared in zero |
4960 | -ham messages and four spam messages, and that it was last |
4961 | -seen four days ago. The second token appeared in two ham messages, |
4962 | -25 spam messages and was last seen one day ago. |
4963 | -(Unlike the C<compact> option, the long option shows declassification |
4964 | -distances that are greater than 9.) |
4965 | - |
4966 | -=back |
4967 | - |
4968 | -=cut |
4969 | - |
4970 | - return \@cmds; |
4971 | -} |
4972 | - |
4973 | -########################################################################### |
4974 | - |
4975 | -# settings that were once part of core, but are now in (possibly-optional) |
4976 | -# bundled plugins. These will be warned about, but do not generate a fatal |
4977 | -# error when "spamassassin --lint" is run like a normal syntax error would. |
4978 | - |
4979 | -@MIGRATED_SETTINGS = qw{ |
4980 | - ok_languages |
4981 | -}; |
4982 | - |
4983 | -########################################################################### |
4984 | - |
4985 | -sub new { |
4986 | - my $class = shift; |
4987 | - $class = ref($class) || $class; |
4988 | - my $self = { |
4989 | - main => shift, |
4990 | - registered_commands => [], |
4991 | - }; bless ($self, $class); |
4992 | - |
4993 | - $self->{parser} = Mail::SpamAssassin::Conf::Parser->new($self); |
4994 | - $self->{parser}->register_commands($self->set_default_commands()); |
4995 | - |
4996 | - $self->{errors} = 0; |
4997 | - $self->{plugins_loaded} = { }; |
4998 | - |
4999 | - $self->{tests} = { }; |
5000 | - $self->{test_types} = { }; |
The diff has been truncated for viewing.
thanks for your work