Merge lp:~logan/ubuntu/raring/spamassassin/3.3.2-6ubuntu1 into lp:ubuntu/raring/spamassassin
- Raring (13.04)
- 3.3.2-6ubuntu1
- Merge into raring
Proposed by
Logan Rosen
Status: | Merged |
---|---|
Merge reported by: | Sebastien Bacher |
Merged at revision: | not available |
Proposed branch: | lp:~logan/ubuntu/raring/spamassassin/3.3.2-6ubuntu1 |
Merge into: | lp:ubuntu/raring/spamassassin |
Diff against target: |
38156 lines (+303/-37048) 75 files modified
.pc/10_change_config_paths/INSTALL (+0/-474) .pc/10_change_config_paths/README (+0/-354) .pc/10_change_config_paths/UPGRADE (+0/-309) .pc/10_change_config_paths/USAGE (+0/-248) .pc/10_change_config_paths/ldap/README (+0/-116) .pc/10_change_config_paths/lib/Mail/SpamAssassin/Conf.pm (+0/-4035) .pc/10_change_config_paths/lib/Mail/SpamAssassin/Plugin/Test.pm (+0/-72) .pc/10_change_config_paths/lib/spamassassin-run.pod (+0/-324) .pc/10_change_config_paths/rules/user_prefs.template (+0/-42) .pc/10_change_config_paths/sa-compile.raw (+0/-811) .pc/10_change_config_paths/sa-learn.raw (+0/-1345) .pc/10_change_config_paths/spamc/spamc.pod (+0/-339) .pc/10_change_config_paths/spamd/README (+0/-211) .pc/10_change_config_paths/spamd/README.vpopmail (+0/-113) .pc/10_change_config_paths/spamd/spamd.raw (+0/-3413) .pc/10_change_config_paths/sql/README (+0/-227) .pc/10_change_config_paths/sql/README.awl (+0/-176) .pc/10_change_config_paths/t/data/testplugin.pm (+0/-94) .pc/20_edit_spamc_pod/spamc/spamc.pod (+0/-339) .pc/30_edit_README/README (+0/-354) .pc/50_sa-learn_fix_empty_list_handling/sa-learn.raw (+0/-1345) .pc/55_disable_nagios_epm/sa-check_spamd.raw (+0/-463) .pc/60_bug_684709/lib/Mail/SpamAssassin/Message.pm (+0/-1205) .pc/85_disable_SSLv2/spamc/libspamc.c (+0/-2298) .pc/85_disable_SSLv2/spamc/libspamc.h (+0/-319) .pc/85_disable_SSLv2/spamc/spamc.c (+0/-1035) .pc/85_disable_SSLv2/spamc/spamc.pod (+0/-339) .pc/85_disable_SSLv2/spamd/spamd.raw (+0/-3413) .pc/90_missing_tld/lib/Mail/SpamAssassin/Util/RegistrarBoundaries.pm (+0/-419) .pc/90_pod_cleanup/lib/Mail/SpamAssassin/Conf.pm (+0/-4035) .pc/91_no_rfc_ignorant/pkgrules/20_dnsbl_tests.cf (+0/-263) .pc/91_no_rfc_ignorant/pkgrules/30_text_de.cf (+0/-400) .pc/91_no_rfc_ignorant/pkgrules/50_scores.cf (+0/-1244) .pc/91_no_rfc_ignorant/pkgrules/local.cf (+0/-102) .pc/91_no_rfc_ignorant/rules/STATISTICS-set1.txt (+0/-1109) .pc/91_no_rfc_ignorant/rules/STATISTICS-set3.txt (+0/-1109) .pc/91_no_rfc_ignorant/rules/active.list (+0/-782) .pc/95_bug694504-spamdforkscaling-crash/lib/Mail/SpamAssassin/Logger/Syslog.pm (+0/-241) .pc/95_bug694504-spamdforkscaling-crash/spamd/spamd.raw (+0/-3412) .pc/applied-patches (+0/-11) INSTALL (+1/-1) README (+10/-5) UPGRADE (+2/-2) USAGE (+3/-3) debian/changelog (+20/-0) debian/patches/96_disable_njabl (+129/-0) debian/patches/series (+1/-0) ldap/README (+1/-1) lib/Mail/SpamAssassin/Conf.pm (+3/-3) lib/Mail/SpamAssassin/Logger/Syslog.pm (+5/-9) lib/Mail/SpamAssassin/Message.pm (+2/-18) lib/Mail/SpamAssassin/Plugin/Test.pm (+1/-1) lib/Mail/SpamAssassin/Util/RegistrarBoundaries.pm (+1/-1) lib/spamassassin-run.pod (+2/-2) pkgrules/20_dnsbl_tests.cf (+29/-0) pkgrules/30_text_de.cf (+2/-0) pkgrules/50_scores.cf (+5/-0) pkgrules/local.cf (+7/-0) rules/STATISTICS-set1.txt (+2/-0) rules/STATISTICS-set3.txt (+2/-0) rules/active.list (+15/-0) rules/user_prefs.template (+1/-1) sa-check_spamd.raw (+0/-5) sa-compile.raw (+2/-2) sa-learn.raw (+3/-3) spamc/libspamc.c (+8/-4) spamc/libspamc.h (+1/-1) spamc/spamc.c (+9/-3) spamc/spamc.pod (+7/-5) spamd/README (+1/-1) spamd/README.vpopmail (+1/-1) spamd/spamd.raw (+24/-33) sql/README (+1/-1) sql/README.awl (+1/-1) t/data/testplugin.pm (+1/-1) |
To merge this branch: | bzr merge lp:~logan/ubuntu/raring/spamassassin/3.3.2-6ubuntu1 |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Ubuntu branches | Pending | ||
Review via email:
|
Commit message
Description of the change
To post a comment you must log in.
Revision history for this message
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Sebastien Bacher (seb128) wrote : | # |
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === removed directory '.pc/10_change_config_paths' | |||
2 | === removed file '.pc/10_change_config_paths/INSTALL' | |||
3 | --- .pc/10_change_config_paths/INSTALL 2010-03-01 00:57:24 +0000 | |||
4 | +++ .pc/10_change_config_paths/INSTALL 1970-01-01 00:00:00 +0000 | |||
5 | @@ -1,474 +0,0 @@ | |||
6 | 1 | Upgrading SpamAssassin? | ||
7 | 2 | ----------------------- | ||
8 | 3 | |||
9 | 4 | Please be sure to read the UPGRADE file for important changes that | ||
10 | 5 | have been made since previous versions. In particular, 3.3.0 no | ||
11 | 6 | longer includes a default ruleset. | ||
12 | 7 | |||
13 | 8 | |||
14 | 9 | Installing or Upgrading SpamAssassin | ||
15 | 10 | ------------------------------------ | ||
16 | 11 | |||
17 | 12 | Using CPAN via CPAN.pm: | ||
18 | 13 | |||
19 | 14 | perl -MCPAN -e shell [as root] | ||
20 | 15 | o conf prerequisites_policy ask | ||
21 | 16 | install Mail::SpamAssassin | ||
22 | 17 | quit | ||
23 | 18 | |||
24 | 19 | Using Linux: | ||
25 | 20 | |||
26 | 21 | Debian unstable: apt-get install spamassassin | ||
27 | 22 | Gentoo: emerge mail-filter/spamassassin | ||
28 | 23 | Fedora: yum install spamassassin | ||
29 | 24 | |||
30 | 25 | Alternatively download the tarfile, zipfile, and/or build your own RPM | ||
31 | 26 | from http://spamassassin.apache.org/. Building from tar/zip file is | ||
32 | 27 | usually as simple as: | ||
33 | 28 | |||
34 | 29 | [unzip/untar the archive] | ||
35 | 30 | cd Mail-SpamAssassin-* | ||
36 | 31 | perl Makefile.PL | ||
37 | 32 | [option: add -DSPAMC_SSL to $CFLAGS to build an SSL-enabled spamc] | ||
38 | 33 | make | ||
39 | 34 | make install [as root] | ||
40 | 35 | |||
41 | 36 | After installing SpamAssassin, you need to download and install the | ||
42 | 37 | SpamAssassin ruleset using "sa-update". See the "Installing Rules" | ||
43 | 38 | section below. | ||
44 | 39 | |||
45 | 40 | Please make sure to read this whole document before installing, especially | ||
46 | 41 | the prerequisite information further down. | ||
47 | 42 | |||
48 | 43 | To install as non-root, see the directions below. | ||
49 | 44 | |||
50 | 45 | If you are running AFS, you may also need to specify INSTALLSITELIB and | ||
51 | 46 | SITELIBEXP. | ||
52 | 47 | |||
53 | 48 | Note that you can upgrade SpamAssassin using these instructions, as long | ||
54 | 49 | as you take care to read the caveats in the file UPGRADE. Upgrading | ||
55 | 50 | will not delete your learnt Bayes data or local rule modifications. | ||
56 | 51 | |||
57 | 52 | If you're using SunOS 4.1.x, see | ||
58 | 53 | http://wiki.spamassassin.org/w/BuildingOnSunOS4 for build tips. | ||
59 | 54 | |||
60 | 55 | |||
61 | 56 | Installing SpamAssassin for Personal Use (Not System-Wide) | ||
62 | 57 | ---------------------------------------------------------- | ||
63 | 58 | |||
64 | 59 | These steps assume the following, so substitute as necessary: | ||
65 | 60 | - Your UNIX login is "user" | ||
66 | 61 | - Your home directory is /home/user | ||
67 | 62 | - The location of the procmail executable is /usr/bin/procmail | ||
68 | 63 | |||
69 | 64 | Many more details of this process are at | ||
70 | 65 | http://wiki.apache.org/spamassassin/SingleUserUnixInstall | ||
71 | 66 | |||
72 | 67 | 1. Uncompress and extract the SpamAssassin archive, using "unzip" or | ||
73 | 68 | "tar xvfz", in a temporary directory. | ||
74 | 69 | |||
75 | 70 | 2. change directory into it: | ||
76 | 71 | |||
77 | 72 | cd Mail-SpamAssassin-* | ||
78 | 73 | |||
79 | 74 | 3. Make SpamAssassin as normal, but using your home directory as the | ||
80 | 75 | target: | ||
81 | 76 | |||
82 | 77 | perl Makefile.PL PREFIX=$HOME | ||
83 | 78 | make | ||
84 | 79 | make install | ||
85 | 80 | |||
86 | 81 | Please see the file PACKAGING, sections "Changing paths in the Makefile" | ||
87 | 82 | and "Setting further options on the command line" for more informations | ||
88 | 83 | on available command line variables. | ||
89 | 84 | |||
90 | 85 | 4. Install the SpamAssassin ruleset using "sa-update": | ||
91 | 86 | |||
92 | 87 | $HOME/bin/sa-update | ||
93 | 88 | |||
94 | 89 | See the "Installing Rules" section below if you do not wish to download | ||
95 | 90 | the rules directly from the internet. | ||
96 | 91 | |||
97 | 92 | 5. If you already use procmail, skip to step 7. If not, ensure procmail | ||
98 | 93 | is installed using "which procmail" or install it from www.procmail.org. | ||
99 | 94 | |||
100 | 95 | 6. Create a .forward file in your home directory containing the below | ||
101 | 96 | lines: | ||
102 | 97 | |||
103 | 98 | "|IFS=' ' && exec /usr/bin/procmail -f- || exit 75 #user" | ||
104 | 99 | |||
105 | 100 | 7. Edit or create a .procmailrc file in your home directory containing the | ||
106 | 101 | below lines. If you already have a .procmailrc file, add the lines to | ||
107 | 102 | the top of your .procmailrc file: | ||
108 | 103 | |||
109 | 104 | :0fw: spamassassin.lock | ||
110 | 105 | | /home/user/bin/spamassassin | ||
111 | 106 | |||
112 | 107 | The above line filters all incoming mail through SpamAssassin and tags | ||
113 | 108 | probable spam with a unique header. If you would prefer to have spam | ||
114 | 109 | blocked and saved to a file called "caughtspam" in your home directory, | ||
115 | 110 | instead of passed through and tagged, append this directly below the above | ||
116 | 111 | lines: | ||
117 | 112 | |||
118 | 113 | :0: | ||
119 | 114 | * ^X-Spam-Status: Yes | ||
120 | 115 | caughtspam | ||
121 | 116 | |||
122 | 117 | Also, see the file procmailrc.example and | ||
123 | 118 | http://wiki.apache.org/spamassassin/UsedViaProcmail | ||
124 | 119 | |||
125 | 120 | 8. Now, you should be ready to send some test emails and ensure everything | ||
126 | 121 | works as expected. First, send yourself a test email that doesn't | ||
127 | 122 | contain anything suspicious. You should receive it normally, but there | ||
128 | 123 | will be a header containing "X-Spam-Status: No". If you are only | ||
129 | 124 | tagging your spam, send yourself a copy of the GTUBE test string to | ||
130 | 125 | check to be sure it is marked as spam. GTUBE is located in the | ||
131 | 126 | sample-spam.txt message distributed with SpamAssassin and also at: | ||
132 | 127 | |||
133 | 128 | http://spamassassin.apache.org/gtube/ | ||
134 | 129 | |||
135 | 130 | If your test emails don't get through to you, immediately rename your | ||
136 | 131 | .forward file until you figure out cause of the the problem, so you | ||
137 | 132 | don't lose incoming email. | ||
138 | 133 | |||
139 | 134 | Note: one possible cause for this is the use of smrsh on the MTA system; | ||
140 | 135 | see http://wiki.spamassassin.org/w/ProcmailVsSmrsh for details. | ||
141 | 136 | |||
142 | 137 | 9. You can now customize SpamAssassin. See README for more information. | ||
143 | 138 | |||
144 | 139 | |||
145 | 140 | Installing Rules | ||
146 | 141 | ---------------- | ||
147 | 142 | |||
148 | 143 | Rules are normally installed by running a sa-update command. | ||
149 | 144 | The version of sa-update program should match the version of SpamAssassin | ||
150 | 145 | modules, so invoking sa-update should be performed only after installing | ||
151 | 146 | or upgrading SpamAssassin code, not before. | ||
152 | 147 | |||
153 | 148 | Installing rules from network is done with a single command: | ||
154 | 149 | |||
155 | 150 | sa-update | ||
156 | 151 | |||
157 | 152 | This is normally run as root. | ||
158 | 153 | |||
159 | 154 | If you wish to install rules from downloaded files, rather than "live" from | ||
160 | 155 | the latest online ruleset, here is how to do it. | ||
161 | 156 | |||
162 | 157 | Obtain all the following files: | ||
163 | 158 | |||
164 | 159 | Mail-SpamAssassin-rules-xxx.tgz | ||
165 | 160 | Mail-SpamAssassin-rules-xxx.tgz.asc | ||
166 | 161 | Mail-SpamAssassin-rules-xxx.tgz.md5 | ||
167 | 162 | Mail-SpamAssassin-rules-xxx.tgz.sha1 | ||
168 | 163 | (where xxx may look something like '3.3.0-rc1.r893295') | ||
169 | 164 | |||
170 | 165 | Save them all to the current directory. | ||
171 | 166 | Obtain a rules-signing public key: | ||
172 | 167 | |||
173 | 168 | curl -O http://spamassassin.apache.org/updates/GPG.KEY | ||
174 | 169 | |||
175 | 170 | Import the signing key to the SpamAssassin gpg keyring, so that the rules | ||
176 | 171 | files can be verified safely: | ||
177 | 172 | |||
178 | 173 | sa-update --import GPG.KEY | ||
179 | 174 | |||
180 | 175 | Install rules from a compressed tar archive: | ||
181 | 176 | |||
182 | 177 | sa-update --install Mail-SpamAssassin-rules-xxx.tgz | ||
183 | 178 | |||
184 | 179 | Note that the ".tgz.asc", ".tgz.md5" and ".tgz.sha1" files all need to | ||
185 | 180 | be in the same directory, otherwise sa-update will fail. | ||
186 | 181 | |||
187 | 182 | |||
188 | 183 | If the intended rules destination directory differs from a default location | ||
189 | 184 | as assumed by sa-update and SpamAssassin, such as when running a content | ||
190 | 185 | filter within a Unix jail or on an unusual installation, please supply the | ||
191 | 186 | rules destination directory to sa-update through its option --updatedir, | ||
192 | 187 | such as: | ||
193 | 188 | |||
194 | 189 | sa-update --updatedir /var/jail/var/db/spamassassin/3.003000 | ||
195 | 190 | |||
196 | 191 | |||
197 | 192 | CPAN | ||
198 | 193 | ---- | ||
199 | 194 | |||
200 | 195 | Most of the modules listed below are available via the Comprehensive Perl | ||
201 | 196 | Archive Network (CPAN, see http://www.cpan.org/ for more information). | ||
202 | 197 | While each module is different, most can be installed via a few simple | ||
203 | 198 | commands such as: | ||
204 | 199 | |||
205 | 200 | $ perl -MCPAN -e shell | ||
206 | 201 | cpan> o conf prerequisites_policy ask | ||
207 | 202 | cpan> install Module::Name | ||
208 | 203 | cpan> quit | ||
209 | 204 | |||
210 | 205 | If there are problems or questions regarding the installation any of the | ||
211 | 206 | modules, please see the CPAN and relevant module's documentation for more | ||
212 | 207 | information. We can't provide documentation or installation support for | ||
213 | 208 | third party modules. | ||
214 | 209 | |||
215 | 210 | Additional information about the CPAN module is also available via | ||
216 | 211 | "perldoc CPAN". | ||
217 | 212 | |||
218 | 213 | Most Linux distributions also offer the CPAN modules in their own native | ||
219 | 214 | formats (RPMs, Debian packages, etc.), so you should be able to find these | ||
220 | 215 | through those mechanisms, too, if you prefer. | ||
221 | 216 | |||
222 | 217 | |||
223 | 218 | Required Perl Interpreter | ||
224 | 219 | ------------------------- | ||
225 | 220 | |||
226 | 221 | Perl 5.8.1 or a later version is required. | ||
227 | 222 | Preferred versions are 5.8.8, or 5.10.1 or later. | ||
228 | 223 | |||
229 | 224 | Most of the functions might still work with Perl 5.6.1 or 5.6.2, | ||
230 | 225 | but 5.6.* is no longer a supported version. | ||
231 | 226 | |||
232 | 227 | |||
233 | 228 | Required Perl Modules | ||
234 | 229 | --------------------- | ||
235 | 230 | |||
236 | 231 | In addition to the modules associated with Perl, some additional modules | ||
237 | 232 | need to be installed or upgraded depending on the version of Perl that you | ||
238 | 233 | are running. | ||
239 | 234 | |||
240 | 235 | You can get an immediate report on which of these modules you may need (or | ||
241 | 236 | want) to upgrade, by running "perl build/check_dependencies" from the | ||
242 | 237 | SpamAssassin build directory. | ||
243 | 238 | |||
244 | 239 | The list of required modules that do not ship with Perl and must be | ||
245 | 240 | installed: | ||
246 | 241 | |||
247 | 242 | - Digest::SHA1 (from CPAN), | ||
248 | 243 | or the newer Digest::SHA which is a perl base module since Perl 5.10.0 | ||
249 | 244 | |||
250 | 245 | The Digest::SHA1 module is used as a cryptographic hash for some | ||
251 | 246 | tests and the Bayes subsystem if Digest::SHA module is not available. | ||
252 | 247 | |||
253 | 248 | An external perl module razor-agents-2.84 as used by a Razor2 plugin | ||
254 | 249 | seems to be the only remaining component depending on Digest::SHA1 | ||
255 | 250 | (note that a packager may ship a patched version of razor-agents which | ||
256 | 251 | can use Digest::SHA instead) | ||
257 | 252 | |||
258 | 253 | Debian: apt-get install libdigest-sha1-perl | ||
259 | 254 | Gentoo: emerge dev-perl/Digest-SHA1 | ||
260 | 255 | Fedora: yum install perl-Digest-SHA1 | ||
261 | 256 | |||
262 | 257 | - HTML::Parser >= 3.43 (from CPAN) | ||
263 | 258 | |||
264 | 259 | HTML is used for an ever-increasing amount of email so this dependency | ||
265 | 260 | is unavoidable. Run "perldoc -q html" for additional information. | ||
266 | 261 | |||
267 | 262 | Debian: apt-get install libhtml-parser-perl | ||
268 | 263 | Gentoo: emerge dev-perl/HTML-Parser | ||
269 | 264 | Fedora: yum install perl-HTML-Parser | ||
270 | 265 | |||
271 | 266 | - Net::DNS (from CPAN) | ||
272 | 267 | |||
273 | 268 | Used for all DNS-based tests (SBL, XBL, SpamCop, DSBL, etc.), | ||
274 | 269 | perform MX checks, used when manually reporting spam to SpamCop, | ||
275 | 270 | and used by sa-update to gather version information. | ||
276 | 271 | |||
277 | 272 | You need to make sure the Net::DNS version is sufficiently up-to-date: | ||
278 | 273 | |||
279 | 274 | - version 0.34 or higher on Unix systems | ||
280 | 275 | - version 0.46 or higher on Windows systems | ||
281 | 276 | |||
282 | 277 | Debian/Ubuntu: apt-get install libnet-dns-perl | ||
283 | 278 | Fedora: yum install perl-Net-DNS | ||
284 | 279 | |||
285 | 280 | - NetAddr::IP (from CPAN) | ||
286 | 281 | |||
287 | 282 | Used to parse IP addresses and IP address ranges for | ||
288 | 283 | "trusted_networks". | ||
289 | 284 | |||
290 | 285 | Debian/Ubuntu: apt-get install libnetaddr-ip-perl | ||
291 | 286 | Fedora: yum install perl-NetAddr-IP | ||
292 | 287 | |||
293 | 288 | - Time::HiRes (from CPAN) | ||
294 | 289 | |||
295 | 290 | Used by asynchronous DNS lookups to operate timeouts with subsecond | ||
296 | 291 | precision and to report processing times accurately. | ||
297 | 292 | |||
298 | 293 | - LWP (aka libwww-perl) (from CPAN) | ||
299 | 294 | |||
300 | 295 | This set of modules will include both the LWP::UserAgent and | ||
301 | 296 | HTTP::Date modules, used by sa-update to retrieve update archives. | ||
302 | 297 | |||
303 | 298 | Fedora: yum install perl-libwww-perl | ||
304 | 299 | |||
305 | 300 | - HTTP::Date (from CPAN) | ||
306 | 301 | |||
307 | 302 | Used by sa-update to deal with certain Date requests. | ||
308 | 303 | |||
309 | 304 | - IO::Zlib (from CPAN) | ||
310 | 305 | |||
311 | 306 | Used by sa-update to uncompress update archives. | ||
312 | 307 | Version 1.04 or later is required. | ||
313 | 308 | |||
314 | 309 | Fedora: yum install perl-IO-Zlib | ||
315 | 310 | |||
316 | 311 | - Archive::Tar (from CPAN) | ||
317 | 312 | |||
318 | 313 | Used by sa-update to expand update archives. | ||
319 | 314 | Version 1.23 or later is required. | ||
320 | 315 | |||
321 | 316 | Fedora: yum install perl-Archive-Tar | ||
322 | 317 | |||
323 | 318 | |||
324 | 319 | Optional Modules | ||
325 | 320 | ---------------- | ||
326 | 321 | |||
327 | 322 | In addition, the following modules will be used for some checks, if | ||
328 | 323 | available and the version is high enough. If they are not available or if | ||
329 | 324 | their version is too low, SpamAssassin will still work, just not as | ||
330 | 325 | effectively because some of the spam-detection tests will have to be | ||
331 | 326 | skipped. | ||
332 | 327 | |||
333 | 328 | Note: SpamAssassin will not warn you if these are installed, but the | ||
334 | 329 | version is too low for them to be used. | ||
335 | 330 | |||
336 | 331 | - MIME::Base64 | ||
337 | 332 | |||
338 | 333 | This module is highly recommended to increase the speed with which | ||
339 | 334 | Base64 encoded messages/mail parts are decoded. | ||
340 | 335 | |||
341 | 336 | |||
342 | 337 | - DB_File (from CPAN, included in many distributions) | ||
343 | 338 | |||
344 | 339 | Used to store data on-disk, for the Bayes-style logic and | ||
345 | 340 | auto-whitelist. *Much* more efficient than the other standard Perl | ||
346 | 341 | database packages. Strongly recommended. | ||
347 | 342 | |||
348 | 343 | There seems to be a bug in libdb 4.1.25, which is | ||
349 | 344 | distributed by default on some versions of Linux. See | ||
350 | 345 | http://wiki.apache.org/spamassassin/DbFileSleepBug for details. | ||
351 | 346 | |||
352 | 347 | |||
353 | 348 | - Net::SMTP (from CPAN) | ||
354 | 349 | |||
355 | 350 | Used when manually reporting spam to SpamCop. | ||
356 | 351 | |||
357 | 352 | |||
358 | 353 | - Mail::SPF (from CPAN) | ||
359 | 354 | |||
360 | 355 | Used to check DNS Sender Policy Framework (SPF) records to fight email | ||
361 | 356 | address forgery and make it easier to identify spams. This module | ||
362 | 357 | makes Mail::SPF::Query obsolete. | ||
363 | 358 | |||
364 | 359 | Net::DNS version 0.58 or higher is required. | ||
365 | 360 | |||
366 | 361 | Note that NetAddr::IP (required by Mail::SPF) versions up to and | ||
367 | 362 | including version 4.006 include a bug that will slow down the entire | ||
368 | 363 | perl interpreter. NetAddr::IP version 4.007 or later fixes this. | ||
369 | 364 | |||
370 | 365 | |||
371 | 366 | - IP::Country::Fast (from CPAN) | ||
372 | 367 | |||
373 | 368 | Used by the RelayCountry plugin (not enabled by default) to determine | ||
374 | 369 | the domain country codes of each relay in the path of an email. | ||
375 | 370 | |||
376 | 371 | |||
377 | 372 | - Net::Ident (from CPAN) | ||
378 | 373 | |||
379 | 374 | If you plan to use the --auth-ident option to spamd, you will need | ||
380 | 375 | to install this module. | ||
381 | 376 | |||
382 | 377 | |||
383 | 378 | - IO::Socket::INET6 (from CPAN) | ||
384 | 379 | |||
385 | 380 | This is required if the first nameserver listed in your IP | ||
386 | 381 | configuration or /etc/resolv.conf file is available only via an IPv6 | ||
387 | 382 | address. | ||
388 | 383 | |||
389 | 384 | Fedora: yum install perl-IO-Socket-INET6 | ||
390 | 385 | |||
391 | 386 | |||
392 | 387 | - IO::Socket::SSL (from CPAN) | ||
393 | 388 | |||
394 | 389 | If you wish to use SSL encryption to communicate between spamc and | ||
395 | 390 | spamd (the --ssl option to spamd), you need to install this | ||
396 | 391 | module. (You will need the OpenSSL libraries and use the | ||
397 | 392 | ENABLE_SSL="yes" argument to Makefile.PL to build and run an SSL | ||
398 | 393 | compatibile spamc.) | ||
399 | 394 | |||
400 | 395 | Fedora: yum install perl-IO-Socket-SSL | ||
401 | 396 | |||
402 | 397 | |||
403 | 398 | - Compress::Zlib (from CPAN) | ||
404 | 399 | |||
405 | 400 | If you wish to use the optional zlib compression for communication | ||
406 | 401 | between spamc and spamd (the -z option to spamc), useful for | ||
407 | 402 | long-distance use of spamc over the internet, you need to install | ||
408 | 403 | this module. | ||
409 | 404 | |||
410 | 405 | Fedora: yum install perl-Compress-Zlib | ||
411 | 406 | |||
412 | 407 | |||
413 | 408 | - Mail::DKIM (from CPAN) | ||
414 | 409 | |||
415 | 410 | If this module is installed, and you enable the DKIM plugin, | ||
416 | 411 | SpamAssassin will perform DKIM lookups when a DKIM-Signature header is | ||
417 | 412 | present in the message headers. Current versions of Mail::DKIM (0.20 | ||
418 | 413 | or later) also perform Domain Key lookups on DomainKey-Signature headers, | ||
419 | 414 | without requiring the Mail::DomainKeys module, which is now obsolete. | ||
420 | 415 | Version 0.37 or later is preferred, the absolute minimal version is 0.31. | ||
421 | 416 | |||
422 | 417 | Note that the Mail::DKIM module in turn requires the Digest::SHA module | ||
423 | 418 | and OpenSSL libraries. | ||
424 | 419 | |||
425 | 420 | |||
426 | 421 | - DBI *and* DBD driver/modules for your database (from CPAN) | ||
427 | 422 | |||
428 | 423 | If you intend to use SpamAssassin with an SQL database backend for | ||
429 | 424 | user configuration data, Bayes storage, or other storage, you will need | ||
430 | 425 | to have these installed; both the basic DBI module and the driver for | ||
431 | 426 | your database. | ||
432 | 427 | |||
433 | 428 | |||
434 | 429 | - Encode::Detect (from CPAN) | ||
435 | 430 | |||
436 | 431 | If you plan to use the normalize_charset config setting to detect | ||
437 | 432 | charsets and convert them into Unicode, you will need to install | ||
438 | 433 | this module. | ||
439 | 434 | |||
440 | 435 | |||
441 | 436 | - Apache::Test (from CPAN) | ||
442 | 437 | |||
443 | 438 | If you plan to run the Apache2 version of spamd in the | ||
444 | 439 | "spamd-apache2" directory, you will need to install this | ||
445 | 440 | module. | ||
446 | 441 | |||
447 | 442 | |||
448 | 443 | - Apache 2 and mod_perl | ||
449 | 444 | |||
450 | 445 | If you plan to run the Apache2 version of spamd in the "spamd-apache2" | ||
451 | 446 | directory, you will need to ensure these are installed. | ||
452 | 447 | |||
453 | 448 | Ubuntu: sudo apt-get install apache2 libapache2-mod-perl2 | ||
454 | 449 | |||
455 | 450 | |||
456 | 451 | - Razor2 | ||
457 | 452 | |||
458 | 453 | If you plan to use Vipul's Razor, note that versions up to and | ||
459 | 454 | including version 2.82 include a bug that will slow down the entire | ||
460 | 455 | perl interpreter. Version 2.83 or later fixes this. | ||
461 | 456 | |||
462 | 457 | If you do not plan to use this plugin, be sure to comment out | ||
463 | 458 | its loadplugin line in "/etc/mail/spamassassin/v310.pre". | ||
464 | 459 | |||
465 | 460 | |||
466 | 461 | What Next? | ||
467 | 462 | ---------- | ||
468 | 463 | |||
469 | 464 | Take a look at the USAGE document for more information on how to use | ||
470 | 465 | SpamAssassin. | ||
471 | 466 | |||
472 | 467 | The SpamAssassin Wiki <http://wiki.spamassassin.org/> contains | ||
473 | 468 | information on custom plugins, extensions, and other optional modules | ||
474 | 469 | included with SpamAssassin. | ||
475 | 470 | |||
476 | 471 | |||
477 | 472 | (end of INSTALL) | ||
478 | 473 | |||
479 | 474 | // vim:tw=74: | ||
480 | 475 | 0 | ||
481 | === removed file '.pc/10_change_config_paths/README' | |||
482 | --- .pc/10_change_config_paths/README 2010-03-01 00:57:24 +0000 | |||
483 | +++ .pc/10_change_config_paths/README 1970-01-01 00:00:00 +0000 | |||
484 | @@ -1,354 +0,0 @@ | |||
485 | 1 | Welcome to SpamAssassin! | ||
486 | 2 | ------------------------ | ||
487 | 3 | |||
488 | 4 | What SpamAssassin Is | ||
489 | 5 | -------------------- | ||
490 | 6 | |||
491 | 7 | SpamAssassin is a mail filter which attempts to identify spam using | ||
492 | 8 | a variety of mechanisms including text analysis, Bayesian filtering, | ||
493 | 9 | DNS blocklists, and collaborative filtering databases. | ||
494 | 10 | |||
495 | 11 | SpamAssassin is a project of the Apache Software Foundation (ASF). | ||
496 | 12 | |||
497 | 13 | |||
498 | 14 | What SpamAssassin Is Not | ||
499 | 15 | ------------------------ | ||
500 | 16 | |||
501 | 17 | SpamAssassin is not a program to delete spam, route spam and ham to | ||
502 | 18 | separate mailboxes or folders, or send bounces when you receive spam. | ||
503 | 19 | Those are mail routing functions, and SpamAssassin is not a mail | ||
504 | 20 | router. SpamAssassin is a mail filter or classifier. It will examine | ||
505 | 21 | each message presented to it, and assign a score indicating the | ||
506 | 22 | likelihood that the mail is spam. An external program must then | ||
507 | 23 | examine this score and do any routing the user wants done. There are | ||
508 | 24 | many programs that will easily perform these functions after examining | ||
509 | 25 | the score assigned by SpamAssassin. | ||
510 | 26 | |||
511 | 27 | |||
512 | 28 | How SpamAssassin Works | ||
513 | 29 | ---------------------- | ||
514 | 30 | |||
515 | 31 | SpamAssassin uses a wide range of heuristic tests on mail headers and | ||
516 | 32 | body text to identify "spam", also known as unsolicited commercial | ||
517 | 33 | email. | ||
518 | 34 | |||
519 | 35 | Once identified, the mail can then be optionally tagged as spam for | ||
520 | 36 | later filtering using the user's own mail user-agent application. | ||
521 | 37 | |||
522 | 38 | SpamAssassin typically differentiates successfully between spam and | ||
523 | 39 | non-spam in between 95% and 100% of cases, depending on what kind of mail | ||
524 | 40 | you get and your training of its Bayesian filter. Specifically, | ||
525 | 41 | SpamAssassin has been shown to produce around 1.5% false negatives (spam | ||
526 | 42 | that was missed) and around 0.06% false positives (ham incorrectly marked | ||
527 | 43 | as spam). See the rules/STATISTICS*.txt files for more information. | ||
528 | 44 | |||
529 | 45 | SpamAssassin also includes plugins to support reporting spam messages | ||
530 | 46 | automatically or manually to collaborative filtering databases such as | ||
531 | 47 | Pyzor, DCC, and Vipul's Razor. | ||
532 | 48 | |||
533 | 49 | The distribution provides "spamassassin", a command line tool to | ||
534 | 50 | perform filtering, along with the "Mail::SpamAssassin" module set | ||
535 | 51 | which allows SpamAssassin to be used in spam-protection proxy SMTP or | ||
536 | 52 | POP/IMAP server, or a variety of different spam-blocking scenarios. | ||
537 | 53 | |||
538 | 54 | In addition, "spamd", a daemonized version of SpamAssassin which | ||
539 | 55 | runs persistently, is available. Using its counterpart, "spamc", | ||
540 | 56 | a lightweight client written in C, an MTA can process large volumes of | ||
541 | 57 | mail through SpamAssassin without having to fork/exec a perl interpreter | ||
542 | 58 | for each message. | ||
543 | 59 | |||
544 | 60 | |||
545 | 61 | Questions? Need Help? | ||
546 | 62 | --------------------- | ||
547 | 63 | |||
548 | 64 | If you have questions about SpamAssassin, please check the Wiki[1] to | ||
549 | 65 | see if someone has already posted an answer to your question. (The | ||
550 | 66 | Wiki doubles as a FAQ.) Failing that, post a message to the | ||
551 | 67 | spamassassin-users mailing list[2]. If you've found a bug (and you're | ||
552 | 68 | sure it's a bug after checking the Wiki), please file a report in our | ||
553 | 69 | Bugzilla[3]. | ||
554 | 70 | |||
555 | 71 | [1]: http://wiki.apache.org/spamassassin/ | ||
556 | 72 | [2]: http://wiki.apache.org/spamassassin/MailingLists | ||
557 | 73 | [3]: http://issues.apache.org/SpamAssassin/ | ||
558 | 74 | |||
559 | 75 | Please also be sure to read the man pages. | ||
560 | 76 | |||
561 | 77 | |||
562 | 78 | Upgrading SpamAssassin | ||
563 | 79 | ---------------------- | ||
564 | 80 | |||
565 | 81 | IMPORTANT: If you are upgrading from a previous major version of | ||
566 | 82 | SpamAssassin, please be sure to read the notes in UPGRADE to find out | ||
567 | 83 | what has changed in a non-backwards compatible way. | ||
568 | 84 | |||
569 | 85 | |||
570 | 86 | Installing SpamAssassin | ||
571 | 87 | ----------------------- | ||
572 | 88 | |||
573 | 89 | See the INSTALL file. | ||
574 | 90 | |||
575 | 91 | |||
576 | 92 | Customising SpamAssassin | ||
577 | 93 | ------------------------ | ||
578 | 94 | |||
579 | 95 | These are the configuration files installed by SpamAssassin. The commands | ||
580 | 96 | that can be used therein are listed in the POD documentation for the | ||
581 | 97 | Mail::SpamAssassin::Conf class (run the following command to read it: | ||
582 | 98 | "perldoc Mail::SpamAssassin::Conf"). Note: The following directories are | ||
583 | 99 | the standard defaults that people use. There is an explanation of all the | ||
584 | 100 | default locations that SpamAssassin will look at the end. | ||
585 | 101 | |||
586 | 102 | - /usr/share/spamassassin/*.cf: | ||
587 | 103 | |||
588 | 104 | Distributed configuration files, with all defaults. Do not modify | ||
589 | 105 | these, as they are overwritten when you upgrade. | ||
590 | 106 | |||
591 | 107 | - /var/lib/spamassassin/*/*.cf: | ||
592 | 108 | |||
593 | 109 | Local state directory; updated rulesets, overriding the | ||
594 | 110 | distributed configuration files, downloaded using "sa-update". Do | ||
595 | 111 | not modify these, as they are overwritten when you run | ||
596 | 112 | "sa-update". | ||
597 | 113 | |||
598 | 114 | - /etc/mail/spamassassin/*.cf: | ||
599 | 115 | |||
600 | 116 | Site config files, for system admins to create, modify, and | ||
601 | 117 | add local rules and scores to. Modifications here will be | ||
602 | 118 | appended to the config loaded from the above directory. | ||
603 | 119 | |||
604 | 120 | - /etc/mail/spamassassin/*.pre: | ||
605 | 121 | |||
606 | 122 | Plugin control files, installed from the distribution. These are | ||
607 | 123 | used to control what plugins are loaded. Modifications here will | ||
608 | 124 | be loaded before any configuration loaded from the above | ||
609 | 125 | directories. | ||
610 | 126 | |||
611 | 127 | You want to modify these files if you want to load additional | ||
612 | 128 | plugins, or inhibit loading a plugin that is enabled by default. | ||
613 | 129 | If the files exist in /etc/mail/spamassassin, they will not | ||
614 | 130 | be overwritten during future installs. | ||
615 | 131 | |||
616 | 132 | - /usr/share/spamassassin/user_prefs.template: | ||
617 | 133 | |||
618 | 134 | Distributed default user preferences. Do not modify this, as it is | ||
619 | 135 | overwritten when you upgrade. | ||
620 | 136 | |||
621 | 137 | - /etc/mail/spamassassin/user_prefs.template: | ||
622 | 138 | |||
623 | 139 | Default user preferences, for system admins to create, modify, and | ||
624 | 140 | set defaults for users' preferences files. Takes precedence over | ||
625 | 141 | the above prefs file, if it exists. | ||
626 | 142 | |||
627 | 143 | Do not put system-wide settings in here; put them in a file in the | ||
628 | 144 | "/etc/mail/spamassassin" directory ending in ".cf". This file is | ||
629 | 145 | just a template, which will be copied to a user's home directory | ||
630 | 146 | for them to change. | ||
631 | 147 | |||
632 | 148 | - $USER_HOME/.spamassassin: | ||
633 | 149 | |||
634 | 150 | User state directory. Used to hold spamassassin state, such | ||
635 | 151 | as a per-user automatic whitelist, and the user's preferences | ||
636 | 152 | file. | ||
637 | 153 | |||
638 | 154 | - $USER_HOME/.spamassassin/user_prefs: | ||
639 | 155 | |||
640 | 156 | User preferences file. If it does not exist, one of the | ||
641 | 157 | default prefs file from above will be copied here for the | ||
642 | 158 | user to edit later, if they wish. | ||
643 | 159 | |||
644 | 160 | Unless you're using spamd, there is no difference in | ||
645 | 161 | interpretation between the rules file and the preferences file, so | ||
646 | 162 | users can add new rules for their own use in the | ||
647 | 163 | "~/.spamassassin/user_prefs" file, if they like. (spamd disables | ||
648 | 164 | this for security and increased speed.) | ||
649 | 165 | |||
650 | 166 | - $USER_HOME/.spamassassin/bayes* | ||
651 | 167 | |||
652 | 168 | Statistics databases used for Bayesian filtering. If they do | ||
653 | 169 | not exist, they will be created by SpamAssassin. | ||
654 | 170 | |||
655 | 171 | Spamd users may wish to create a shared set of bayes databases; | ||
656 | 172 | the "bayes_path" and "bayes_file_mode" configuration settings | ||
657 | 173 | can be used to do this. | ||
658 | 174 | |||
659 | 175 | See "perldoc sa-learn" for more documentation on how | ||
660 | 176 | to train this. | ||
661 | 177 | |||
662 | 178 | File Locations: | ||
663 | 179 | |||
664 | 180 | SpamAssassin will look in a number of areas to find the default | ||
665 | 181 | configuration files that are used. The "__*__" text are variables | ||
666 | 182 | whose value you can see by looking at the first several lines of the | ||
667 | 183 | "spamassassin" or "spamd" scripts. | ||
668 | 184 | |||
669 | 185 | They are set on install time and can be overridden with the Makefile.PL | ||
670 | 186 | command line options DATADIR (for __def_rules_dir__) and CONFDIR (for | ||
671 | 187 | __local_rules_dir__). If none of these options were given, FHS-compliant | ||
672 | 188 | locations based on the PREFIX (which becomes __prefix__) are chosen. | ||
673 | 189 | These are: | ||
674 | 190 | |||
675 | 191 | __prefix__ __def_rules_dir__ __local_rules_dir__ | ||
676 | 192 | ------------------------------------------------------------------------- | ||
677 | 193 | /usr /usr/share/spamassassin /etc/mail/spamassassin | ||
678 | 194 | /usr/local /usr/local/share/spamassassin /etc/mail/spamassassin | ||
679 | 195 | /opt/$DIR /opt/$DIR/share/spamassassin /etc/opt/mail/spamassassin | ||
680 | 196 | $DIR $DIR/share/spamassassin $DIR/etc/mail/spamassassin | ||
681 | 197 | |||
682 | 198 | The files themselves are then looked for in these paths: | ||
683 | 199 | |||
684 | 200 | - Distributed Configuration Files | ||
685 | 201 | '__def_rules_dir__' | ||
686 | 202 | '__prefix__/share/spamassassin' | ||
687 | 203 | '/usr/local/share/spamassassin' | ||
688 | 204 | '/usr/share/spamassassin' | ||
689 | 205 | |||
690 | 206 | - Site Configuration Files | ||
691 | 207 | '__local_rules_dir__' | ||
692 | 208 | '__prefix__/etc/mail/spamassassin' | ||
693 | 209 | '__prefix__/etc/spamassassin' | ||
694 | 210 | '/usr/local/etc/spamassassin' | ||
695 | 211 | '/usr/pkg/etc/spamassassin' | ||
696 | 212 | '/usr/etc/spamassassin' | ||
697 | 213 | '/etc/mail/spamassassin' | ||
698 | 214 | '/etc/spamassassin' | ||
699 | 215 | |||
700 | 216 | - Default User Preferences File | ||
701 | 217 | '__local_rules_dir__/user_prefs.template' | ||
702 | 218 | '__prefix__/etc/mail/spamassassin/user_prefs.template' | ||
703 | 219 | '__prefix__/share/spamassassin/user_prefs.template' | ||
704 | 220 | '/etc/spamassassin/user_prefs.template' | ||
705 | 221 | '/etc/mail/spamassassin/user_prefs.template' | ||
706 | 222 | '/usr/local/share/spamassassin/user_prefs.template' | ||
707 | 223 | '/usr/share/spamassassin/user_prefs.template' | ||
708 | 224 | |||
709 | 225 | |||
710 | 226 | In addition, the "Distributed Configuration Files" location is overridden | ||
711 | 227 | by a "Local State Directory", used to store an updated copy of the | ||
712 | 228 | ruleset: | ||
713 | 229 | |||
714 | 230 | __prefix__ __local_state_dir__ | ||
715 | 231 | ------------------------------------------------------------------------- | ||
716 | 232 | /usr /var/lib/spamassassin/__version__ | ||
717 | 233 | /usr/local /var/lib/spamassassin/__version__ | ||
718 | 234 | /opt/$DIR /var/opt/spamassassin/__version__ | ||
719 | 235 | $DIR $DIR/var/spamassassin/__version__ | ||
720 | 236 | |||
721 | 237 | This is normally written to by the "sa-update" script. "__version__" is | ||
722 | 238 | replaced by a representation of the version number, so that multiple | ||
723 | 239 | versions of SpamAssassin will not interfere with each other's rulesets. | ||
724 | 240 | |||
725 | 241 | |||
726 | 242 | After installation, try "perldoc Mail::SpamAssassin::Conf" to see what | ||
727 | 243 | can be set. Common first-time tweaks include: | ||
728 | 244 | |||
729 | 245 | - required_score | ||
730 | 246 | |||
731 | 247 | Set this higher to make SpamAssassin less sensitive. | ||
732 | 248 | If you are installing SpamAssassin system-wide, this is | ||
733 | 249 | **strongly** recommended! | ||
734 | 250 | |||
735 | 251 | Statistics on how many false positives to expect at various | ||
736 | 252 | different thresholds are available in the "STATISTICS.txt" file in | ||
737 | 253 | the "rules" directory. | ||
738 | 254 | |||
739 | 255 | - rewrite_header, add_header | ||
740 | 256 | |||
741 | 257 | These options affect the way messages are tagged as spam or | ||
742 | 258 | non-spam. This makes it easy to identify incoming mail. | ||
743 | 259 | |||
744 | 260 | - ok_locales | ||
745 | 261 | |||
746 | 262 | If you expect to receive mail in non-ISO-8859 character sets (ie. | ||
747 | 263 | Chinese, Cyrillic, Japanese, Korean, or Thai) then set this. | ||
748 | 264 | |||
749 | 265 | |||
750 | 266 | Learning | ||
751 | 267 | -------- | ||
752 | 268 | |||
753 | 269 | SpamAssassin includes a Bayesian learning filter, so it is worthwhile | ||
754 | 270 | training SpamAssassin with your collection of non-spam and spam, | ||
755 | 271 | if possible. This will make it more accurate for your incoming mail. | ||
756 | 272 | Do this using the "sa-learn" tools, like so: | ||
757 | 273 | |||
758 | 274 | sa-learn --spam ~/Mail/saved-spam-folder | ||
759 | 275 | sa-learn --ham ~/Mail/inbox | ||
760 | 276 | sa-learn --ham ~/Mail/other-nonspam-folder | ||
761 | 277 | |||
762 | 278 | |||
763 | 279 | If these are mail folders in mbox format, use the --mbox switch, for | ||
764 | 280 | Maildirs use a trailing slash, like Maildir/cur/. | ||
765 | 281 | |||
766 | 282 | Use as many mailboxes as you like. Note that SpamAssassin will remember | ||
767 | 283 | what mails it has learnt from, so you can re-run this as often as you like. | ||
768 | 284 | |||
769 | 285 | |||
770 | 286 | Locali[sz]ation | ||
771 | 287 | --------------- | ||
772 | 288 | |||
773 | 289 | All text displayed to users is taken from the configuration files. This | ||
774 | 290 | means that you can translate messages, test descriptions, and templates | ||
775 | 291 | into other languages. | ||
776 | 292 | |||
777 | 293 | If you do so, we would *really* appreciate it if you could contribute | ||
778 | 294 | these translations, so that they can be added to the | ||
779 | 295 | distribution. Please file a bug in our Bugzilla[4], and attach your | ||
780 | 296 | translations. You will, of course, be credited for this work! | ||
781 | 297 | |||
782 | 298 | [4]: http://issues.apache.org/SpamAssassin/ | ||
783 | 299 | |||
784 | 300 | |||
785 | 301 | Disabled code | ||
786 | 302 | ------------- | ||
787 | 303 | |||
788 | 304 | There are some tests and code in SpamAssassin that are turned off by | ||
789 | 305 | default: experimental code, slow code, or code that depends on | ||
790 | 306 | non-open-source software or services that are not always free. These | ||
791 | 307 | disabled tests include: | ||
792 | 308 | |||
793 | 309 | - DCC: depends on non-open-source software (disabled in init.pre) | ||
794 | 310 | - MAPS: commercial service (disabled in 50_scores.cf) | ||
795 | 311 | - TextCat: slow (disabled in init.pre) | ||
796 | 312 | - various optional plugins, disabled for speed (disabled in *.pre) | ||
797 | 313 | |||
798 | 314 | To turn on tests disabled in 50_scores.cf, simply assign them a non-zero | ||
799 | 315 | score, e.g. by adding score lines to your ~/.spamassassin/user_prefs file. | ||
800 | 316 | |||
801 | 317 | To turn on tests disabled by commenting out the required plugin in | ||
802 | 318 | init.pre, you need to uncomment the loadplugin line and make sure the | ||
803 | 319 | prerequisites for proper operation of the plugin are present. | ||
804 | 320 | |||
805 | 321 | |||
806 | 322 | Automatic Whitelist System | ||
807 | 323 | -------------------------- | ||
808 | 324 | |||
809 | 325 | SpamAssassin includes automatic whitelisting; The current iteration is | ||
810 | 326 | considerably more complex than the original version. The way it works is | ||
811 | 327 | by tracking for each sender address the average score of messages so far | ||
812 | 328 | seen from there. Then, it combines this long-term average score for the | ||
813 | 329 | sender with the score for the particular message being evaluated, after | ||
814 | 330 | all other rules have been applied. | ||
815 | 331 | |||
816 | 332 | This functionality is on by default, and is enabled or disabled with the | ||
817 | 333 | "use_auto_whitelist" option. | ||
818 | 334 | |||
819 | 335 | A system-wide auto-whitelist can be used, by setting the | ||
820 | 336 | auto_whitelist_path and auto_whitelist_file_mode configuration commands | ||
821 | 337 | appropriately, e.g. | ||
822 | 338 | |||
823 | 339 | auto_whitelist_path /var/spool/spamassassin/auto-whitelist | ||
824 | 340 | auto_whitelist_file_mode 0666 | ||
825 | 341 | |||
826 | 342 | The spamassassin -W and -R command line flags provide an API to add and | ||
827 | 343 | remove entries 'manually', if you so desire. They operate based on an | ||
828 | 344 | input mail message, to allow them to be set up as aliases which users can | ||
829 | 345 | simply forward their mails to. See the spamassassin manual page for more | ||
830 | 346 | details. | ||
831 | 347 | |||
832 | 348 | The default address-list implementation, | ||
833 | 349 | Mail::SpamAssassin::DBBasedAddrList, uses Berkeley DB files to store | ||
834 | 350 | the addresses. | ||
835 | 351 | |||
836 | 352 | (end of README) | ||
837 | 353 | |||
838 | 354 | // vim:tw=74: | ||
839 | 355 | 0 | ||
840 | === removed file '.pc/10_change_config_paths/UPGRADE' | |||
841 | --- .pc/10_change_config_paths/UPGRADE 2010-03-01 00:57:24 +0000 | |||
842 | +++ .pc/10_change_config_paths/UPGRADE 1970-01-01 00:00:00 +0000 | |||
843 | @@ -1,309 +0,0 @@ | |||
844 | 1 | Note for Users Upgrading to SpamAssassin 3.3.0 | ||
845 | 2 | ----------------------------------------------- | ||
846 | 3 | |||
847 | 4 | - Rules are no longer included with SpamAssassin "out of the box". You will | ||
848 | 5 | need to immediately run "sa-update", or download the additional rules .tgz | ||
849 | 6 | package and run "sa-update --install" with it, to get a ruleset. | ||
850 | 7 | |||
851 | 8 | - The BETA label has been taken off of the SpamAssassin SQL support. Please | ||
852 | 9 | be aware that occasional changes may still be made to this area of the | ||
853 | 10 | code. You should be sure to read this upgrade document each time you | ||
854 | 11 | install a new version to determine if any SQL updates need to be made to | ||
855 | 12 | your local installation. | ||
856 | 13 | |||
857 | 14 | - The DKIM plugin is now enabled by default for new installs, if the perl | ||
858 | 15 | module Mail::DKIM is installed. However, installation of SpamAssassin | ||
859 | 16 | will not overwrite existing .pre configuration files, so to use DKIM when | ||
860 | 17 | upgrading from a previous release that did not use DKIM, a directive: | ||
861 | 18 | |||
862 | 19 | loadplugin Mail::SpamAssassin::Plugin::DKIM | ||
863 | 20 | |||
864 | 21 | will need to be uncommented in file "v312.pre", or added to some | ||
865 | 22 | other .pre file, such as local.pre. | ||
866 | 23 | |||
867 | 24 | |||
868 | 25 | Note for Users Upgrading to SpamAssassin 3.2.0 | ||
869 | 26 | ----------------------------------------------- | ||
870 | 27 | |||
871 | 28 | - The "127/8" network, including 127.0.0.1, is now always implicitly part of | ||
872 | 29 | "trusted_networks" and "internal_networks". It's impossible to remove these | ||
873 | 30 | from the trusted/internal sets, since if you cannot trust the host where | ||
874 | 31 | SpamAssassin is running, you cannot trust SpamAssassin itself. If you | ||
875 | 32 | previously had "trusted_networks" and "internal_networks" lines listing those | ||
876 | 33 | hosts, you should now remove them, otherwise a minor (non-lint-error) warning | ||
877 | 34 | will be output. | ||
878 | 35 | |||
879 | 36 | - For ISPs -- version 3.2.0 now includes a new way to specify Mail Submission | ||
880 | 37 | Agents, relay hosts which accept mail from your own users and authenticates | ||
881 | 38 | them appropriately. See the Mail::SpamAssassin::Conf manual page for the | ||
882 | 39 | "msa_networks" setting. | ||
883 | 40 | |||
884 | 41 | |||
885 | 42 | Note for Users Upgrading to SpamAssassin 3.1.0 | ||
886 | 43 | ----------------------------------------------- | ||
887 | 44 | |||
888 | 45 | - A significant amount of core functionality has been moved into | ||
889 | 46 | plugins. These include, AWL (auto-whitelist), DCC, Pyzor, Razor2, | ||
890 | 47 | SpamCop reporting and TextCat. For information on configuring these | ||
891 | 48 | plugins please refer to their individual documentation: | ||
892 | 49 | perldoc Mail::SpamAssassin::Plugin::* (ie AWL, DCC, etc) | ||
893 | 50 | |||
894 | 51 | - There are now multiple files read to enable plugins in the | ||
895 | 52 | /etc/mail/spamassassin directory; previously only one, "init.pre" was | ||
896 | 53 | read. Now both "init.pre", "v310.pre", and any other files ending | ||
897 | 54 | in ".pre" will be read. As future releases are made, new plugins | ||
898 | 55 | will be added to new files named according to the release they're | ||
899 | 56 | added in. | ||
900 | 57 | |||
901 | 58 | - Due to license restrictions the DCC and Razor2 plugins are disabled | ||
902 | 59 | by default. We encourage you to read the appropriate license | ||
903 | 60 | yourself and decide if you are able to re-enable the plugins for | ||
904 | 61 | your site. | ||
905 | 62 | |||
906 | 63 | - The use_auto_whitelist config option has been moved to a user config | ||
907 | 64 | option, this allows individual users to turn on or off whitelisting | ||
908 | 65 | regardless of what is set in the system config. If you would like to | ||
909 | 66 | disable AWL (auto-whitelist) on a site-wide basis, then you can comment | ||
910 | 67 | out the plugin in "v310.pre". | ||
911 | 68 | |||
912 | 69 | - The bayes_auto_learn_threshold_* config options for bayes have moved | ||
913 | 70 | to a plugin. In general the default should work just fine however | ||
914 | 71 | if you are interested in changing these values you should see: | ||
915 | 72 | perldoc Mail::SpamAssassin::Plugin::AutoLearnThreshold | ||
916 | 73 | |||
917 | 74 | - The AWL support for NDBM_File databases has been dropped, due to a | ||
918 | 75 | bug in that package which renders it useless (bug 4353). It appears | ||
919 | 76 | that SDBM_File, the package which will be used instead, is fully | ||
920 | 77 | compatible with NDBM however, so this should be unnoticeable. | ||
921 | 78 | |||
922 | 79 | - The prefork algorithm for spamd has been changed. In this version spamd | ||
923 | 80 | will attempt to keep a small number of "hot" child processes as busy as | ||
924 | 81 | possible, and keep any others as idle as possible, using something | ||
925 | 82 | similar to the Apache httpd server scaling algorithm. This reduces | ||
926 | 83 | memory usage and swapping. You can use the --round-robin switch for | ||
927 | 84 | spamd to disable this scaling algorithm, and the behaviour seen in the | ||
928 | 85 | 3.0.x versions will be used instead, where all processes receive an | ||
929 | 86 | equal load and no scaling takes place. | ||
930 | 87 | |||
931 | 88 | - As of 3.1.0, in addition to the generic BayesSQL support (via | ||
932 | 89 | Mail::SpamAssassin::BayesStore::SQL) usable by multiple database | ||
933 | 90 | drivers there is now specific support for MySQL 4.1+ and | ||
934 | 91 | PostgreSQL. This support is based on non-standard features present | ||
935 | 92 | in both database servers that allow for various performance boosts. | ||
936 | 93 | |||
937 | 94 | If you were using the previous BayesSQL support with MySQL, and | ||
938 | 95 | already have MySQL 4.1+ installed you can begin using the new module | ||
939 | 96 | immediately by replacing the bayes_store_module line in your | ||
940 | 97 | configuration with: Mail::SpamAssassin::BayesStore::MySQL | ||
941 | 98 | |||
942 | 99 | We do however recommend that you switch your MySQL tables over to | ||
943 | 100 | InnoDB for better data integrity and multi user support. You can | ||
944 | 101 | most often do this via a simple ALTER TABLE command, refer to the | ||
945 | 102 | MySQL documentation for more information. | ||
946 | 103 | |||
947 | 104 | If you were previously using PostgreSQL for your bayes database then | ||
948 | 105 | we STRONGLY recommend switching to the PostgreSQL specific backend: | ||
949 | 106 | Mail::SpamAssassin::BayesStore::PgSQL | ||
950 | 107 | To switch to this backend you should first run sa-learn --backup to | ||
951 | 108 | make a backup of your existing data and then drop and recreate the | ||
952 | 109 | database following the instructions in sql/README.bayes. Then you | ||
953 | 110 | can restore the database with sa-learn --restore. If you have | ||
954 | 111 | multiple users then you will have to run --backup and --restore for | ||
955 | 112 | each user to fully restore the database. | ||
956 | 113 | |||
957 | 114 | - See http://wiki.apache.org/spamassassin/UpgradeTo310 for a | ||
958 | 115 | supplementary list of upgrade notes. It will be updated with any | ||
959 | 116 | upgrade notes not captured in this document. | ||
960 | 117 | |||
961 | 118 | - Finally, this document is likely not complete. Other configuration | ||
962 | 119 | options/arguments may have changed from older versions, etc. It would | ||
963 | 120 | be good to double-check any custom configuration options to make sure | ||
964 | 121 | they're still valid. This could be as simple as running "spamassassin | ||
965 | 122 | --lint", or more complex, as required by the environment. | ||
966 | 123 | |||
967 | 124 | |||
968 | 125 | Note for Users Upgrading to SpamAssassin 3.0.x | ||
969 | 126 | ---------------------------------------------- | ||
970 | 127 | |||
971 | 128 | - The SpamAssassin 2.6x release series was the last set of releases to | ||
972 | 129 | officially support perl versions earlier than perl 5.6.1. If you are | ||
973 | 130 | using an earlier version of perl, you will need to upgrade before you | ||
974 | 131 | can use the 3.0.0 version of SpamAssassin. You will also want to make | ||
975 | 132 | sure that you have the appropriate versions of required and optional | ||
976 | 133 | modules as they may have changed from old versions. The INSTALL | ||
977 | 134 | document has the modules and version requirements listed. | ||
978 | 135 | |||
979 | 136 | - See http://wiki.apache.org/spamassassin/UpgradeTo300 for a | ||
980 | 137 | supplementary list of upgrade notes. It will be updated with any | ||
981 | 138 | upgrade notes not captured in this document. | ||
982 | 139 | |||
983 | 140 | - SpamAssassin 3.0.0 has a significantly different API (Application Program | ||
984 | 141 | Interface) from the 2.x series of code. This means that if you use | ||
985 | 142 | SpamAssassin through a third-party utility (milter, etc,) you need to make | ||
986 | 143 | sure you have an updated version which supports 3.0.0. See | ||
987 | 144 | http://wiki.apache.org/spamassassin/UpgradeTo300 for information about | ||
988 | 145 | third-party software. | ||
989 | 146 | |||
990 | 147 | - The --auto-whitelist, --whitelist and -a options for "spamd" and | ||
991 | 148 | "spamassassin" to turn on the auto-whitelist have been removed and | ||
992 | 149 | replaced by the "use_auto_whitelist" configuration option which is | ||
993 | 150 | also now turned on by default. | ||
994 | 151 | |||
995 | 152 | - The --virtual-config switch for spamd had to be dropped, due to licensing | ||
996 | 153 | issues. It is replaced by the --virtual-config-dir switch. | ||
997 | 154 | |||
998 | 155 | - The "rewrite_subject" and "subject_tag" configuration options were | ||
999 | 156 | deprecated and are now removed. Instead, using "rewrite_header Subject | ||
1000 | 157 | [your desired setting]". e.g. | ||
1001 | 158 | |||
1002 | 159 | rewrite_subject 1 | ||
1003 | 160 | subject_tag ****SPAM(_SCORE_)**** | ||
1004 | 161 | |||
1005 | 162 | becomes | ||
1006 | 163 | |||
1007 | 164 | rewrite_header Subject ****SPAM(_SCORE_)**** | ||
1008 | 165 | |||
1009 | 166 | - The "sa-learn --rebuild" command has been deprecated; please use | ||
1010 | 167 | "sa-learn --sync" instead. The --rebuild option will remain temporarily | ||
1011 | 168 | for backwards compatability. | ||
1012 | 169 | |||
1013 | 170 | - The Bayesian storage modules have been completely re-written and now | ||
1014 | 171 | include Berkeley DB (DBM) storage as well as SQL based storage (see | ||
1015 | 172 | sql/README.bayes for more information). In addition, a new format | ||
1016 | 173 | has been introduced for the bayes database that stores tokens in fixed | ||
1017 | 174 | length hashes (Bayes v3). All DBM databases should be automatically | ||
1018 | 175 | converted to this new format the first time they are opened for write. | ||
1019 | 176 | You can manually perform the upgrade by running "sa-learn --sync" | ||
1020 | 177 | from the command line. | ||
1021 | 178 | |||
1022 | 179 | Due to the database format change, you will want to do something like | ||
1023 | 180 | this when upgrading: | ||
1024 | 181 | |||
1025 | 182 | - stop running spamassassin/spamd (ie: you don't want it to be running | ||
1026 | 183 | during the upgrade) | ||
1027 | 184 | - run "sa-learn --rebuild", this will sync your journal. if you skip | ||
1028 | 185 | this step, any data from the journal will be lost when the DB is | ||
1029 | 186 | upgraded. | ||
1030 | 187 | - upgrade SA to 3.0.0 | ||
1031 | 188 | - run "sa-learn --sync", which will cause the db format to be upgraded. | ||
1032 | 189 | if you want to see what is going on, you can add the "-D" option. | ||
1033 | 190 | - test the new database by running some sample mails through | ||
1034 | 191 | SpamAssassin, and/or at least running "sa-learn --dump" to make sure | ||
1035 | 192 | the data looks valid. | ||
1036 | 193 | - start running spamassassin/spamd again | ||
1037 | 194 | |||
1038 | 195 | If, instead of uprading your Bayes database, you want to wipe it and | ||
1039 | 196 | start fresh, you can run "sa-learn --clear" to safely remove your | ||
1040 | 197 | Bayes database files. If the --clear command issues an error then | ||
1041 | 198 | you can simply delete the Bayes database files ("bayes_*") while SA | ||
1042 | 199 | is not running; SpamAssassin will recreate them in the current | ||
1043 | 200 | format when it runs. | ||
1044 | 201 | |||
1045 | 202 | - "spamd" now has a default max-children setting of 5; no more than 5 | ||
1046 | 203 | child scanner processes will be run in parallel. Previously, there was | ||
1047 | 204 | no default limit unless you specified the "-m" switch when starting | ||
1048 | 205 | spamd. | ||
1049 | 206 | |||
1050 | 207 | - If you are using a UNIX machine with all database files on local disks, | ||
1051 | 208 | and no sharing of those databases across NFS filesystems, you can use a | ||
1052 | 209 | more efficient, but non-NFS-safe, locking mechanism. Do this by adding | ||
1053 | 210 | the line "lock_method flock" to the /etc/mail/spamassassin/local.cf | ||
1054 | 211 | file. This is strongly recommended if you're not using NFS, as it is | ||
1055 | 212 | much faster than the NFS-safe locker. | ||
1056 | 213 | |||
1057 | 214 | - Please note that the use of the following commandline parameters for | ||
1058 | 215 | spamassassin and spamd have been deprecated and may be removed in | ||
1059 | 216 | upcoming versions of SpamAssassin. Please discontinue usage of these | ||
1060 | 217 | options: | ||
1061 | 218 | |||
1062 | 219 | in the 2.6x series: --add-from, --pipe, -F, --stop-at-threshold, | ||
1063 | 220 | -S, -P (spamassassin only) | ||
1064 | 221 | in the 3.0.x series: --auto-whitelist, -a, --whitelist-factory, -M, | ||
1065 | 222 | --warning-from, -w, --log-to-mbox, -l | ||
1066 | 223 | |||
1067 | 224 | - user_scores_sql_table is no longer supported. If you need to use a table | ||
1068 | 225 | name, other than the default, create a custom query using the | ||
1069 | 226 | user_scores_sql_custom_query config option. | ||
1070 | 227 | |||
1071 | 228 | - SpamAssassin runs in "taint mode" by default for improved security. | ||
1072 | 229 | Certain third-party modules may be incompatible with taint mode. | ||
1073 | 230 | |||
1074 | 231 | - 2.6x deprecated the use of the "check_bayes_db" script, and it | ||
1075 | 232 | has been removed in 3.0.0. Please see the sa-learn man/pod | ||
1076 | 233 | documentation for more info. | ||
1077 | 234 | |||
1078 | 235 | - Finally, this document is likely not complete. Other configuration | ||
1079 | 236 | options/arguments may have changed from older versions, etc. It would | ||
1080 | 237 | be good to double-check any custom configuration options to make sure | ||
1081 | 238 | they're still valid. This could be as simple as running "spamassassin | ||
1082 | 239 | --lint", or more complex, as required by the environment. | ||
1083 | 240 | |||
1084 | 241 | An example: "require_version <version>" hasn't changed itself, but the | ||
1085 | 242 | internal version representation is now "x.yyyzzz" instead of "x.yz" | ||
1086 | 243 | which could cause issues if "require_version 3.00" is expected to work | ||
1087 | 244 | (it won't, it needs to be "require_version 3.000000"). | ||
1088 | 245 | |||
1089 | 246 | |||
1090 | 247 | Note for Users Upgrading from SpamAssassin 2.5x | ||
1091 | 248 | ----------------------------------------------- | ||
1092 | 249 | |||
1093 | 250 | - Due to major reliability shortcomings in the database support libraries | ||
1094 | 251 | other than DB_File, we now require that the DB_File module be installed | ||
1095 | 252 | to use SpamAssassin's Bayes rules. | ||
1096 | 253 | |||
1097 | 254 | SpamAssassin will still work without DB_File installed, but the Bayes | ||
1098 | 255 | support will be disabled. | ||
1099 | 256 | |||
1100 | 257 | If you install DB_File and wish to import old Bayes database data, each | ||
1101 | 258 | user with a Bayes db should run "sa-learn --import" to copy old entries | ||
1102 | 259 | from the other formats into a new DB_File file. | ||
1103 | 260 | |||
1104 | 261 | Due to the database library change, and the change to the database | ||
1105 | 262 | format itself, you will want to do something like this when upgrading: | ||
1106 | 263 | |||
1107 | 264 | - stop running spamassassin/spamd (ie: you don't want it to be running | ||
1108 | 265 | during the upgrade) | ||
1109 | 266 | - run "sa-learn --rebuild", this will sync your journal. if you skip | ||
1110 | 267 | this step, any data from the journal will be lost when the DB is | ||
1111 | 268 | upgraded. | ||
1112 | 269 | - install DB_File module if necessary | ||
1113 | 270 | - upgrade SA to 3.0.0 | ||
1114 | 271 | - if you were using another database module previously, run "sa-learn | ||
1115 | 272 | --import" to migrate the data into new DB_File files | ||
1116 | 273 | - run "sa-learn --sync", which will cause the db format to be upgraded. | ||
1117 | 274 | if you want to see what is going on, you can add the "-D" option. | ||
1118 | 275 | - test the new database by running some sample mails through | ||
1119 | 276 | SpamAssassin, and/or at least running "sa-learn --dump" to make sure | ||
1120 | 277 | the data looks valid. | ||
1121 | 278 | - start running spamassassin/spamd again | ||
1122 | 279 | |||
1123 | 280 | Obviously the steps will be different depending on your environment, but | ||
1124 | 281 | you get the idea. :) | ||
1125 | 282 | |||
1126 | 283 | |||
1127 | 284 | Note For Users Upgrading From SpamAssassin 2.3x or 2.4x | ||
1128 | 285 | ------------------------------------------------------- | ||
1129 | 286 | |||
1130 | 287 | - SpamAssassin no longer includes code to handle local mail delivery, as | ||
1131 | 288 | it was not reliable enough, compared to procmail. So now, if you relied | ||
1132 | 289 | on spamassassin to write the mail into your mail folder, you'll have to | ||
1133 | 290 | change your setup to use procmail as detailed below. If you used | ||
1134 | 291 | spamassassin to filter your mail and then something else wrote it into a | ||
1135 | 292 | folder for you, then you should be fine. | ||
1136 | 293 | |||
1137 | 294 | - Support for versions of the optional Mail::Audit module is no longer | ||
1138 | 295 | included. | ||
1139 | 296 | |||
1140 | 297 | - The default mode of tagging (which used to be ***SPAM*** in the subject | ||
1141 | 298 | line) no longer takes place. Instead the message is rewritten. If an | ||
1142 | 299 | incoming message is tagged as spam, instead of modifying the original | ||
1143 | 300 | message, SpamAssassin will create a new report message and attach the | ||
1144 | 301 | original message as a message/rfc822 MIME part (ensuring the original | ||
1145 | 302 | message is completely preserved and easier to recover). If you do not | ||
1146 | 303 | want to modify the body of incoming spam, use the "report_safe" option. | ||
1147 | 304 | The "report_header" and "defang_mime" options have been removed as a | ||
1148 | 305 | result. | ||
1149 | 306 | |||
1150 | 307 | (end of UPGRADE) | ||
1151 | 308 | |||
1152 | 309 | //vim:tw=74: | ||
1153 | 310 | 0 | ||
1154 | === removed file '.pc/10_change_config_paths/USAGE' | |||
1155 | --- .pc/10_change_config_paths/USAGE 2010-03-01 00:57:24 +0000 | |||
1156 | +++ .pc/10_change_config_paths/USAGE 1970-01-01 00:00:00 +0000 | |||
1157 | @@ -1,248 +0,0 @@ | |||
1158 | 1 | |||
1159 | 2 | Important Note For Users Upgrading From Earlier Versions | ||
1160 | 3 | -------------------------------------------------------- | ||
1161 | 4 | |||
1162 | 5 | SpamAssassin no longer includes code to handle local mail delivery, as it | ||
1163 | 6 | was not reliable enough, compared to procmail. So now, if you relied on | ||
1164 | 7 | spamassassin to write the mail into your mail folder, you'll have to | ||
1165 | 8 | change your setup to use procmail as detailed below. | ||
1166 | 9 | |||
1167 | 10 | If you used spamassassin to filter your mail and then something else wrote | ||
1168 | 11 | it into a folder for you, then you should be fine. | ||
1169 | 12 | |||
1170 | 13 | Steps to take for every installation: | ||
1171 | 14 | |||
1172 | 15 | - Install Mail::SpamAssassin on your mail server, as per the INSTALL | ||
1173 | 16 | document. | ||
1174 | 17 | |||
1175 | 18 | - Test it: | ||
1176 | 19 | |||
1177 | 20 | spamassassin -t < sample-nonspam.txt > nonspam.out | ||
1178 | 21 | spamassassin -t < sample-spam.txt > spam.out | ||
1179 | 22 | |||
1180 | 23 | Verify (using a text viewer, ie. "less" or "notepad") that nonspam.out | ||
1181 | 24 | has not been tagged as spam, and that spam.out has. The files should | ||
1182 | 25 | contain the full text and headers of the messages, the "spam.out" | ||
1183 | 26 | message should contain the header "X-Spam-Flag: YES" and be annotated | ||
1184 | 27 | with a report from SpamAssassin, and there should be no errors when you | ||
1185 | 28 | run the commands. | ||
1186 | 29 | |||
1187 | 30 | Even though sample-nonspam.txt is not spam, nonspam.out will | ||
1188 | 31 | contain a SpamAssassin report anyway. This is a side-effect of | ||
1189 | 32 | the "-t" (test) switch. However, there should be less than 5 | ||
1190 | 33 | points accumulated; when the "-t" switch is not in use, the report | ||
1191 | 34 | text would not be added. For more verbose (debugging) output, add | ||
1192 | 35 | the "-D" switch. | ||
1193 | 36 | |||
1194 | 37 | If the commands do not work, DO NOT PROCEED TO THE NEXT STEP, as you | ||
1195 | 38 | will lose mail! | ||
1196 | 39 | |||
1197 | 40 | |||
1198 | 41 | |||
1199 | 42 | If you use KMail: | ||
1200 | 43 | |||
1201 | 44 | - http://kmail.kde.org/tools.html mentions: | ||
1202 | 45 | |||
1203 | 46 | The filter setup is the work of five minutes (if that!) if you have a | ||
1204 | 47 | working spamassassin set up. | ||
1205 | 48 | |||
1206 | 49 | The filter in question is "<any header><matches regexp> ." | ||
1207 | 50 | |||
1208 | 51 | The action is "<pipe through> spamassassin" | ||
1209 | 52 | |||
1210 | 53 | Then, in the advanced options, uncheck the "If this filter matches, | ||
1211 | 54 | stop processing here" box. If you keep this filter at the top, it will | ||
1212 | 55 | analyze any incoming mail, decide whether it's spam or not, and flag | ||
1213 | 56 | it accordingly. | ||
1214 | 57 | |||
1215 | 58 | [Then add] a second filter behind it, which searches for the added | ||
1216 | 59 | spam-flags and diverts them into a specific spam folder. [...] | ||
1217 | 60 | |||
1218 | 61 | |||
1219 | 62 | |||
1220 | 63 | If you use procmail, or haven't decided on any of the above examples: | ||
1221 | 64 | |||
1222 | 65 | - Make a backup of your .procmailrc (if you already have one). | ||
1223 | 66 | |||
1224 | 67 | cp ~/.procmailrc ~/.procmailrc.bak | ||
1225 | 68 | |||
1226 | 69 | - add the line from procmailrc.example to ~/.procmailrc, at the top of | ||
1227 | 70 | the file before any existing recipes. | ||
1228 | 71 | |||
1229 | 72 | That'll process all mail through SA, and refile spam messages to | ||
1230 | 73 | a folder called "caughtspam" in your home directory. | ||
1231 | 74 | |||
1232 | 75 | - Send yourself a mail message, and ensure it gets to you. If it does | ||
1233 | 76 | not, copy your old backed-up .procmailrc file back into place and ask | ||
1234 | 77 | your sysadmin for help! Here's commands to do that: | ||
1235 | 78 | |||
1236 | 79 | cp ~/.procmailrc.bak ~/.procmailrc | ||
1237 | 80 | echo "Help!" | mail root | ||
1238 | 81 | |||
1239 | 82 | |||
1240 | 83 | |||
1241 | 84 | If you want to use SpamAssassin site-wide: | ||
1242 | 85 | |||
1243 | 86 | - take a look at the notes on the Wiki website, currently at | ||
1244 | 87 | <http://wiki.apache.org/spamassassin/UsingSiteWide>. You will probably | ||
1245 | 88 | want to use 'spamd' (see below). You may want to investigate the | ||
1246 | 89 | new Apache mod_perl module, in the 'spamd-apache2' directory, too. | ||
1247 | 90 | |||
1248 | 91 | - *PLEASE* let your users know you've installed it, and how to turn it | ||
1249 | 92 | off! This is our #1 tech support query, and the users are usually | ||
1250 | 93 | pretty frustrated once it reaches that stage. | ||
1251 | 94 | |||
1252 | 95 | - *PLEASE* consider setting it up as "off by default" for most accounts, | ||
1253 | 96 | and let users opt-in to using it. Quite a few folks prefer not to | ||
1254 | 97 | have their mail filtered, presumably because they don't use their | ||
1255 | 98 | email address publically and do not get much spam. | ||
1256 | 99 | |||
1257 | 100 | - Note that procmail users adding spamc to /etc/procmailrc should | ||
1258 | 101 | add the line 'DROPPRIVS=yes' at the top of the file. | ||
1259 | 102 | |||
1260 | 103 | |||
1261 | 104 | The Auto-Whitelist | ||
1262 | 105 | ------------------ | ||
1263 | 106 | |||
1264 | 107 | The auto-whitelist is enabled using the 'use_auto_whitelist' option. | ||
1265 | 108 | (See http://wiki.apache.org/spamassassin/AutoWhitelist for details on | ||
1266 | 109 | how it works, if you're curious.) | ||
1267 | 110 | |||
1268 | 111 | |||
1269 | 112 | Other Installation Notes | ||
1270 | 113 | ------------------------ | ||
1271 | 114 | |||
1272 | 115 | |||
1273 | 116 | - Hashcash is a useful system; it requires that senders exercise a | ||
1274 | 117 | CPU-intensive task before they can send mail to you, so we give that | ||
1275 | 118 | some bonus points. However, it requires that you list what addresses | ||
1276 | 119 | you expect to receive mail for, by adding 'hashcash_accept' lines to | ||
1277 | 120 | your ~/.spamassassin/user_prefs or /etc/mail/spamassassin/local.cf | ||
1278 | 121 | files. See the Mail::SpamAssassin::Plugin::Hashcash manual page for | ||
1279 | 122 | details on how to specify these. | ||
1280 | 123 | |||
1281 | 124 | |||
1282 | 125 | - SpamAssassin now uses a temporary file in /tmp (or $TMPDIR, if that's | ||
1283 | 126 | set in the environment) for Pyzor and DCC checks. Make sure that this | ||
1284 | 127 | directory is either (a) not writable by other users, or (b) not shared | ||
1285 | 128 | over NFS, for security. | ||
1286 | 129 | |||
1287 | 130 | |||
1288 | 131 | - You can create your own system-wide rules files in | ||
1289 | 132 | /etc/mail/spamassassin; their filenames should end in ".cf". Multiple | ||
1290 | 133 | files will be read, and SpamAssassin will not overwrite these files | ||
1291 | 134 | when installing a new version. | ||
1292 | 135 | |||
1293 | 136 | |||
1294 | 137 | - You should not modify the files in /usr/share/spamassassin; these | ||
1295 | 138 | will be overwritten when you upgrade. Any changes you make in | ||
1296 | 139 | files in the /etc/mail/spamassassin directory, however, will | ||
1297 | 140 | override these files. | ||
1298 | 141 | |||
1299 | 142 | |||
1300 | 143 | - Rules can be turned off by setting their scores to 0 in a | ||
1301 | 144 | configuration or user-preference file. | ||
1302 | 145 | |||
1303 | 146 | |||
1304 | 147 | - Speakers of Chinese, Japanese, Korean or Arabic may find it useful to | ||
1305 | 148 | turn off the rules listed at the end of the "user_prefs.template" | ||
1306 | 149 | file; we've found out that these rules are still triggering on | ||
1307 | 150 | non-spam CJK mails. | ||
1308 | 151 | |||
1309 | 152 | |||
1310 | 153 | - If you have an unusual network configuration, you should probably | ||
1311 | 154 | set 'trusted_networks'. This allows SpamAssassin to determine where | ||
1312 | 155 | your internal network ends and the internet begins, and allows DNS | ||
1313 | 156 | checks to be more accurate. If your mail host is NATed, you will | ||
1314 | 157 | almost certainly need to set 'trusted_networks' to get correct | ||
1315 | 158 | results. | ||
1316 | 159 | |||
1317 | 160 | |||
1318 | 161 | - A very handy new feature is SPF support, which allows you to check | ||
1319 | 162 | that the message sender is permitted by their domain to send from the | ||
1320 | 163 | IP address used. This has the potential to greatly cut down on mail | ||
1321 | 164 | forgery. (see http://spf.pobox.com/ for more details.) | ||
1322 | 165 | |||
1323 | 166 | |||
1324 | 167 | - MDaemon users should add this line to their "local.cf" file: | ||
1325 | 168 | |||
1326 | 169 | report_safe_copy_headers X-MDRcpt-To X-MDRemoteIP X-MDaemon-Deliver-To | ||
1327 | 170 | |||
1328 | 171 | Otherwise, MDaemon's internal delivery will fail when SpamAssassin | ||
1329 | 172 | rewrites a message as spam. | ||
1330 | 173 | |||
1331 | 174 | |||
1332 | 175 | - The distribution includes 'spamd', a daemonized version of | ||
1333 | 176 | SpamAssassin which runs persistently. Using its counterpart, | ||
1334 | 177 | 'spamc', a lightweight client written in C, an MTA can process | ||
1335 | 178 | large volumes of mail through SpamAssassin without having to | ||
1336 | 179 | fork/exec a perl interpreter for each message. Take a look in the | ||
1337 | 180 | 'spamd' and 'spamc' directories for more details. | ||
1338 | 181 | |||
1339 | 182 | |||
1340 | 183 | - The distribution also includes 'spamd-apache2', a mod_perl module | ||
1341 | 184 | allowing the Apache HTTP server to be used as a platform for a | ||
1342 | 185 | daemonized SpamAssassin, in an upwardly-compatible fashion from | ||
1343 | 186 | 'spamd'. If you don't require some of the spamd features it does not | ||
1344 | 187 | implement (such as switching UIDs to read per-user configuration from | ||
1345 | 188 | user home directories), this may be much faster than spamd. Take a | ||
1346 | 189 | look at the 'spamd-apache2' directory for details. | ||
1347 | 190 | |||
1348 | 191 | |||
1349 | 192 | - spamc can now be built as a shared library for use with milters or | ||
1350 | 193 | to link into other existing programs; simply run "make libspamc.so" | ||
1351 | 194 | to build this. | ||
1352 | 195 | |||
1353 | 196 | |||
1354 | 197 | - If you get spammed, it is helpful to everyone else if you re-run | ||
1355 | 198 | spamassassin with the "-r" option to report the message in question as | ||
1356 | 199 | "verified spam". This will add it to Vipul's Razor, DCC and Pyzor, | ||
1357 | 200 | assuming you've set these up appropriately. | ||
1358 | 201 | |||
1359 | 202 | spamassassin -r < spam-message | ||
1360 | 203 | |||
1361 | 204 | If you use mutt as your mail reader, this macro will bind the X key to | ||
1362 | 205 | report a spam message. | ||
1363 | 206 | |||
1364 | 207 | macro index X "| spamassassin -r" | ||
1365 | 208 | |||
1366 | 209 | This is, of course, optional -- but you'll get lots of good-netizen | ||
1367 | 210 | karma. ;) | ||
1368 | 211 | |||
1369 | 212 | |||
1370 | 213 | - Quite often, if you've been on the internet for a while, you'll have | ||
1371 | 214 | accumulated a few old email accounts that nowadays get nothing but | ||
1372 | 215 | spam. You can set these up as spam traps using SpamAssassin; see the | ||
1373 | 216 | ''SPAM TRAPPING'' section of the spamassassin manual page for details. | ||
1374 | 217 | |||
1375 | 218 | If you don't want to go to the bother of setting up a system yourself | ||
1376 | 219 | to do this, take a look here [1] for a simple forwarding-based | ||
1377 | 220 | alternative. | ||
1378 | 221 | |||
1379 | 222 | [1]: http://wiki.apache.org/spamassassin/SpamTrapping | ||
1380 | 223 | |||
1381 | 224 | |||
1382 | 225 | - Scores and other user preferences can now be loaded from, and Bayes | ||
1383 | 226 | and auto-whitelist data can be stored in, an SQL database; see the | ||
1384 | 227 | 'sql' subdirectory for more details. | ||
1385 | 228 | |||
1386 | 229 | If you are setting up a large 'spamd' system-wide installation, with | ||
1387 | 230 | Bayes and/or auto-whitelists, we strongly recommend using SQL as | ||
1388 | 231 | storage. It has proven more reliable than the default DB_File storage | ||
1389 | 232 | backend at several large sites. | ||
1390 | 233 | |||
1391 | 234 | |||
1392 | 235 | - If you are running SpamAssassin under a disk quota, or are setting up | ||
1393 | 236 | 'spamd' with users with disk quotas, be warned that the DB_File | ||
1394 | 237 | database module used by SpamAssassin for Bayes and AWL storage seems | ||
1395 | 238 | to be unreliable in the face of quotas (bug 3796). In this situation, | ||
1396 | 239 | we recommend using SQL storage for those databases, instead of DB_File. | ||
1397 | 240 | |||
1398 | 241 | |||
1399 | 242 | - Lots more ways to integrate SpamAssassin can be read at | ||
1400 | 243 | http://wiki.SpamAssassin.org/ . | ||
1401 | 244 | |||
1402 | 245 | |||
1403 | 246 | (end of USAGE) | ||
1404 | 247 | |||
1405 | 248 | // vim:tw=74: | ||
1406 | 249 | 0 | ||
1407 | === removed directory '.pc/10_change_config_paths/ldap' | |||
1408 | === removed file '.pc/10_change_config_paths/ldap/README' | |||
1409 | --- .pc/10_change_config_paths/ldap/README 2010-03-01 00:57:24 +0000 | |||
1410 | +++ .pc/10_change_config_paths/ldap/README 1970-01-01 00:00:00 +0000 | |||
1411 | @@ -1,116 +0,0 @@ | |||
1412 | 1 | |||
1413 | 2 | Using SpamAssassin With An LDAP Server | ||
1414 | 3 | -------------------------------------- | ||
1415 | 4 | |||
1416 | 5 | SpamAssassin can now load users' score files from an LDAP server. The concept | ||
1417 | 6 | here is to have a web application (PHP/perl/ASP/etc.) that will allow users to | ||
1418 | 7 | be able to update their local preferences on how SpamAssassin will filter their | ||
1419 | 8 | e-mail. The most common use for a system like this would be for users to be | ||
1420 | 9 | able to update the white list of addresses (whitelist_from) without the need | ||
1421 | 10 | for them to update their $HOME/.spamassassin/user_prefs file. It is also quite | ||
1422 | 11 | common for users listed in /etc/passwd to not have a home directory, | ||
1423 | 12 | therefore, the only way to have their own local settings would be through a | ||
1424 | 13 | database or LDAP server. | ||
1425 | 14 | |||
1426 | 15 | SpamAssassin will check the global configuration file (ie. any file matching | ||
1427 | 16 | /etc/mail/spamassassin/*.cf) for the following settings: | ||
1428 | 17 | |||
1429 | 18 | user_scores_dsn ldap://host:port/dc=basedn,dc=de?attr?scope?uid=__USERNAME__ | ||
1430 | 19 | user_scores_ldap_username bind dn | ||
1431 | 20 | user_scores_ldap_password password | ||
1432 | 21 | |||
1433 | 22 | The first option, user_scores_dsn, describes the data source name that will be | ||
1434 | 23 | used to create the connection to your LDAP server. You have to write the DSN as | ||
1435 | 24 | an LDAP URL, the components being the host and port to connect to, the base DN | ||
1436 | 25 | for the search, the scope of the search (base, one or sub), the single | ||
1437 | 26 | attribute being the multivalued attribute used to hold the configuration data | ||
1438 | 27 | (space separated pairs of key and value, just as in a file) and finally the | ||
1439 | 28 | filter being the expression used to filter out the wanted username. Note that | ||
1440 | 29 | the filter expression uses the literal text __USERNAME__ as a placeholder for | ||
1441 | 30 | the username (SpamAssassin will use a s///g statement to replace it with the | ||
1442 | 31 | actual username). | ||
1443 | 32 | |||
1444 | 33 | Examples: | ||
1445 | 34 | |||
1446 | 35 | ldap://localhost:389/dc=koehntopp,dc=de?spamassassin?sub?uid=__USERNAME__ | ||
1447 | 36 | ldap://localhost:389/o=stooges?spamassassin?sub?uid=__USERNAME__ | ||
1448 | 37 | |||
1449 | 38 | |||
1450 | 39 | If the user_scores_dsn option does not exist, SpamAssassin will not attempt | ||
1451 | 40 | to use an LDAP server for retrieving users' preferences. Note that this will | ||
1452 | 41 | NOT look for test rules, only local scores, whitelist_from(s), and | ||
1453 | 42 | required_score. | ||
1454 | 43 | |||
1455 | 44 | Requirements | ||
1456 | 45 | ------------ | ||
1457 | 46 | |||
1458 | 47 | In order for SpamAssassin to work with your LDAP database, you must have | ||
1459 | 48 | the perl Net::LDAP module installed. You'll also need the URI module. | ||
1460 | 49 | |||
1461 | 50 | In order for spamd to use the LDAP driver, you will have to start spamd | ||
1462 | 51 | with the additional parameters '--ldap-config -x'. | ||
1463 | 52 | |||
1464 | 53 | Each user that wants to utilise the SpamAssassin LDAP driver must add | ||
1465 | 54 | the 'spamassassin' attribute in their object (either manually or via the | ||
1466 | 55 | web interface of your making/choice) like this (see the file sa_test.ldif | ||
1467 | 56 | in this directory for a full database example): | ||
1468 | 57 | |||
1469 | 58 | spamassassin: add_header all Foo LDAP read | ||
1470 | 59 | |||
1471 | 60 | Database Schema | ||
1472 | 61 | --------------- | ||
1473 | 62 | |||
1474 | 63 | You can use any schema extension to your user entries with SpamAssassin, | ||
1475 | 64 | as long as the attribute is multivalued and correctly named in your LDAP url. | ||
1476 | 65 | We are currently using a <customername>spamassassin field that is part of | ||
1477 | 66 | our inetOrgPerson subclass. | ||
1478 | 67 | |||
1479 | 68 | Here's an example for openldap's /etc/openldap/schema/inetorgperson.schema : | ||
1480 | 69 | |||
1481 | 70 | # SpamAssassin | ||
1482 | 71 | # see http://SpamAssassin.org/ . | ||
1483 | 72 | attributetype ( 2.16.840.1.113730.3.1.217 | ||
1484 | 73 | NAME 'spamassassin' | ||
1485 | 74 | DESC 'SpamAssassin user preferences settings' | ||
1486 | 75 | EQUALITY caseExactMatch | ||
1487 | 76 | SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) | ||
1488 | 77 | |||
1489 | 78 | (don't forget to add "$ spamassassin" to the objectclass MAY clause.) | ||
1490 | 79 | |||
1491 | 80 | |||
1492 | 81 | Testing SpamAssassin/LDAP | ||
1493 | 82 | ------------------------- | ||
1494 | 83 | |||
1495 | 84 | To test your LDAP setup, and debug any possible problems, you should start | ||
1496 | 85 | spamd with the -D option, which will keep spamd in the foreground, and will | ||
1497 | 86 | output debug message to the terminal. You should then test spamd with a | ||
1498 | 87 | message by calling spamc. You can use the sample-spam.txt file with the | ||
1499 | 88 | following command: | ||
1500 | 89 | |||
1501 | 90 | cat sample-spam.txt | spamc | ||
1502 | 91 | |||
1503 | 92 | Watch the debug output from spamd and look for the following debug line: | ||
1504 | 93 | |||
1505 | 94 | retrieving LDAP prefs for <username>: <value> | ||
1506 | 95 | |||
1507 | 96 | If you do not see the above text, then the LDAP query was not successful, and | ||
1508 | 97 | you should see any error messages reported. <username> should be the user | ||
1509 | 98 | that was passed to spamd and is usually the user executing spamc. | ||
1510 | 99 | |||
1511 | 100 | If you need to set up LDAP, a good guide is here: | ||
1512 | 101 | http://yolinux.com/TUTORIALS/LinuxTutorialLDAP.html | ||
1513 | 102 | |||
1514 | 103 | To test LDAP support using the SpamAssassin test suite, you need to | ||
1515 | 104 | perform a little bit of manual configuration first. See the file | ||
1516 | 105 | "ldap/README.testing" for details. | ||
1517 | 106 | |||
1518 | 107 | |||
1519 | 108 | ****** | ||
1520 | 109 | NB: This should be considered BETA, and the interface or overall | ||
1521 | 110 | operation of LDAP support may change at any time with future releases of SA. | ||
1522 | 111 | ****** | ||
1523 | 112 | |||
1524 | 113 | Please send any comments to <kris at koehntopp.de> and file bugs via | ||
1525 | 114 | <http://issues.apache.org/SpamAssassin/>. | ||
1526 | 115 | |||
1527 | 116 | Kristian Köhntopp | ||
1528 | 117 | 0 | ||
1529 | === removed directory '.pc/10_change_config_paths/lib' | |||
1530 | === removed directory '.pc/10_change_config_paths/lib/Mail' | |||
1531 | === removed directory '.pc/10_change_config_paths/lib/Mail/SpamAssassin' | |||
1532 | === removed file '.pc/10_change_config_paths/lib/Mail/SpamAssassin/Conf.pm' | |||
1533 | --- .pc/10_change_config_paths/lib/Mail/SpamAssassin/Conf.pm 2011-05-14 12:06:12 +0000 | |||
1534 | +++ .pc/10_change_config_paths/lib/Mail/SpamAssassin/Conf.pm 1970-01-01 00:00:00 +0000 | |||
1535 | @@ -1,4035 +0,0 @@ | |||
1536 | 1 | # <@LICENSE> | ||
1537 | 2 | # Licensed to the Apache Software Foundation (ASF) under one or more | ||
1538 | 3 | # contributor license agreements. See the NOTICE file distributed with | ||
1539 | 4 | # this work for additional information regarding copyright ownership. | ||
1540 | 5 | # The ASF licenses this file to you under the Apache License, Version 2.0 | ||
1541 | 6 | # (the "License"); you may not use this file except in compliance with | ||
1542 | 7 | # the License. You may obtain a copy of the License at: | ||
1543 | 8 | # | ||
1544 | 9 | # http://www.apache.org/licenses/LICENSE-2.0 | ||
1545 | 10 | # | ||
1546 | 11 | # Unless required by applicable law or agreed to in writing, software | ||
1547 | 12 | # distributed under the License is distributed on an "AS IS" BASIS, | ||
1548 | 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
1549 | 14 | # See the License for the specific language governing permissions and | ||
1550 | 15 | # limitations under the License. | ||
1551 | 16 | # </@LICENSE> | ||
1552 | 17 | |||
1553 | 18 | =head1 NAME | ||
1554 | 19 | |||
1555 | 20 | Mail::SpamAssassin::Conf - SpamAssassin configuration file | ||
1556 | 21 | |||
1557 | 22 | =head1 SYNOPSIS | ||
1558 | 23 | |||
1559 | 24 | # a comment | ||
1560 | 25 | |||
1561 | 26 | rewrite_header Subject *****SPAM***** | ||
1562 | 27 | |||
1563 | 28 | full PARA_A_2_C_OF_1618 /Paragraph .a.{0,10}2.{0,10}C. of S. 1618/i | ||
1564 | 29 | describe PARA_A_2_C_OF_1618 Claims compliance with senate bill 1618 | ||
1565 | 30 | |||
1566 | 31 | header FROM_HAS_MIXED_NUMS From =~ /\d+[a-z]+\d+\S*@/i | ||
1567 | 32 | describe FROM_HAS_MIXED_NUMS From: contains numbers mixed in with letters | ||
1568 | 33 | |||
1569 | 34 | score A_HREF_TO_REMOVE 2.0 | ||
1570 | 35 | |||
1571 | 36 | lang es describe FROM_FORGED_HOTMAIL Forzado From: simula ser de hotmail.com | ||
1572 | 37 | |||
1573 | 38 | lang pt_BR report O programa detetor de Spam ZOE [...] | ||
1574 | 39 | |||
1575 | 40 | =head1 DESCRIPTION | ||
1576 | 41 | |||
1577 | 42 | SpamAssassin is configured using traditional UNIX-style configuration files, | ||
1578 | 43 | loaded from the C</usr/share/spamassassin> and C</etc/mail/spamassassin> | ||
1579 | 44 | directories. | ||
1580 | 45 | |||
1581 | 46 | The following web page lists the most important configuration settings | ||
1582 | 47 | used to configure SpamAssassin; novices are encouraged to read it first: | ||
1583 | 48 | |||
1584 | 49 | http://wiki.apache.org/spamassassin/ImportantInitialConfigItems | ||
1585 | 50 | |||
1586 | 51 | =head1 FILE FORMAT | ||
1587 | 52 | |||
1588 | 53 | The C<#> character starts a comment, which continues until end of line. | ||
1589 | 54 | B<NOTE:> if the C<#> character is to be used as part of a rule or | ||
1590 | 55 | configuration option, it must be escaped with a backslash. i.e.: C<\#> | ||
1591 | 56 | |||
1592 | 57 | Whitespace in the files is not significant, but please note that starting a | ||
1593 | 58 | line with whitespace is deprecated, as we reserve its use for multi-line rule | ||
1594 | 59 | definitions, at some point in the future. | ||
1595 | 60 | |||
1596 | 61 | Currently, each rule or configuration setting must fit on one-line; multi-line | ||
1597 | 62 | settings are not supported yet. | ||
1598 | 63 | |||
1599 | 64 | File and directory paths can use C<~> to refer to the user's home | ||
1600 | 65 | directory, but no other shell-style path extensions such as globing or | ||
1601 | 66 | C<~user/> are supported. | ||
1602 | 67 | |||
1603 | 68 | Where appropriate below, default values are listed in parentheses. | ||
1604 | 69 | |||
1605 | 70 | =head1 USER PREFERENCES | ||
1606 | 71 | |||
1607 | 72 | The following options can be used in both site-wide (C<local.cf>) and | ||
1608 | 73 | user-specific (C<user_prefs>) configuration files to customize how | ||
1609 | 74 | SpamAssassin handles incoming email messages. | ||
1610 | 75 | |||
1611 | 76 | =cut | ||
1612 | 77 | |||
1613 | 78 | package Mail::SpamAssassin::Conf; | ||
1614 | 79 | |||
1615 | 80 | use strict; | ||
1616 | 81 | use warnings; | ||
1617 | 82 | use bytes; | ||
1618 | 83 | use re 'taint'; | ||
1619 | 84 | |||
1620 | 85 | use Mail::SpamAssassin::Util; | ||
1621 | 86 | use Mail::SpamAssassin::NetSet; | ||
1622 | 87 | use Mail::SpamAssassin::Constants qw(:sa); | ||
1623 | 88 | use Mail::SpamAssassin::Conf::Parser; | ||
1624 | 89 | use Mail::SpamAssassin::Logger; | ||
1625 | 90 | use Mail::SpamAssassin::Util::TieOneStringHash; | ||
1626 | 91 | use Mail::SpamAssassin::Util qw(untaint_var); | ||
1627 | 92 | use File::Spec; | ||
1628 | 93 | |||
1629 | 94 | use vars qw{ | ||
1630 | 95 | @ISA $VERSION | ||
1631 | 96 | $CONF_TYPE_STRING $CONF_TYPE_BOOL | ||
1632 | 97 | $CONF_TYPE_NUMERIC $CONF_TYPE_HASH_KEY_VALUE | ||
1633 | 98 | $CONF_TYPE_ADDRLIST $CONF_TYPE_TEMPLATE | ||
1634 | 99 | $CONF_TYPE_STRINGLIST $CONF_TYPE_IPADDRLIST | ||
1635 | 100 | $CONF_TYPE_NOARGS | ||
1636 | 101 | $INVALID_VALUE $MISSING_REQUIRED_VALUE | ||
1637 | 102 | @MIGRATED_SETTINGS | ||
1638 | 103 | $COLLECT_REGRESSION_TESTS | ||
1639 | 104 | |||
1640 | 105 | $TYPE_HEAD_TESTS $TYPE_HEAD_EVALS | ||
1641 | 106 | $TYPE_BODY_TESTS $TYPE_BODY_EVALS $TYPE_FULL_TESTS $TYPE_FULL_EVALS | ||
1642 | 107 | $TYPE_RAWBODY_TESTS $TYPE_RAWBODY_EVALS $TYPE_URI_TESTS $TYPE_URI_EVALS | ||
1643 | 108 | $TYPE_META_TESTS $TYPE_RBL_EVALS $TYPE_EMPTY_TESTS | ||
1644 | 109 | }; | ||
1645 | 110 | |||
1646 | 111 | @ISA = qw(); | ||
1647 | 112 | |||
1648 | 113 | # odd => eval test. Not constants so they can be shared with Parser | ||
1649 | 114 | # TODO: move to Constants.pm? | ||
1650 | 115 | $TYPE_HEAD_TESTS = 0x0008; | ||
1651 | 116 | $TYPE_HEAD_EVALS = 0x0009; | ||
1652 | 117 | $TYPE_BODY_TESTS = 0x000a; | ||
1653 | 118 | $TYPE_BODY_EVALS = 0x000b; | ||
1654 | 119 | $TYPE_FULL_TESTS = 0x000c; | ||
1655 | 120 | $TYPE_FULL_EVALS = 0x000d; | ||
1656 | 121 | $TYPE_RAWBODY_TESTS = 0x000e; | ||
1657 | 122 | $TYPE_RAWBODY_EVALS = 0x000f; | ||
1658 | 123 | $TYPE_URI_TESTS = 0x0010; | ||
1659 | 124 | $TYPE_URI_EVALS = 0x0011; | ||
1660 | 125 | $TYPE_META_TESTS = 0x0012; | ||
1661 | 126 | $TYPE_RBL_EVALS = 0x0013; | ||
1662 | 127 | $TYPE_EMPTY_TESTS = 0x0014; | ||
1663 | 128 | |||
1664 | 129 | my @rule_types = ("body_tests", "uri_tests", "uri_evals", | ||
1665 | 130 | "head_tests", "head_evals", "body_evals", "full_tests", | ||
1666 | 131 | "full_evals", "rawbody_tests", "rawbody_evals", | ||
1667 | 132 | "rbl_evals", "meta_tests"); | ||
1668 | 133 | |||
1669 | 134 | $VERSION = 'bogus'; # avoid CPAN.pm picking up version strings later | ||
1670 | 135 | |||
1671 | 136 | # these are variables instead of constants so that other classes can | ||
1672 | 137 | # access them; if they're constants, they'd have to go in Constants.pm | ||
1673 | 138 | # TODO: move to Constants.pm? | ||
1674 | 139 | $CONF_TYPE_STRING = 1; | ||
1675 | 140 | $CONF_TYPE_BOOL = 2; | ||
1676 | 141 | $CONF_TYPE_NUMERIC = 3; | ||
1677 | 142 | $CONF_TYPE_HASH_KEY_VALUE = 4; | ||
1678 | 143 | $CONF_TYPE_ADDRLIST = 5; | ||
1679 | 144 | $CONF_TYPE_TEMPLATE = 6; | ||
1680 | 145 | $CONF_TYPE_NOARGS = 7; | ||
1681 | 146 | $CONF_TYPE_STRINGLIST = 8; | ||
1682 | 147 | $CONF_TYPE_IPADDRLIST = 9; | ||
1683 | 148 | $MISSING_REQUIRED_VALUE = -99999999999999; | ||
1684 | 149 | $INVALID_VALUE = -99999999999998; | ||
1685 | 150 | |||
1686 | 151 | # set to "1" by the test suite code, to record regression tests | ||
1687 | 152 | # $Mail::SpamAssassin::Conf::COLLECT_REGRESSION_TESTS = 1; | ||
1688 | 153 | |||
1689 | 154 | # search for "sub new {" to find the start of the code | ||
1690 | 155 | ########################################################################### | ||
1691 | 156 | |||
1692 | 157 | sub set_default_commands { | ||
1693 | 158 | my($self) = @_; | ||
1694 | 159 | |||
1695 | 160 | # see "perldoc Mail::SpamAssassin::Conf::Parser" for details on this fmt. | ||
1696 | 161 | # push each config item like this, to avoid a POD bug; it can't just accept | ||
1697 | 162 | # ( { ... }, { ... }, { ...} ) otherwise POD parsing dies. | ||
1698 | 163 | my @cmds; | ||
1699 | 164 | |||
1700 | 165 | =head2 SCORING OPTIONS | ||
1701 | 166 | |||
1702 | 167 | =over 4 | ||
1703 | 168 | |||
1704 | 169 | =item required_score n.nn (default: 5) | ||
1705 | 170 | |||
1706 | 171 | Set the score required before a mail is considered spam. C<n.nn> can | ||
1707 | 172 | be an integer or a real number. 5.0 is the default setting, and is | ||
1708 | 173 | quite aggressive; it would be suitable for a single-user setup, but if | ||
1709 | 174 | you're an ISP installing SpamAssassin, you should probably set the | ||
1710 | 175 | default to be more conservative, like 8.0 or 10.0. It is not | ||
1711 | 176 | recommended to automatically delete or discard messages marked as | ||
1712 | 177 | spam, as your users B<will> complain, but if you choose to do so, only | ||
1713 | 178 | delete messages with an exceptionally high score such as 15.0 or | ||
1714 | 179 | higher. This option was previously known as C<required_hits> and that | ||
1715 | 180 | name is still accepted, but is deprecated. | ||
1716 | 181 | |||
1717 | 182 | =cut | ||
1718 | 183 | |||
1719 | 184 | push (@cmds, { | ||
1720 | 185 | setting => 'required_score', | ||
1721 | 186 | aliases => ['required_hits'], # backwards compat | ||
1722 | 187 | default => 5, | ||
1723 | 188 | type => $CONF_TYPE_NUMERIC, | ||
1724 | 189 | }); | ||
1725 | 190 | |||
1726 | 191 | =item score SYMBOLIC_TEST_NAME n.nn [ n.nn n.nn n.nn ] | ||
1727 | 192 | |||
1728 | 193 | Assign scores (the number of points for a hit) to a given test. | ||
1729 | 194 | Scores can be positive or negative real numbers or integers. | ||
1730 | 195 | C<SYMBOLIC_TEST_NAME> is the symbolic name used by SpamAssassin for | ||
1731 | 196 | that test; for example, 'FROM_ENDS_IN_NUMS'. | ||
1732 | 197 | |||
1733 | 198 | If only one valid score is listed, then that score is always used | ||
1734 | 199 | for a test. | ||
1735 | 200 | |||
1736 | 201 | If four valid scores are listed, then the score that is used depends | ||
1737 | 202 | on how SpamAssassin is being used. The first score is used when | ||
1738 | 203 | both Bayes and network tests are disabled (score set 0). The second | ||
1739 | 204 | score is used when Bayes is disabled, but network tests are enabled | ||
1740 | 205 | (score set 1). The third score is used when Bayes is enabled and | ||
1741 | 206 | network tests are disabled (score set 2). The fourth score is used | ||
1742 | 207 | when Bayes is enabled and network tests are enabled (score set 3). | ||
1743 | 208 | |||
1744 | 209 | Setting a rule's score to 0 will disable that rule from running. | ||
1745 | 210 | |||
1746 | 211 | If any of the score values are surrounded by parenthesis '()', then | ||
1747 | 212 | all of the scores in the line are considered to be relative to the | ||
1748 | 213 | already set score. ie: '(3)' means increase the score for this | ||
1749 | 214 | rule by 3 points in all score sets. '(3) (0) (3) (0)' means increase | ||
1750 | 215 | the score for this rule by 3 in score sets 0 and 2 only. | ||
1751 | 216 | |||
1752 | 217 | If no score is given for a test by the end of the configuration, | ||
1753 | 218 | a default score is assigned: a score of 1.0 is used for all tests, | ||
1754 | 219 | except those whose names begin with 'T_' (this is used to indicate a | ||
1755 | 220 | rule in testing) which receive 0.01. | ||
1756 | 221 | |||
1757 | 222 | Note that test names which begin with '__' are indirect rules used | ||
1758 | 223 | to compose meta-match rules and can also act as prerequisites to | ||
1759 | 224 | other rules. They are not scored or listed in the 'tests hit' | ||
1760 | 225 | reports, but assigning a score of 0 to an indirect rule will disable | ||
1761 | 226 | it from running. | ||
1762 | 227 | |||
1763 | 228 | =cut | ||
1764 | 229 | |||
1765 | 230 | push (@cmds, { | ||
1766 | 231 | setting => 'score', | ||
1767 | 232 | is_frequent => 1, | ||
1768 | 233 | code => sub { | ||
1769 | 234 | my ($self, $key, $value, $line) = @_; | ||
1770 | 235 | my($rule, @scores) = split(/\s+/, $value); | ||
1771 | 236 | unless (defined $value && $value !~ /^$/ && | ||
1772 | 237 | (scalar @scores == 1 || scalar @scores == 4)) { | ||
1773 | 238 | info("config: score: requires a symbolic rule name and 1 or 4 scores"); | ||
1774 | 239 | return $MISSING_REQUIRED_VALUE; | ||
1775 | 240 | } | ||
1776 | 241 | |||
1777 | 242 | # Figure out if we're doing relative scores, remove the parens if we are | ||
1778 | 243 | my $relative = 0; | ||
1779 | 244 | foreach (@scores) { | ||
1780 | 245 | local ($1); | ||
1781 | 246 | if (s/^\((-?\d+(?:\.\d+)?)\)$/$1/) { | ||
1782 | 247 | $relative = 1; | ||
1783 | 248 | } | ||
1784 | 249 | unless (/^-?\d+(?:\.\d+)?$/) { | ||
1785 | 250 | info("config: score: the non-numeric score ($_) is not valid, " . | ||
1786 | 251 | "a numeric score is required"); | ||
1787 | 252 | return $INVALID_VALUE; | ||
1788 | 253 | } | ||
1789 | 254 | } | ||
1790 | 255 | |||
1791 | 256 | if ($relative && !exists $self->{scoreset}->[0]->{$rule}) { | ||
1792 | 257 | info("config: score: relative score without previous setting in " . | ||
1793 | 258 | "configuration"); | ||
1794 | 259 | return $INVALID_VALUE; | ||
1795 | 260 | } | ||
1796 | 261 | |||
1797 | 262 | # If we're only passed 1 score, copy it to the other scoresets | ||
1798 | 263 | if (@scores) { | ||
1799 | 264 | if (@scores != 4) { | ||
1800 | 265 | @scores = ( $scores[0], $scores[0], $scores[0], $scores[0] ); | ||
1801 | 266 | } | ||
1802 | 267 | |||
1803 | 268 | # Set the actual scoreset values appropriately | ||
1804 | 269 | for my $index (0..3) { | ||
1805 | 270 | my $score = $relative ? | ||
1806 | 271 | $self->{scoreset}->[$index]->{$rule} + $scores[$index] : | ||
1807 | 272 | $scores[$index]; | ||
1808 | 273 | |||
1809 | 274 | $self->{scoreset}->[$index]->{$rule} = $score + 0.0; | ||
1810 | 275 | } | ||
1811 | 276 | } | ||
1812 | 277 | } | ||
1813 | 278 | }); | ||
1814 | 279 | |||
1815 | 280 | =back | ||
1816 | 281 | |||
1817 | 282 | =head2 WHITELIST AND BLACKLIST OPTIONS | ||
1818 | 283 | |||
1819 | 284 | =over 4 | ||
1820 | 285 | |||
1821 | 286 | =item whitelist_from user@example.com | ||
1822 | 287 | |||
1823 | 288 | Used to whitelist sender addresses which send mail that is often tagged | ||
1824 | 289 | (incorrectly) as spam. | ||
1825 | 290 | |||
1826 | 291 | Use of this setting is not recommended, since it blindly trusts the message, | ||
1827 | 292 | which is routinely and easily forged by spammers and phish senders. The | ||
1828 | 293 | recommended solution is to instead use C<whitelist_auth> or other authenticated | ||
1829 | 294 | whitelisting methods, or C<whitelist_from_rcvd>. | ||
1830 | 295 | |||
1831 | 296 | Whitelist and blacklist addresses are now file-glob-style patterns, so | ||
1832 | 297 | C<friend@somewhere.com>, C<*@isp.com>, or C<*.domain.net> will all work. | ||
1833 | 298 | Specifically, C<*> and C<?> are allowed, but all other metacharacters are not. | ||
1834 | 299 | Regular expressions are not used for security reasons. | ||
1835 | 300 | |||
1836 | 301 | Multiple addresses per line, separated by spaces, is OK. Multiple | ||
1837 | 302 | C<whitelist_from> lines is also OK. | ||
1838 | 303 | |||
1839 | 304 | The headers checked for whitelist addresses are as follows: if C<Resent-From> | ||
1840 | 305 | is set, use that; otherwise check all addresses taken from the following | ||
1841 | 306 | set of headers: | ||
1842 | 307 | |||
1843 | 308 | Envelope-Sender | ||
1844 | 309 | Resent-Sender | ||
1845 | 310 | X-Envelope-From | ||
1846 | 311 | From | ||
1847 | 312 | |||
1848 | 313 | In addition, the "envelope sender" data, taken from the SMTP envelope data | ||
1849 | 314 | where this is available, is looked up. See C<envelope_sender_header>. | ||
1850 | 315 | |||
1851 | 316 | e.g. | ||
1852 | 317 | |||
1853 | 318 | whitelist_from joe@example.com fred@example.com | ||
1854 | 319 | whitelist_from *@example.com | ||
1855 | 320 | |||
1856 | 321 | =cut | ||
1857 | 322 | |||
1858 | 323 | push (@cmds, { | ||
1859 | 324 | setting => 'whitelist_from', | ||
1860 | 325 | type => $CONF_TYPE_ADDRLIST, | ||
1861 | 326 | }); | ||
1862 | 327 | |||
1863 | 328 | =item unwhitelist_from user@example.com | ||
1864 | 329 | |||
1865 | 330 | Used to override a default whitelist_from entry, so for example a distribution | ||
1866 | 331 | whitelist_from can be overridden in a local.cf file, or an individual user can | ||
1867 | 332 | override a whitelist_from entry in their own C<user_prefs> file. | ||
1868 | 333 | The specified email address has to match exactly the address previously | ||
1869 | 334 | used in a whitelist_from line. | ||
1870 | 335 | |||
1871 | 336 | e.g. | ||
1872 | 337 | |||
1873 | 338 | unwhitelist_from joe@example.com fred@example.com | ||
1874 | 339 | unwhitelist_from *@example.com | ||
1875 | 340 | |||
1876 | 341 | =cut | ||
1877 | 342 | |||
1878 | 343 | push (@cmds, { | ||
1879 | 344 | command => 'unwhitelist_from', | ||
1880 | 345 | setting => 'whitelist_from', | ||
1881 | 346 | type => $CONF_TYPE_ADDRLIST, | ||
1882 | 347 | code => \&Mail::SpamAssassin::Conf::Parser::remove_addrlist_value | ||
1883 | 348 | }); | ||
1884 | 349 | |||
1885 | 350 | =item whitelist_from_rcvd addr@lists.sourceforge.net sourceforge.net | ||
1886 | 351 | |||
1887 | 352 | Works similarly to whitelist_from, except that in addition to matching | ||
1888 | 353 | a sender address, a relay's rDNS name must match too for the whitelisting | ||
1889 | 354 | rule to fire. The first parameter is an address to whitelist, and the | ||
1890 | 355 | second is a string to match the relay's rDNS. | ||
1891 | 356 | |||
1892 | 357 | This string is matched against the reverse DNS lookup used during the handover | ||
1893 | 358 | from the internet to your internal network's mail exchangers. It can | ||
1894 | 359 | either be the full hostname, or the domain component of that hostname. In | ||
1895 | 360 | other words, if the host that connected to your MX had an IP address that | ||
1896 | 361 | mapped to 'sendinghost.spamassassin.org', you should specify | ||
1897 | 362 | C<sendinghost.spamassassin.org> or just C<spamassassin.org> here. | ||
1898 | 363 | |||
1899 | 364 | Note that this requires that C<internal_networks> be correct. For simple cases, | ||
1900 | 365 | it will be, but for a complex network you may get better results by setting that | ||
1901 | 366 | parameter. | ||
1902 | 367 | |||
1903 | 368 | It also requires that your mail exchangers be configured to perform DNS | ||
1904 | 369 | reverse lookups on the connecting host's IP address, and to record the | ||
1905 | 370 | result in the generated Received: header. | ||
1906 | 371 | |||
1907 | 372 | e.g. | ||
1908 | 373 | |||
1909 | 374 | whitelist_from_rcvd joe@example.com example.com | ||
1910 | 375 | whitelist_from_rcvd *@axkit.org sergeant.org | ||
1911 | 376 | |||
1912 | 377 | =item def_whitelist_from_rcvd addr@lists.sourceforge.net sourceforge.net | ||
1913 | 378 | |||
1914 | 379 | Same as C<whitelist_from_rcvd>, but used for the default whitelist entries | ||
1915 | 380 | in the SpamAssassin distribution. The whitelist score is lower, because | ||
1916 | 381 | these are often targets for spammer spoofing. | ||
1917 | 382 | |||
1918 | 383 | =cut | ||
1919 | 384 | |||
1920 | 385 | push (@cmds, { | ||
1921 | 386 | setting => 'whitelist_from_rcvd', | ||
1922 | 387 | type => $CONF_TYPE_ADDRLIST, | ||
1923 | 388 | code => sub { | ||
1924 | 389 | my ($self, $key, $value, $line) = @_; | ||
1925 | 390 | unless (defined $value && $value !~ /^$/) { | ||
1926 | 391 | return $MISSING_REQUIRED_VALUE; | ||
1927 | 392 | } | ||
1928 | 393 | unless ($value =~ /^\S+\s+\S+$/) { | ||
1929 | 394 | return $INVALID_VALUE; | ||
1930 | 395 | } | ||
1931 | 396 | $self->{parser}->add_to_addrlist_rcvd ('whitelist_from_rcvd', | ||
1932 | 397 | split(/\s+/, $value)); | ||
1933 | 398 | } | ||
1934 | 399 | }); | ||
1935 | 400 | |||
1936 | 401 | push (@cmds, { | ||
1937 | 402 | setting => 'def_whitelist_from_rcvd', | ||
1938 | 403 | type => $CONF_TYPE_ADDRLIST, | ||
1939 | 404 | code => sub { | ||
1940 | 405 | my ($self, $key, $value, $line) = @_; | ||
1941 | 406 | unless (defined $value && $value !~ /^$/) { | ||
1942 | 407 | return $MISSING_REQUIRED_VALUE; | ||
1943 | 408 | } | ||
1944 | 409 | unless ($value =~ /^\S+\s+\S+$/) { | ||
1945 | 410 | return $INVALID_VALUE; | ||
1946 | 411 | } | ||
1947 | 412 | $self->{parser}->add_to_addrlist_rcvd ('def_whitelist_from_rcvd', | ||
1948 | 413 | split(/\s+/, $value)); | ||
1949 | 414 | } | ||
1950 | 415 | }); | ||
1951 | 416 | |||
1952 | 417 | =item whitelist_allows_relays user@example.com | ||
1953 | 418 | |||
1954 | 419 | Specify addresses which are in C<whitelist_from_rcvd> that sometimes | ||
1955 | 420 | send through a mail relay other than the listed ones. By default mail | ||
1956 | 421 | with a From address that is in C<whitelist_from_rcvd> that does not match | ||
1957 | 422 | the relay will trigger a forgery rule. Including the address in | ||
1958 | 423 | C<whitelist_allows_relay> prevents that. | ||
1959 | 424 | |||
1960 | 425 | Whitelist and blacklist addresses are now file-glob-style patterns, so | ||
1961 | 426 | C<friend@somewhere.com>, C<*@isp.com>, or C<*.domain.net> will all work. | ||
1962 | 427 | Specifically, C<*> and C<?> are allowed, but all other metacharacters are not. | ||
1963 | 428 | Regular expressions are not used for security reasons. | ||
1964 | 429 | |||
1965 | 430 | Multiple addresses per line, separated by spaces, is OK. Multiple | ||
1966 | 431 | C<whitelist_allows_relays> lines is also OK. | ||
1967 | 432 | |||
1968 | 433 | The specified email address does not have to match exactly the address | ||
1969 | 434 | previously used in a whitelist_from_rcvd line as it is compared to the | ||
1970 | 435 | address in the header. | ||
1971 | 436 | |||
1972 | 437 | e.g. | ||
1973 | 438 | |||
1974 | 439 | whitelist_allows_relays joe@example.com fred@example.com | ||
1975 | 440 | whitelist_allows_relays *@example.com | ||
1976 | 441 | |||
1977 | 442 | =cut | ||
1978 | 443 | |||
1979 | 444 | push (@cmds, { | ||
1980 | 445 | setting => 'whitelist_allows_relays', | ||
1981 | 446 | type => $CONF_TYPE_ADDRLIST, | ||
1982 | 447 | }); | ||
1983 | 448 | |||
1984 | 449 | =item unwhitelist_from_rcvd user@example.com | ||
1985 | 450 | |||
1986 | 451 | Used to override a default whitelist_from_rcvd entry, so for example a | ||
1987 | 452 | distribution whitelist_from_rcvd can be overridden in a local.cf file, | ||
1988 | 453 | or an individual user can override a whitelist_from_rcvd entry in | ||
1989 | 454 | their own C<user_prefs> file. | ||
1990 | 455 | |||
1991 | 456 | The specified email address has to match exactly the address previously | ||
1992 | 457 | used in a whitelist_from_rcvd line. | ||
1993 | 458 | |||
1994 | 459 | e.g. | ||
1995 | 460 | |||
1996 | 461 | unwhitelist_from_rcvd joe@example.com fred@example.com | ||
1997 | 462 | unwhitelist_from_rcvd *@axkit.org | ||
1998 | 463 | |||
1999 | 464 | =cut | ||
2000 | 465 | |||
2001 | 466 | push (@cmds, { | ||
2002 | 467 | setting => 'unwhitelist_from_rcvd', | ||
2003 | 468 | type => $CONF_TYPE_ADDRLIST, | ||
2004 | 469 | code => sub { | ||
2005 | 470 | my ($self, $key, $value, $line) = @_; | ||
2006 | 471 | unless (defined $value && $value !~ /^$/) { | ||
2007 | 472 | return $MISSING_REQUIRED_VALUE; | ||
2008 | 473 | } | ||
2009 | 474 | unless ($value =~ /^(?:\S+(?:\s+\S+)*)$/) { | ||
2010 | 475 | return $INVALID_VALUE; | ||
2011 | 476 | } | ||
2012 | 477 | $self->{parser}->remove_from_addrlist_rcvd('whitelist_from_rcvd', | ||
2013 | 478 | split (/\s+/, $value)); | ||
2014 | 479 | $self->{parser}->remove_from_addrlist_rcvd('def_whitelist_from_rcvd', | ||
2015 | 480 | split (/\s+/, $value)); | ||
2016 | 481 | } | ||
2017 | 482 | }); | ||
2018 | 483 | |||
2019 | 484 | =item blacklist_from user@example.com | ||
2020 | 485 | |||
2021 | 486 | Used to specify addresses which send mail that is often tagged (incorrectly) as | ||
2022 | 487 | non-spam, but which the user doesn't want. Same format as C<whitelist_from>. | ||
2023 | 488 | |||
2024 | 489 | =cut | ||
2025 | 490 | |||
2026 | 491 | push (@cmds, { | ||
2027 | 492 | setting => 'blacklist_from', | ||
2028 | 493 | type => $CONF_TYPE_ADDRLIST, | ||
2029 | 494 | }); | ||
2030 | 495 | |||
2031 | 496 | =item unblacklist_from user@example.com | ||
2032 | 497 | |||
2033 | 498 | Used to override a default blacklist_from entry, so for example a | ||
2034 | 499 | distribution blacklist_from can be overridden in a local.cf file, or | ||
2035 | 500 | an individual user can override a blacklist_from entry in their own | ||
2036 | 501 | C<user_prefs> file. The specified email address has to match exactly | ||
2037 | 502 | the address previously used in a blacklist_from line. | ||
2038 | 503 | |||
2039 | 504 | |||
2040 | 505 | e.g. | ||
2041 | 506 | |||
2042 | 507 | unblacklist_from joe@example.com fred@example.com | ||
2043 | 508 | unblacklist_from *@spammer.com | ||
2044 | 509 | |||
2045 | 510 | =cut | ||
2046 | 511 | |||
2047 | 512 | |||
2048 | 513 | push (@cmds, { | ||
2049 | 514 | command => 'unblacklist_from', | ||
2050 | 515 | setting => 'blacklist_from', | ||
2051 | 516 | type => $CONF_TYPE_ADDRLIST, | ||
2052 | 517 | code => \&Mail::SpamAssassin::Conf::Parser::remove_addrlist_value | ||
2053 | 518 | }); | ||
2054 | 519 | |||
2055 | 520 | |||
2056 | 521 | =item whitelist_to user@example.com | ||
2057 | 522 | |||
2058 | 523 | If the given address appears as a recipient in the message headers | ||
2059 | 524 | (Resent-To, To, Cc, obvious envelope recipient, etc.) the mail will | ||
2060 | 525 | be whitelisted. Useful if you're deploying SpamAssassin system-wide, | ||
2061 | 526 | and don't want some users to have their mail filtered. Same format | ||
2062 | 527 | as C<whitelist_from>. | ||
2063 | 528 | |||
2064 | 529 | There are three levels of To-whitelisting, C<whitelist_to>, C<more_spam_to> | ||
2065 | 530 | and C<all_spam_to>. Users in the first level may still get some spammish | ||
2066 | 531 | mails blocked, but users in C<all_spam_to> should never get mail blocked. | ||
2067 | 532 | |||
2068 | 533 | The headers checked for whitelist addresses are as follows: if C<Resent-To> or | ||
2069 | 534 | C<Resent-Cc> are set, use those; otherwise check all addresses taken from the | ||
2070 | 535 | following set of headers: | ||
2071 | 536 | |||
2072 | 537 | To | ||
2073 | 538 | Cc | ||
2074 | 539 | Apparently-To | ||
2075 | 540 | Delivered-To | ||
2076 | 541 | Envelope-Recipients | ||
2077 | 542 | Apparently-Resent-To | ||
2078 | 543 | X-Envelope-To | ||
2079 | 544 | Envelope-To | ||
2080 | 545 | X-Delivered-To | ||
2081 | 546 | X-Original-To | ||
2082 | 547 | X-Rcpt-To | ||
2083 | 548 | X-Real-To | ||
2084 | 549 | |||
2085 | 550 | =item more_spam_to user@example.com | ||
2086 | 551 | |||
2087 | 552 | See above. | ||
2088 | 553 | |||
2089 | 554 | =item all_spam_to user@example.com | ||
2090 | 555 | |||
2091 | 556 | See above. | ||
2092 | 557 | |||
2093 | 558 | =cut | ||
2094 | 559 | |||
2095 | 560 | push (@cmds, { | ||
2096 | 561 | setting => 'whitelist_to', | ||
2097 | 562 | type => $CONF_TYPE_ADDRLIST, | ||
2098 | 563 | }); | ||
2099 | 564 | push (@cmds, { | ||
2100 | 565 | setting => 'more_spam_to', | ||
2101 | 566 | type => $CONF_TYPE_ADDRLIST, | ||
2102 | 567 | }); | ||
2103 | 568 | push (@cmds, { | ||
2104 | 569 | setting => 'all_spam_to', | ||
2105 | 570 | type => $CONF_TYPE_ADDRLIST, | ||
2106 | 571 | }); | ||
2107 | 572 | |||
2108 | 573 | =item blacklist_to user@example.com | ||
2109 | 574 | |||
2110 | 575 | If the given address appears as a recipient in the message headers | ||
2111 | 576 | (Resent-To, To, Cc, obvious envelope recipient, etc.) the mail will | ||
2112 | 577 | be blacklisted. Same format as C<blacklist_from>. | ||
2113 | 578 | |||
2114 | 579 | =cut | ||
2115 | 580 | |||
2116 | 581 | push (@cmds, { | ||
2117 | 582 | setting => 'blacklist_to', | ||
2118 | 583 | type => $CONF_TYPE_ADDRLIST, | ||
2119 | 584 | }); | ||
2120 | 585 | |||
2121 | 586 | =item whitelist_auth user@example.com | ||
2122 | 587 | |||
2123 | 588 | Used to specify addresses which send mail that is often tagged (incorrectly) as | ||
2124 | 589 | spam. This is different from C<whitelist_from> and C<whitelist_from_rcvd> in | ||
2125 | 590 | that it first verifies that the message was sent by an authorized sender for | ||
2126 | 591 | the address, before whitelisting. | ||
2127 | 592 | |||
2128 | 593 | Authorization is performed using one of the installed sender-authorization | ||
2129 | 594 | schemes: SPF (using C<Mail::SpamAssassin::Plugin::SPF>), or DKIM (using | ||
2130 | 595 | C<Mail::SpamAssassin::Plugin::DKIM>). Note that those plugins must be active, | ||
2131 | 596 | and working, for this to operate. | ||
2132 | 597 | |||
2133 | 598 | Using C<whitelist_auth> is roughly equivalent to specifying duplicate | ||
2134 | 599 | C<whitelist_from_spf>, C<whitelist_from_dk>, and C<whitelist_from_dkim> lines | ||
2135 | 600 | for each of the addresses specified. | ||
2136 | 601 | |||
2137 | 602 | e.g. | ||
2138 | 603 | |||
2139 | 604 | whitelist_auth joe@example.com fred@example.com | ||
2140 | 605 | whitelist_auth *@example.com | ||
2141 | 606 | |||
2142 | 607 | =item def_whitelist_auth user@example.com | ||
2143 | 608 | |||
2144 | 609 | Same as C<whitelist_auth>, but used for the default whitelist entries | ||
2145 | 610 | in the SpamAssassin distribution. The whitelist score is lower, because | ||
2146 | 611 | these are often targets for spammer spoofing. | ||
2147 | 612 | |||
2148 | 613 | =cut | ||
2149 | 614 | |||
2150 | 615 | push (@cmds, { | ||
2151 | 616 | setting => 'whitelist_auth', | ||
2152 | 617 | type => $CONF_TYPE_ADDRLIST, | ||
2153 | 618 | }); | ||
2154 | 619 | |||
2155 | 620 | push (@cmds, { | ||
2156 | 621 | setting => 'def_whitelist_auth', | ||
2157 | 622 | type => $CONF_TYPE_ADDRLIST, | ||
2158 | 623 | }); | ||
2159 | 624 | |||
2160 | 625 | =item unwhitelist_auth user@example.com | ||
2161 | 626 | |||
2162 | 627 | Used to override a C<whitelist_auth> entry. The specified email address has to | ||
2163 | 628 | match exactly the address previously used in a C<whitelist_auth> line. | ||
2164 | 629 | |||
2165 | 630 | e.g. | ||
2166 | 631 | |||
2167 | 632 | unwhitelist_auth joe@example.com fred@example.com | ||
2168 | 633 | unwhitelist_auth *@example.com | ||
2169 | 634 | |||
2170 | 635 | =cut | ||
2171 | 636 | |||
2172 | 637 | push (@cmds, { | ||
2173 | 638 | command => 'unwhitelist_auth', | ||
2174 | 639 | setting => 'whitelist_auth', | ||
2175 | 640 | type => $CONF_TYPE_ADDRLIST, | ||
2176 | 641 | code => \&Mail::SpamAssassin::Conf::Parser::remove_addrlist_value | ||
2177 | 642 | }); | ||
2178 | 643 | |||
2179 | 644 | =back | ||
2180 | 645 | |||
2181 | 646 | =head2 BASIC MESSAGE TAGGING OPTIONS | ||
2182 | 647 | |||
2183 | 648 | =over 4 | ||
2184 | 649 | |||
2185 | 650 | =item rewrite_header { subject | from | to } STRING | ||
2186 | 651 | |||
2187 | 652 | By default, suspected spam messages will not have the C<Subject>, | ||
2188 | 653 | C<From> or C<To> lines tagged to indicate spam. By setting this option, | ||
2189 | 654 | the header will be tagged with C<STRING> to indicate that a message is | ||
2190 | 655 | spam. For the From or To headers, this will take the form of an RFC 2822 | ||
2191 | 656 | comment following the address in parantheses. For the Subject header, | ||
2192 | 657 | this will be prepended to the original subject. Note that you should | ||
2193 | 658 | only use the _REQD_ and _SCORE_ tags when rewriting the Subject header | ||
2194 | 659 | if C<report_safe> is 0. Otherwise, you may not be able to remove | ||
2195 | 660 | the SpamAssassin markup via the normal methods. More information | ||
2196 | 661 | about tags is explained below in the B<TEMPLATE TAGS> section. | ||
2197 | 662 | |||
2198 | 663 | Parentheses are not permitted in STRING if rewriting the From or To headers. | ||
2199 | 664 | (They will be converted to square brackets.) | ||
2200 | 665 | |||
2201 | 666 | If C<rewrite_header subject> is used, but the message being rewritten | ||
2202 | 667 | does not already contain a C<Subject> header, one will be created. | ||
2203 | 668 | |||
2204 | 669 | A null value for C<STRING> will remove any existing rewrite for the specified | ||
2205 | 670 | header. | ||
2206 | 671 | |||
2207 | 672 | =cut | ||
2208 | 673 | |||
2209 | 674 | push (@cmds, { | ||
2210 | 675 | setting => 'rewrite_header', | ||
2211 | 676 | type => $CONF_TYPE_HASH_KEY_VALUE, | ||
2212 | 677 | code => sub { | ||
2213 | 678 | my ($self, $key, $value, $line) = @_; | ||
2214 | 679 | my($hdr, $string) = split(/\s+/, $value, 2); | ||
2215 | 680 | $hdr = ucfirst(lc($hdr)); | ||
2216 | 681 | |||
2217 | 682 | if ($hdr =~ /^$/) { | ||
2218 | 683 | return $MISSING_REQUIRED_VALUE; | ||
2219 | 684 | } | ||
2220 | 685 | # We only deal with From, Subject, and To ... | ||
2221 | 686 | elsif ($hdr =~ /^(?:From|Subject|To)$/) { | ||
2222 | 687 | unless (defined $string && $string =~ /\S/) { | ||
2223 | 688 | delete $self->{rewrite_header}->{$hdr}; | ||
2224 | 689 | return; | ||
2225 | 690 | } | ||
2226 | 691 | |||
2227 | 692 | if ($hdr ne 'Subject') { | ||
2228 | 693 | $string =~ tr/()/[]/; | ||
2229 | 694 | } | ||
2230 | 695 | $self->{rewrite_header}->{$hdr} = $string; | ||
2231 | 696 | return; | ||
2232 | 697 | } | ||
2233 | 698 | else { | ||
2234 | 699 | # if we get here, note the issue, then we'll fail through for an error. | ||
2235 | 700 | info("config: rewrite_header: ignoring $hdr, not From, Subject, or To"); | ||
2236 | 701 | return $INVALID_VALUE; | ||
2237 | 702 | } | ||
2238 | 703 | } | ||
2239 | 704 | }); | ||
2240 | 705 | |||
2241 | 706 | =item add_header { spam | ham | all } header_name string | ||
2242 | 707 | |||
2243 | 708 | Customized headers can be added to the specified type of messages (spam, | ||
2244 | 709 | ham, or "all" to add to either). All headers begin with C<X-Spam-> | ||
2245 | 710 | (so a C<header_name> Foo will generate a header called X-Spam-Foo). | ||
2246 | 711 | header_name is restricted to the character set [A-Za-z0-9_-]. | ||
2247 | 712 | |||
2248 | 713 | The order of C<add_header> configuration options is preserved, inserted | ||
2249 | 714 | headers will follow this order of declarations. When combining C<add_header> | ||
2250 | 715 | with C<clear_headers> and C<remove_header>, keep in mind that C<add_header> | ||
2251 | 716 | appends a new header to the current list, after first removing any existing | ||
2252 | 717 | header fields of the same name. Note also that C<add_header>, C<clear_headers> | ||
2253 | 718 | and C<remove_header> may appear in multiple .cf files, which are interpreted | ||
2254 | 719 | in alphabetic order. | ||
2255 | 720 | |||
2256 | 721 | C<string> can contain tags as explained below in the B<TEMPLATE TAGS> section. | ||
2257 | 722 | You can also use C<\n> and C<\t> in the header to add newlines and tabulators | ||
2258 | 723 | as desired. A backslash has to be written as \\, any other escaped chars will | ||
2259 | 724 | be silently removed. | ||
2260 | 725 | |||
2261 | 726 | All headers will be folded if fold_headers is set to C<1>. Note: Manually | ||
2262 | 727 | adding newlines via C<\n> disables any further automatic wrapping (ie: | ||
2263 | 728 | long header lines are possible). The lines will still be properly folded | ||
2264 | 729 | (marked as continuing) though. | ||
2265 | 730 | |||
2266 | 731 | You can customize existing headers with B<add_header> (only the specified | ||
2267 | 732 | subset of messages will be changed). | ||
2268 | 733 | |||
2269 | 734 | See also C<clear_headers> and C<remove_header> for removing headers. | ||
2270 | 735 | |||
2271 | 736 | Here are some examples (these are the defaults, note that Checker-Version can | ||
2272 | 737 | not be changed or removed): | ||
2273 | 738 | |||
2274 | 739 | add_header spam Flag _YESNOCAPS_ | ||
2275 | 740 | add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_ | ||
2276 | 741 | add_header all Level _STARS(*)_ | ||
2277 | 742 | add_header all Checker-Version SpamAssassin _VERSION_ (_SUBVERSION_) on _HOSTNAME_ | ||
2278 | 743 | |||
2279 | 744 | =cut | ||
2280 | 745 | |||
2281 | 746 | push (@cmds, { | ||
2282 | 747 | setting => 'add_header', | ||
2283 | 748 | code => sub { | ||
2284 | 749 | my ($self, $key, $value, $line) = @_; | ||
2285 | 750 | local ($1,$2,$3); | ||
2286 | 751 | if ($value !~ /^(ham|spam|all)\s+([A-Za-z0-9_-]+)\s+(.*?)\s*$/) { | ||
2287 | 752 | return $INVALID_VALUE; | ||
2288 | 753 | } | ||
2289 | 754 | |||
2290 | 755 | my ($type, $name, $hline) = ($1, $2, $3); | ||
2291 | 756 | if ($hline =~ /^"(.*)"$/) { | ||
2292 | 757 | $hline = $1; | ||
2293 | 758 | } | ||
2294 | 759 | my @line = split( | ||
2295 | 760 | /\\\\/, # split at double backslashes, | ||
2296 | 761 | $hline."\n" # newline needed to make trailing backslashes work | ||
2297 | 762 | ); | ||
2298 | 763 | foreach (@line) { | ||
2299 | 764 | s/\\t/\t/g; # expand tabs | ||
2300 | 765 | s/\\n/\n/g; # expand newlines | ||
2301 | 766 | s/\\.//g; # purge all other escapes | ||
2302 | 767 | }; | ||
2303 | 768 | $hline = join("\\", @line); | ||
2304 | 769 | chop($hline); # remove dummy newline again | ||
2305 | 770 | if (($type eq "ham") || ($type eq "all")) { | ||
2306 | 771 | $self->{headers_ham} = | ||
2307 | 772 | [ grep { lc($_->[0]) ne lc($name) } @{$self->{headers_ham}} ]; | ||
2308 | 773 | push(@{$self->{headers_ham}}, [$name, $hline]); | ||
2309 | 774 | } | ||
2310 | 775 | if (($type eq "spam") || ($type eq "all")) { | ||
2311 | 776 | $self->{headers_spam} = | ||
2312 | 777 | [ grep { lc($_->[0]) ne lc($name) } @{$self->{headers_spam}} ]; | ||
2313 | 778 | push(@{$self->{headers_spam}}, [$name, $hline]); | ||
2314 | 779 | } | ||
2315 | 780 | } | ||
2316 | 781 | }); | ||
2317 | 782 | |||
2318 | 783 | =item remove_header { spam | ham | all } header_name | ||
2319 | 784 | |||
2320 | 785 | Headers can be removed from the specified type of messages (spam, ham, | ||
2321 | 786 | or "all" to remove from either). All headers begin with C<X-Spam-> | ||
2322 | 787 | (so C<header_name> will be appended to C<X-Spam->). | ||
2323 | 788 | |||
2324 | 789 | See also C<clear_headers> for removing all the headers at once. | ||
2325 | 790 | |||
2326 | 791 | Note that B<X-Spam-Checker-Version> is not removable because the version | ||
2327 | 792 | information is needed by mail administrators and developers to debug | ||
2328 | 793 | problems. Without at least one header, it might not even be possible to | ||
2329 | 794 | determine that SpamAssassin is running. | ||
2330 | 795 | |||
2331 | 796 | =cut | ||
2332 | 797 | |||
2333 | 798 | push (@cmds, { | ||
2334 | 799 | setting => 'remove_header', | ||
2335 | 800 | code => sub { | ||
2336 | 801 | my ($self, $key, $value, $line) = @_; | ||
2337 | 802 | local ($1,$2); | ||
2338 | 803 | if ($value !~ /^(ham|spam|all)\s+([A-Za-z0-9_-]+)\s*$/) { | ||
2339 | 804 | return $INVALID_VALUE; | ||
2340 | 805 | } | ||
2341 | 806 | |||
2342 | 807 | my ($type, $name) = ($1, $2); | ||
2343 | 808 | return if ( $name eq "Checker-Version" ); | ||
2344 | 809 | |||
2345 | 810 | $name = lc($name); | ||
2346 | 811 | if (($type eq "ham") || ($type eq "all")) { | ||
2347 | 812 | $self->{headers_ham} = | ||
2348 | 813 | [ grep { lc($_->[0]) ne $name } @{$self->{headers_ham}} ]; | ||
2349 | 814 | } | ||
2350 | 815 | if (($type eq "spam") || ($type eq "all")) { | ||
2351 | 816 | $self->{headers_spam} = | ||
2352 | 817 | [ grep { lc($_->[0]) ne $name } @{$self->{headers_spam}} ]; | ||
2353 | 818 | } | ||
2354 | 819 | } | ||
2355 | 820 | }); | ||
2356 | 821 | |||
2357 | 822 | =item clear_headers | ||
2358 | 823 | |||
2359 | 824 | Clear the list of headers to be added to messages. You may use this | ||
2360 | 825 | before any B<add_header> options to prevent the default headers from being | ||
2361 | 826 | added to the message. | ||
2362 | 827 | |||
2363 | 828 | C<add_header>, C<clear_headers> and C<remove_header> may appear in multiple | ||
2364 | 829 | .cf files, which are interpreted in alphabetic order, so C<clear_headers> | ||
2365 | 830 | in a later file will remove all added headers from previously interpreted | ||
2366 | 831 | configuration files, which may or may not be desired. | ||
2367 | 832 | |||
2368 | 833 | Note that B<X-Spam-Checker-Version> is not removable because the version | ||
2369 | 834 | information is needed by mail administrators and developers to debug | ||
2370 | 835 | problems. Without at least one header, it might not even be possible to | ||
2371 | 836 | determine that SpamAssassin is running. | ||
2372 | 837 | |||
2373 | 838 | =cut | ||
2374 | 839 | |||
2375 | 840 | push (@cmds, { | ||
2376 | 841 | setting => 'clear_headers', | ||
2377 | 842 | type => $CONF_TYPE_NOARGS, | ||
2378 | 843 | code => sub { | ||
2379 | 844 | my ($self, $key, $value, $line) = @_; | ||
2380 | 845 | unless (!defined $value || $value eq '') { | ||
2381 | 846 | return $INVALID_VALUE; | ||
2382 | 847 | } | ||
2383 | 848 | my @h = grep { lc($_->[0]) eq "checker-version" } | ||
2384 | 849 | @{$self->{headers_ham}}; | ||
2385 | 850 | $self->{headers_ham} = !@h ? [] : [ $h[0] ]; | ||
2386 | 851 | $self->{headers_spam} = !@h ? [] : [ $h[0] ]; | ||
2387 | 852 | } | ||
2388 | 853 | }); | ||
2389 | 854 | |||
2390 | 855 | =item report_safe ( 0 | 1 | 2 ) (default: 1) | ||
2391 | 856 | |||
2392 | 857 | if this option is set to 1, if an incoming message is tagged as spam, | ||
2393 | 858 | instead of modifying the original message, SpamAssassin will create a | ||
2394 | 859 | new report message and attach the original message as a message/rfc822 | ||
2395 | 860 | MIME part (ensuring the original message is completely preserved, not | ||
2396 | 861 | easily opened, and easier to recover). | ||
2397 | 862 | |||
2398 | 863 | If this option is set to 2, then original messages will be attached with | ||
2399 | 864 | a content type of text/plain instead of message/rfc822. This setting | ||
2400 | 865 | may be required for safety reasons on certain broken mail clients that | ||
2401 | 866 | automatically load attachments without any action by the user. This | ||
2402 | 867 | setting may also make it somewhat more difficult to extract or view the | ||
2403 | 868 | original message. | ||
2404 | 869 | |||
2405 | 870 | If this option is set to 0, incoming spam is only modified by adding | ||
2406 | 871 | some C<X-Spam-> headers and no changes will be made to the body. In | ||
2407 | 872 | addition, a header named B<X-Spam-Report> will be added to spam. You | ||
2408 | 873 | can use the B<remove_header> option to remove that header after setting | ||
2409 | 874 | B<report_safe> to 0. | ||
2410 | 875 | |||
2411 | 876 | See B<report_safe_copy_headers> if you want to copy headers from | ||
2412 | 877 | the original mail into tagged messages. | ||
2413 | 878 | |||
2414 | 879 | =cut | ||
2415 | 880 | |||
2416 | 881 | push (@cmds, { | ||
2417 | 882 | setting => 'report_safe', | ||
2418 | 883 | default => 1, | ||
2419 | 884 | type => $CONF_TYPE_NUMERIC, | ||
2420 | 885 | code => sub { | ||
2421 | 886 | my ($self, $key, $value, $line) = @_; | ||
2422 | 887 | if ($value eq '') { | ||
2423 | 888 | return $MISSING_REQUIRED_VALUE; | ||
2424 | 889 | } | ||
2425 | 890 | elsif ($value !~ /^[012]$/) { | ||
2426 | 891 | return $INVALID_VALUE; | ||
2427 | 892 | } | ||
2428 | 893 | |||
2429 | 894 | $self->{report_safe} = $value+0; | ||
2430 | 895 | if (! $self->{report_safe} && | ||
2431 | 896 | ! (grep { lc($_->[0]) eq "report" } @{$self->{headers_spam}}) ) { | ||
2432 | 897 | push(@{$self->{headers_spam}}, ["Report", "_REPORT_"]); | ||
2433 | 898 | } | ||
2434 | 899 | } | ||
2435 | 900 | }); | ||
2436 | 901 | |||
2437 | 902 | =back | ||
2438 | 903 | |||
2439 | 904 | =head2 LANGUAGE OPTIONS | ||
2440 | 905 | |||
2441 | 906 | =over 4 | ||
2442 | 907 | |||
2443 | 908 | =item ok_locales xx [ yy zz ... ] (default: all) | ||
2444 | 909 | |||
2445 | 910 | This option is used to specify which locales are considered OK for | ||
2446 | 911 | incoming mail. Mail using the B<character sets> that are allowed by | ||
2447 | 912 | this option will not be marked as possibly being spam in a foreign | ||
2448 | 913 | language. | ||
2449 | 914 | |||
2450 | 915 | If you receive lots of spam in foreign languages, and never get any non-spam in | ||
2451 | 916 | these languages, this may help. Note that all ISO-8859-* character sets, and | ||
2452 | 917 | Windows code page character sets, are always permitted by default. | ||
2453 | 918 | |||
2454 | 919 | Set this to C<all> to allow all character sets. This is the default. | ||
2455 | 920 | |||
2456 | 921 | The rules C<CHARSET_FARAWAY>, C<CHARSET_FARAWAY_BODY>, and | ||
2457 | 922 | C<CHARSET_FARAWAY_HEADERS> are triggered based on how this is set. | ||
2458 | 923 | |||
2459 | 924 | Examples: | ||
2460 | 925 | |||
2461 | 926 | ok_locales all (allow all locales) | ||
2462 | 927 | ok_locales en (only allow English) | ||
2463 | 928 | ok_locales en ja zh (allow English, Japanese, and Chinese) | ||
2464 | 929 | |||
2465 | 930 | Note: if there are multiple ok_locales lines, only the last one is used. | ||
2466 | 931 | |||
2467 | 932 | Select the locales to allow from the list below: | ||
2468 | 933 | |||
2469 | 934 | =over 4 | ||
2470 | 935 | |||
2471 | 936 | =item en - Western character sets in general | ||
2472 | 937 | |||
2473 | 938 | =item ja - Japanese character sets | ||
2474 | 939 | |||
2475 | 940 | =item ko - Korean character sets | ||
2476 | 941 | |||
2477 | 942 | =item ru - Cyrillic character sets | ||
2478 | 943 | |||
2479 | 944 | =item th - Thai character sets | ||
2480 | 945 | |||
2481 | 946 | =item zh - Chinese (both simplified and traditional) character sets | ||
2482 | 947 | |||
2483 | 948 | =back | ||
2484 | 949 | |||
2485 | 950 | =cut | ||
2486 | 951 | |||
2487 | 952 | push (@cmds, { | ||
2488 | 953 | setting => 'ok_locales', | ||
2489 | 954 | default => 'all', | ||
2490 | 955 | type => $CONF_TYPE_STRING, | ||
2491 | 956 | }); | ||
2492 | 957 | |||
2493 | 958 | =item normalize_charset ( 0 | 1) (default: 0) | ||
2494 | 959 | |||
2495 | 960 | Whether to detect character sets and normalize message content to | ||
2496 | 961 | Unicode. Requires the Encode::Detect module, HTML::Parser version | ||
2497 | 962 | 3.46 or later, and Perl 5.8.5 or later. | ||
2498 | 963 | |||
2499 | 964 | =cut | ||
2500 | 965 | |||
2501 | 966 | push (@cmds, { | ||
2502 | 967 | setting => 'normalize_charset', | ||
2503 | 968 | default => 0, | ||
2504 | 969 | type => $CONF_TYPE_BOOL, | ||
2505 | 970 | code => sub { | ||
2506 | 971 | my ($self, $key, $value, $line) = @_; | ||
2507 | 972 | unless (defined $value && $value !~ /^$/) { | ||
2508 | 973 | return $MISSING_REQUIRED_VALUE; | ||
2509 | 974 | } | ||
2510 | 975 | return undef if $value == 0; | ||
2511 | 976 | return $INVALID_VALUE unless $value == 1; | ||
2512 | 977 | |||
2513 | 978 | unless ($] > 5.008004) { | ||
2514 | 979 | $self->{parser}->lint_warn("config: normalize_charset requires Perl 5.8.5 or later"); | ||
2515 | 980 | return $INVALID_VALUE; | ||
2516 | 981 | } | ||
2517 | 982 | require HTML::Parser; | ||
2518 | 983 | unless ($HTML::Parser::VERSION >= 3.46) { | ||
2519 | 984 | $self->{parser}->lint_warn("config: normalize_charset requires HTML::Parser 3.46 or later"); | ||
2520 | 985 | return $INVALID_VALUE; | ||
2521 | 986 | } | ||
2522 | 987 | unless (eval 'require Encode::Detect::Detector') { | ||
2523 | 988 | $self->{parser}->lint_warn("config: normalize_charset requires Encode::Detect"); | ||
2524 | 989 | return $INVALID_VALUE; | ||
2525 | 990 | } | ||
2526 | 991 | unless (eval 'require Encode') { | ||
2527 | 992 | $self->{parser}->lint_warn("config: normalize_charset requires Encode"); | ||
2528 | 993 | return $INVALID_VALUE; | ||
2529 | 994 | } | ||
2530 | 995 | |||
2531 | 996 | $self->{normalize_charset} = 1; | ||
2532 | 997 | } | ||
2533 | 998 | }); | ||
2534 | 999 | |||
2535 | 1000 | |||
2536 | 1001 | =back | ||
2537 | 1002 | |||
2538 | 1003 | =head2 NETWORK TEST OPTIONS | ||
2539 | 1004 | |||
2540 | 1005 | =over 4 | ||
2541 | 1006 | |||
2542 | 1007 | =item trusted_networks ip.add.re.ss[/mask] ... (default: none) | ||
2543 | 1008 | |||
2544 | 1009 | What networks or hosts are 'trusted' in your setup. B<Trusted> in this case | ||
2545 | 1010 | means that relay hosts on these networks are considered to not be potentially | ||
2546 | 1011 | operated by spammers, open relays, or open proxies. A trusted host could | ||
2547 | 1012 | conceivably relay spam, but will not originate it, and will not forge header | ||
2548 | 1013 | data. DNS blacklist checks will never query for hosts on these networks. | ||
2549 | 1014 | |||
2550 | 1015 | See C<http://wiki.apache.org/spamassassin/TrustPath> for more information. | ||
2551 | 1016 | |||
2552 | 1017 | MXes for your domain(s) and internal relays should B<also> be specified using | ||
2553 | 1018 | the C<internal_networks> setting. When there are 'trusted' hosts that | ||
2554 | 1019 | are not MXes or internal relays for your domain(s) they should B<only> be | ||
2555 | 1020 | specified in C<trusted_networks>. | ||
2556 | 1021 | |||
2557 | 1022 | If a C</mask> is specified, it's considered a CIDR-style 'netmask', specified | ||
2558 | 1023 | in bits. If it is not specified, but less than 4 octets are specified with a | ||
2559 | 1024 | trailing dot, that's considered a mask to allow all addresses in the remaining | ||
2560 | 1025 | octets. If a mask is not specified, and there is not trailing dot, then just | ||
2561 | 1026 | the single IP address specified is used, as if the mask was C</32>. | ||
2562 | 1027 | |||
2563 | 1028 | If a network or host address is prefaced by a C<!> the network or host will be | ||
2564 | 1029 | excluded (or included) in a first listed match fashion. | ||
2565 | 1030 | |||
2566 | 1031 | Note: 127/8 and ::1 are always included in trusted_networks, regardless of | ||
2567 | 1032 | your config. | ||
2568 | 1033 | |||
2569 | 1034 | Examples: | ||
2570 | 1035 | |||
2571 | 1036 | trusted_networks 192.168/16 # all in 192.168.*.* | ||
2572 | 1037 | trusted_networks 212.17.35.15 # just that host | ||
2573 | 1038 | trusted_networks !10.0.1.5 10.0.1/24 # all in 10.0.1.* but not 10.0.1.5 | ||
2574 | 1039 | trusted_networks DEAD:BEEF::/32 # all in that ipv6 prefix | ||
2575 | 1040 | |||
2576 | 1041 | This operates additively, so a C<trusted_networks> line after another one | ||
2577 | 1042 | will append new entries to the list of trusted networks. To clear out the | ||
2578 | 1043 | existing entries, use C<clear_trusted_networks>. | ||
2579 | 1044 | |||
2580 | 1045 | If C<trusted_networks> is not set and C<internal_networks> is, the value | ||
2581 | 1046 | of C<internal_networks> will be used for this parameter. | ||
2582 | 1047 | |||
2583 | 1048 | If neither C<trusted_networks> or C<internal_networks> is set, a basic | ||
2584 | 1049 | inference algorithm is applied. This works as follows: | ||
2585 | 1050 | |||
2586 | 1051 | =over 4 | ||
2587 | 1052 | |||
2588 | 1053 | =item * | ||
2589 | 1054 | |||
2590 | 1055 | If the 'from' host has an IP address in a private (RFC 1918) network range, | ||
2591 | 1056 | then it's trusted | ||
2592 | 1057 | |||
2593 | 1058 | =item * | ||
2594 | 1059 | |||
2595 | 1060 | If there are authentication tokens in the received header, and | ||
2596 | 1061 | the previous host was trusted, then this host is also trusted | ||
2597 | 1062 | |||
2598 | 1063 | =item * | ||
2599 | 1064 | |||
2600 | 1065 | Otherwise this host, and all further hosts, are consider untrusted. | ||
2601 | 1066 | |||
2602 | 1067 | =back | ||
2603 | 1068 | |||
2604 | 1069 | =cut | ||
2605 | 1070 | |||
2606 | 1071 | push (@cmds, { | ||
2607 | 1072 | setting => 'trusted_networks', | ||
2608 | 1073 | type => $CONF_TYPE_IPADDRLIST, | ||
2609 | 1074 | }); | ||
2610 | 1075 | |||
2611 | 1076 | =item clear_trusted_networks | ||
2612 | 1077 | |||
2613 | 1078 | Empty the list of trusted networks. | ||
2614 | 1079 | |||
2615 | 1080 | =cut | ||
2616 | 1081 | |||
2617 | 1082 | push (@cmds, { | ||
2618 | 1083 | setting => 'clear_trusted_networks', | ||
2619 | 1084 | type => $CONF_TYPE_NOARGS, | ||
2620 | 1085 | code => sub { | ||
2621 | 1086 | my ($self, $key, $value, $line) = @_; | ||
2622 | 1087 | unless (!defined $value || $value eq '') { | ||
2623 | 1088 | return $INVALID_VALUE; | ||
2624 | 1089 | } | ||
2625 | 1090 | $self->{trusted_networks} = $self->new_netset(); | ||
2626 | 1091 | $self->{trusted_networks_configured} = 0; | ||
2627 | 1092 | } | ||
2628 | 1093 | }); | ||
2629 | 1094 | |||
2630 | 1095 | =item internal_networks ip.add.re.ss[/mask] ... (default: none) | ||
2631 | 1096 | |||
2632 | 1097 | What networks or hosts are 'internal' in your setup. B<Internal> means | ||
2633 | 1098 | that relay hosts on these networks are considered to be MXes for your | ||
2634 | 1099 | domain(s), or internal relays. This uses the same format as | ||
2635 | 1100 | C<trusted_networks>, above. | ||
2636 | 1101 | |||
2637 | 1102 | This value is used when checking 'dial-up' or dynamic IP address | ||
2638 | 1103 | blocklists, in order to detect direct-to-MX spamming. | ||
2639 | 1104 | |||
2640 | 1105 | Trusted relays that accept mail directly from dial-up connections | ||
2641 | 1106 | (i.e. are also performing a role of mail submission agents - MSA) | ||
2642 | 1107 | should not be listed in C<internal_networks>. List them only in | ||
2643 | 1108 | C<trusted_networks>. | ||
2644 | 1109 | |||
2645 | 1110 | If C<trusted_networks> is set and C<internal_networks> is not, the value | ||
2646 | 1111 | of C<trusted_networks> will be used for this parameter. | ||
2647 | 1112 | |||
2648 | 1113 | If neither C<trusted_networks> nor C<internal_networks> is set, no addresses | ||
2649 | 1114 | will be considered local; in other words, any relays past the machine where | ||
2650 | 1115 | SpamAssassin is running will be considered external. | ||
2651 | 1116 | |||
2652 | 1117 | Every entry in C<internal_networks> must appear in C<trusted_networks>; in | ||
2653 | 1118 | other words, C<internal_networks> is always a subset of the trusted set. | ||
2654 | 1119 | |||
2655 | 1120 | Note: 127/8 and ::1 are always included in internal_networks, regardless of | ||
2656 | 1121 | your config. | ||
2657 | 1122 | |||
2658 | 1123 | =cut | ||
2659 | 1124 | |||
2660 | 1125 | push (@cmds, { | ||
2661 | 1126 | setting => 'internal_networks', | ||
2662 | 1127 | type => $CONF_TYPE_IPADDRLIST, | ||
2663 | 1128 | }); | ||
2664 | 1129 | |||
2665 | 1130 | =item clear_internal_networks | ||
2666 | 1131 | |||
2667 | 1132 | Empty the list of internal networks. | ||
2668 | 1133 | |||
2669 | 1134 | =cut | ||
2670 | 1135 | |||
2671 | 1136 | push (@cmds, { | ||
2672 | 1137 | setting => 'clear_internal_networks', | ||
2673 | 1138 | type => $CONF_TYPE_NOARGS, | ||
2674 | 1139 | code => sub { | ||
2675 | 1140 | my ($self, $key, $value, $line) = @_; | ||
2676 | 1141 | unless (!defined $value || $value eq '') { | ||
2677 | 1142 | return $INVALID_VALUE; | ||
2678 | 1143 | } | ||
2679 | 1144 | $self->{internal_networks} = $self->new_netset(); | ||
2680 | 1145 | $self->{internal_networks_configured} = 0; | ||
2681 | 1146 | } | ||
2682 | 1147 | }); | ||
2683 | 1148 | |||
2684 | 1149 | =item msa_networks ip.add.re.ss[/mask] ... (default: none) | ||
2685 | 1150 | |||
2686 | 1151 | The networks or hosts which are acting as MSAs in your setup (but not also as | ||
2687 | 1152 | MX relays). B<MSA> means that the relay hosts on these networks accept mail | ||
2688 | 1153 | from your own users and authenticates them appropriately. These relays | ||
2689 | 1154 | will never accept mail from hosts that aren't authenticated in some way. | ||
2690 | 1155 | Examples of authentication include, IP lists, SMTP AUTH, POP-before-SMTP, etc. | ||
2691 | 1156 | |||
2692 | 1157 | All relays found in the message headers after the MSA relay will take | ||
2693 | 1158 | on the same trusted and internal classifications as the MSA relay itself, | ||
2694 | 1159 | as defined by your I<trusted_networks> and I<internal_networks> configuration. | ||
2695 | 1160 | |||
2696 | 1161 | For example, if the MSA relay is trusted and internal so will all of the | ||
2697 | 1162 | relays that precede it. | ||
2698 | 1163 | |||
2699 | 1164 | When using msa_networks to identify an MSA it is recommended that you treat | ||
2700 | 1165 | that MSA as both trusted and internal. When an MSA is not included in | ||
2701 | 1166 | msa_networks you should treat the MSA as trusted but not internal, however | ||
2702 | 1167 | if the MSA is also acting as an MX or intermediate relay you must always | ||
2703 | 1168 | treat it as both trusted and internal and ensure that the MSA includes | ||
2704 | 1169 | visible auth tokens in its Received header to identify submission clients. | ||
2705 | 1170 | |||
2706 | 1171 | B<Warning:> Never include an MSA that also acts as an MX (or is also an | ||
2707 | 1172 | intermediate relay for an MX) or otherwise accepts mail from | ||
2708 | 1173 | non-authenticated users in msa_networks. Doing so will result in unknown | ||
2709 | 1174 | external relays being trusted. | ||
2710 | 1175 | |||
2711 | 1176 | =cut | ||
2712 | 1177 | |||
2713 | 1178 | push (@cmds, { | ||
2714 | 1179 | setting => 'msa_networks', | ||
2715 | 1180 | type => $CONF_TYPE_IPADDRLIST, | ||
2716 | 1181 | }); | ||
2717 | 1182 | |||
2718 | 1183 | =item clear_msa_networks | ||
2719 | 1184 | |||
2720 | 1185 | Empty the list of msa networks. | ||
2721 | 1186 | |||
2722 | 1187 | =cut | ||
2723 | 1188 | |||
2724 | 1189 | push (@cmds, { | ||
2725 | 1190 | setting => 'clear_msa_networks', | ||
2726 | 1191 | type => $CONF_TYPE_NOARGS, | ||
2727 | 1192 | code => sub { | ||
2728 | 1193 | my ($self, $key, $value, $line) = @_; | ||
2729 | 1194 | unless (!defined $value || $value eq '') { | ||
2730 | 1195 | return $INVALID_VALUE; | ||
2731 | 1196 | } | ||
2732 | 1197 | $self->{msa_networks} = Mail::SpamAssassin::NetSet->new(); # not new_netset | ||
2733 | 1198 | $self->{msa_networks_configured} = 0; | ||
2734 | 1199 | } | ||
2735 | 1200 | }); | ||
2736 | 1201 | |||
2737 | 1202 | =item originating_ip_headers header ... (default: X-Yahoo-Post-IP X-Originating-IP X-Apparently-From X-SenderIP) | ||
2738 | 1203 | |||
2739 | 1204 | A list of header field names from which an originating IP address can | ||
2740 | 1205 | be obtained. For example, webmail servers may record a client IP address | ||
2741 | 1206 | in X-Originating-IP. | ||
2742 | 1207 | |||
2743 | 1208 | These IP addresses are virtually appended into the Received: chain, so they | ||
2744 | 1209 | are used in RBL checks where appropriate. | ||
2745 | 1210 | |||
2746 | 1211 | Currently the IP addresses are not added into X-Spam-Relays-* header fields, | ||
2747 | 1212 | but they may be in the future. | ||
2748 | 1213 | |||
2749 | 1214 | =cut | ||
2750 | 1215 | |||
2751 | 1216 | push (@cmds, { | ||
2752 | 1217 | setting => 'originating_ip_headers', | ||
2753 | 1218 | default => [], | ||
2754 | 1219 | type => $CONF_TYPE_STRINGLIST, | ||
2755 | 1220 | code => sub { | ||
2756 | 1221 | my ($self, $key, $value, $line) = @_; | ||
2757 | 1222 | unless (defined $value && $value !~ /^$/) { | ||
2758 | 1223 | return $MISSING_REQUIRED_VALUE; | ||
2759 | 1224 | } | ||
2760 | 1225 | foreach my $hfname (split(/\s+/, $value)) { | ||
2761 | 1226 | # avoid duplicates, consider header field names case-insensitive | ||
2762 | 1227 | push(@{$self->{originating_ip_headers}}, $hfname) | ||
2763 | 1228 | if !grep(lc($_) eq lc($hfname), @{$self->{originating_ip_headers}}); | ||
2764 | 1229 | } | ||
2765 | 1230 | } | ||
2766 | 1231 | }); | ||
2767 | 1232 | |||
2768 | 1233 | =item clear_originating_ip_headers | ||
2769 | 1234 | |||
2770 | 1235 | Empty the list of 'originating IP address' header field names. | ||
2771 | 1236 | |||
2772 | 1237 | =cut | ||
2773 | 1238 | |||
2774 | 1239 | push (@cmds, { | ||
2775 | 1240 | setting => 'clear_originating_ip_headers', | ||
2776 | 1241 | type => $CONF_TYPE_NOARGS, | ||
2777 | 1242 | code => sub { | ||
2778 | 1243 | my ($self, $key, $value, $line) = @_; | ||
2779 | 1244 | unless (!defined $value || $value eq '') { | ||
2780 | 1245 | return $INVALID_VALUE; | ||
2781 | 1246 | } | ||
2782 | 1247 | $self->{originating_ip_headers} = []; | ||
2783 | 1248 | } | ||
2784 | 1249 | }); | ||
2785 | 1250 | |||
2786 | 1251 | =item always_trust_envelope_sender ( 0 | 1 ) (default: 0) | ||
2787 | 1252 | |||
2788 | 1253 | Trust the envelope sender even if the message has been passed through one or | ||
2789 | 1254 | more trusted relays. See also C<envelope_sender_header>. | ||
2790 | 1255 | |||
2791 | 1256 | =cut | ||
2792 | 1257 | |||
2793 | 1258 | push (@cmds, { | ||
2794 | 1259 | setting => 'always_trust_envelope_sender', | ||
2795 | 1260 | default => 0, | ||
2796 | 1261 | type => $CONF_TYPE_BOOL, | ||
2797 | 1262 | }); | ||
2798 | 1263 | |||
2799 | 1264 | =item skip_rbl_checks ( 0 | 1 ) (default: 0) | ||
2800 | 1265 | |||
2801 | 1266 | Turning on the skip_rbl_checks setting will disable the DNSEval plugin, | ||
2802 | 1267 | which implements Real-time Block List (or: Blackhole List) (RBL) lookups. | ||
2803 | 1268 | |||
2804 | 1269 | By default, SpamAssassin will run RBL checks. Individual blocklists may | ||
2805 | 1270 | be disabled selectively by setting a score of a corresponding rule to 0. | ||
2806 | 1271 | |||
2807 | 1272 | See also a related configuration parameter skip_uribl_checks, | ||
2808 | 1273 | which controls the URIDNSBL plugin (documented in the URIDNSBL man page). | ||
2809 | 1274 | |||
2810 | 1275 | =cut | ||
2811 | 1276 | |||
2812 | 1277 | push (@cmds, { | ||
2813 | 1278 | setting => 'skip_rbl_checks', | ||
2814 | 1279 | default => 0, | ||
2815 | 1280 | type => $CONF_TYPE_BOOL, | ||
2816 | 1281 | }); | ||
2817 | 1282 | |||
2818 | 1283 | =item dns_available { yes | test[: name1 name2...] | no } (default: test) | ||
2819 | 1284 | |||
2820 | 1285 | By default, SpamAssassin will query some default hosts on the internet to | ||
2821 | 1286 | attempt to check if DNS is working or not. The problem is that it can | ||
2822 | 1287 | introduce some delay if your network connection is down, and in some cases it | ||
2823 | 1288 | can wrongly guess that DNS is unavailable because the test connections failed. | ||
2824 | 1289 | SpamAssassin includes a default set of 13 servers, among which 3 are picked | ||
2825 | 1290 | randomly. | ||
2826 | 1291 | |||
2827 | 1292 | You can however specify your own list by specifying | ||
2828 | 1293 | |||
2829 | 1294 | dns_available test: domain1.tld domain2.tld domain3.tld | ||
2830 | 1295 | |||
2831 | 1296 | Please note, the DNS test queries for NS records. | ||
2832 | 1297 | |||
2833 | 1298 | =cut | ||
2834 | 1299 | |||
2835 | 1300 | push (@cmds, { | ||
2836 | 1301 | setting => 'dns_available', | ||
2837 | 1302 | default => 'test', | ||
2838 | 1303 | type => $CONF_TYPE_STRING, | ||
2839 | 1304 | code => sub { | ||
2840 | 1305 | my ($self, $key, $value, $line) = @_; | ||
2841 | 1306 | if ($value =~ /^test(?::\s+.+)?$/) { | ||
2842 | 1307 | $self->{dns_available} = $value; | ||
2843 | 1308 | } | ||
2844 | 1309 | elsif ($value =~ /^(?:yes|1)$/) { | ||
2845 | 1310 | $self->{dns_available} = 'yes'; | ||
2846 | 1311 | } | ||
2847 | 1312 | elsif ($value =~ /^(?:no|0)$/) { | ||
2848 | 1313 | $self->{dns_available} = 'no'; | ||
2849 | 1314 | } | ||
2850 | 1315 | else { | ||
2851 | 1316 | return $INVALID_VALUE; | ||
2852 | 1317 | } | ||
2853 | 1318 | } | ||
2854 | 1319 | }); | ||
2855 | 1320 | |||
2856 | 1321 | =item dns_test_interval n (default: 600 seconds) | ||
2857 | 1322 | |||
2858 | 1323 | If dns_available is set to 'test' (which is the default), the dns_test_interval | ||
2859 | 1324 | time in number of seconds will tell SpamAssassin how often to retest for working DNS. | ||
2860 | 1325 | |||
2861 | 1326 | =cut | ||
2862 | 1327 | |||
2863 | 1328 | push (@cmds, { | ||
2864 | 1329 | setting => 'dns_test_interval', | ||
2865 | 1330 | default => 600, | ||
2866 | 1331 | type => $CONF_TYPE_NUMERIC, | ||
2867 | 1332 | code => sub { | ||
2868 | 1333 | my ($self, $key, $value, $line) = @_; | ||
2869 | 1334 | if ($value !~ /^\d+$/) { return $INVALID_VALUE; } | ||
2870 | 1335 | $self->{dns_test_interval} = $value; | ||
2871 | 1336 | } | ||
2872 | 1337 | }); | ||
2873 | 1338 | |||
2874 | 1339 | =item dns_options rotate (default: empty) | ||
2875 | 1340 | |||
2876 | 1341 | If set to 'rotate', this causes SpamAssassin to choose a DNS server at random | ||
2877 | 1342 | from all servers listed in C</etc/resolv.conf> every 'dns_test_interval' | ||
2878 | 1343 | seconds, effectively spreading the load over all currently available DNS | ||
2879 | 1344 | servers when there are many spamd workers. | ||
2880 | 1345 | |||
2881 | 1346 | =cut | ||
2882 | 1347 | |||
2883 | 1348 | push (@cmds, { | ||
2884 | 1349 | setting => 'dns_options', | ||
2885 | 1350 | type => $CONF_TYPE_HASH_KEY_VALUE, | ||
2886 | 1351 | code => sub { | ||
2887 | 1352 | my ($self, $key, $value, $line) = @_; | ||
2888 | 1353 | my $allowed_opts = "rotate"; | ||
2889 | 1354 | |||
2890 | 1355 | foreach my $option (split (/\s+/, $value)) { | ||
2891 | 1356 | if ($allowed_opts !~ /^$option$/) { return $INVALID_VALUE; } | ||
2892 | 1357 | else { $self->{dns_options}->{$option} = 1; } | ||
2893 | 1358 | } | ||
2894 | 1359 | } | ||
2895 | 1360 | }); | ||
2896 | 1361 | |||
2897 | 1362 | =back | ||
2898 | 1363 | |||
2899 | 1364 | =head2 LEARNING OPTIONS | ||
2900 | 1365 | |||
2901 | 1366 | =over 4 | ||
2902 | 1367 | |||
2903 | 1368 | =item use_learner ( 0 | 1 ) (default: 1) | ||
2904 | 1369 | |||
2905 | 1370 | Whether to use any machine-learning classifiers with SpamAssassin, such as the | ||
2906 | 1371 | default 'BAYES_*' rules. Setting this to 0 will disable use of any and all | ||
2907 | 1372 | human-trained classifiers. | ||
2908 | 1373 | |||
2909 | 1374 | =cut | ||
2910 | 1375 | |||
2911 | 1376 | push (@cmds, { | ||
2912 | 1377 | setting => 'use_learner', | ||
2913 | 1378 | default => 1, | ||
2914 | 1379 | type => $CONF_TYPE_BOOL, | ||
2915 | 1380 | }); | ||
2916 | 1381 | |||
2917 | 1382 | =item use_bayes ( 0 | 1 ) (default: 1) | ||
2918 | 1383 | |||
2919 | 1384 | Whether to use the naive-Bayesian-style classifier built into | ||
2920 | 1385 | SpamAssassin. This is a master on/off switch for all Bayes-related | ||
2921 | 1386 | operations. | ||
2922 | 1387 | |||
2923 | 1388 | =cut | ||
2924 | 1389 | |||
2925 | 1390 | push (@cmds, { | ||
2926 | 1391 | setting => 'use_bayes', | ||
2927 | 1392 | default => 1, | ||
2928 | 1393 | type => $CONF_TYPE_BOOL, | ||
2929 | 1394 | }); | ||
2930 | 1395 | |||
2931 | 1396 | =item use_bayes_rules ( 0 | 1 ) (default: 1) | ||
2932 | 1397 | |||
2933 | 1398 | Whether to use rules using the naive-Bayesian-style classifier built | ||
2934 | 1399 | into SpamAssassin. This allows you to disable the rules while leaving | ||
2935 | 1400 | auto and manual learning enabled. | ||
2936 | 1401 | |||
2937 | 1402 | =cut | ||
2938 | 1403 | |||
2939 | 1404 | push (@cmds, { | ||
2940 | 1405 | setting => 'use_bayes_rules', | ||
2941 | 1406 | default => 1, | ||
2942 | 1407 | type => $CONF_TYPE_BOOL, | ||
2943 | 1408 | }); | ||
2944 | 1409 | |||
2945 | 1410 | =item bayes_auto_learn ( 0 | 1 ) (default: 1) | ||
2946 | 1411 | |||
2947 | 1412 | Whether SpamAssassin should automatically feed high-scoring mails (or | ||
2948 | 1413 | low-scoring mails, for non-spam) into its learning systems. The only | ||
2949 | 1414 | learning system supported currently is a naive-Bayesian-style classifier. | ||
2950 | 1415 | |||
2951 | 1416 | See the documentation for the | ||
2952 | 1417 | C<Mail::SpamAssassin::Plugin::AutoLearnThreshold> plugin module | ||
2953 | 1418 | for details on how Bayes auto-learning is implemented by default. | ||
2954 | 1419 | |||
2955 | 1420 | =cut | ||
2956 | 1421 | |||
2957 | 1422 | push (@cmds, { | ||
2958 | 1423 | setting => 'bayes_auto_learn', | ||
2959 | 1424 | default => 1, | ||
2960 | 1425 | type => $CONF_TYPE_BOOL, | ||
2961 | 1426 | }); | ||
2962 | 1427 | |||
2963 | 1428 | =item bayes_ignore_header header_name | ||
2964 | 1429 | |||
2965 | 1430 | If you receive mail filtered by upstream mail systems, like | ||
2966 | 1431 | a spam-filtering ISP or mailing list, and that service adds | ||
2967 | 1432 | new headers (as most of them do), these headers may provide | ||
2968 | 1433 | inappropriate cues to the Bayesian classifier, allowing it | ||
2969 | 1434 | to take a "short cut". To avoid this, list the headers using this | ||
2970 | 1435 | setting. Example: | ||
2971 | 1436 | |||
2972 | 1437 | bayes_ignore_header X-Upstream-Spamfilter | ||
2973 | 1438 | bayes_ignore_header X-Upstream-SomethingElse | ||
2974 | 1439 | |||
2975 | 1440 | =cut | ||
2976 | 1441 | |||
2977 | 1442 | push (@cmds, { | ||
2978 | 1443 | setting => 'bayes_ignore_header', | ||
2979 | 1444 | default => [], | ||
2980 | 1445 | type => $CONF_TYPE_STRINGLIST, | ||
2981 | 1446 | code => sub { | ||
2982 | 1447 | my ($self, $key, $value, $line) = @_; | ||
2983 | 1448 | if ($value eq '') { | ||
2984 | 1449 | return $MISSING_REQUIRED_VALUE; | ||
2985 | 1450 | } | ||
2986 | 1451 | push (@{$self->{bayes_ignore_headers}}, split(/\s+/, $value)); | ||
2987 | 1452 | } | ||
2988 | 1453 | }); | ||
2989 | 1454 | |||
2990 | 1455 | =item bayes_ignore_from user@example.com | ||
2991 | 1456 | |||
2992 | 1457 | Bayesian classification and autolearning will not be performed on mail | ||
2993 | 1458 | from the listed addresses. Program C<sa-learn> will also ignore the | ||
2994 | 1459 | listed addresses if it is invoked using the C<--use-ignores> option. | ||
2995 | 1460 | One or more addresses can be listed, see C<whitelist_from>. | ||
2996 | 1461 | |||
2997 | 1462 | Spam messages from certain senders may contain many words that | ||
2998 | 1463 | frequently occur in ham. For example, one might read messages from a | ||
2999 | 1464 | preferred bookstore but also get unwanted spam messages from other | ||
3000 | 1465 | bookstores. If the unwanted messages are learned as spam then any | ||
3001 | 1466 | messages discussing books, including the preferred bookstore and | ||
3002 | 1467 | antiquarian messages would be in danger of being marked as spam. The | ||
3003 | 1468 | addresses of the annoying bookstores would be listed. (Assuming they | ||
3004 | 1469 | were halfway legitimate and didn't send you mail through myriad | ||
3005 | 1470 | affiliates.) | ||
3006 | 1471 | |||
3007 | 1472 | Those who have pieces of spam in legitimate messages or otherwise | ||
3008 | 1473 | receive ham messages containing potentially spammy words might fear | ||
3009 | 1474 | that some spam messages might be in danger of being marked as ham. | ||
3010 | 1475 | The addresses of the spam mailing lists, correspondents, etc. would | ||
3011 | 1476 | be listed. | ||
3012 | 1477 | |||
3013 | 1478 | =cut | ||
3014 | 1479 | |||
3015 | 1480 | push (@cmds, { | ||
3016 | 1481 | setting => 'bayes_ignore_from', | ||
3017 | 1482 | type => $CONF_TYPE_ADDRLIST, | ||
3018 | 1483 | }); | ||
3019 | 1484 | |||
3020 | 1485 | =item bayes_ignore_to user@example.com | ||
3021 | 1486 | |||
3022 | 1487 | Bayesian classification and autolearning will not be performed on mail | ||
3023 | 1488 | to the listed addresses. See C<bayes_ignore_from> for details. | ||
3024 | 1489 | |||
3025 | 1490 | =cut | ||
3026 | 1491 | |||
3027 | 1492 | push (@cmds, { | ||
3028 | 1493 | setting => 'bayes_ignore_to', | ||
3029 | 1494 | type => $CONF_TYPE_ADDRLIST, | ||
3030 | 1495 | }); | ||
3031 | 1496 | |||
3032 | 1497 | =item bayes_min_ham_num (Default: 200) | ||
3033 | 1498 | |||
3034 | 1499 | =item bayes_min_spam_num (Default: 200) | ||
3035 | 1500 | |||
3036 | 1501 | To be accurate, the Bayes system does not activate until a certain number of | ||
3037 | 1502 | ham (non-spam) and spam have been learned. The default is 200 of each ham and | ||
3038 | 1503 | spam, but you can tune these up or down with these two settings. | ||
3039 | 1504 | |||
3040 | 1505 | =cut | ||
3041 | 1506 | |||
3042 | 1507 | push (@cmds, { | ||
3043 | 1508 | setting => 'bayes_min_ham_num', | ||
3044 | 1509 | default => 200, | ||
3045 | 1510 | type => $CONF_TYPE_NUMERIC, | ||
3046 | 1511 | }); | ||
3047 | 1512 | push (@cmds, { | ||
3048 | 1513 | setting => 'bayes_min_spam_num', | ||
3049 | 1514 | default => 200, | ||
3050 | 1515 | type => $CONF_TYPE_NUMERIC, | ||
3051 | 1516 | }); | ||
3052 | 1517 | |||
3053 | 1518 | =item bayes_learn_during_report (Default: 1) | ||
3054 | 1519 | |||
3055 | 1520 | The Bayes system will, by default, learn any reported messages | ||
3056 | 1521 | (C<spamassassin -r>) as spam. If you do not want this to happen, set | ||
3057 | 1522 | this option to 0. | ||
3058 | 1523 | |||
3059 | 1524 | =cut | ||
3060 | 1525 | |||
3061 | 1526 | push (@cmds, { | ||
3062 | 1527 | setting => 'bayes_learn_during_report', | ||
3063 | 1528 | default => 1, | ||
3064 | 1529 | type => $CONF_TYPE_BOOL, | ||
3065 | 1530 | }); | ||
3066 | 1531 | |||
3067 | 1532 | =item bayes_sql_override_username | ||
3068 | 1533 | |||
3069 | 1534 | Used by BayesStore::SQL storage implementation. | ||
3070 | 1535 | |||
3071 | 1536 | If this options is set the BayesStore::SQL module will override the set | ||
3072 | 1537 | username with the value given. This could be useful for implementing global or | ||
3073 | 1538 | group bayes databases. | ||
3074 | 1539 | |||
3075 | 1540 | =cut | ||
3076 | 1541 | |||
3077 | 1542 | push (@cmds, { | ||
3078 | 1543 | setting => 'bayes_sql_override_username', | ||
3079 | 1544 | default => '', | ||
3080 | 1545 | type => $CONF_TYPE_STRING, | ||
3081 | 1546 | }); | ||
3082 | 1547 | |||
3083 | 1548 | =item bayes_use_hapaxes (default: 1) | ||
3084 | 1549 | |||
3085 | 1550 | Should the Bayesian classifier use hapaxes (words/tokens that occur only | ||
3086 | 1551 | once) when classifying? This produces significantly better hit-rates, but | ||
3087 | 1552 | increases database size by about a factor of 8 to 10. | ||
3088 | 1553 | |||
3089 | 1554 | =cut | ||
3090 | 1555 | |||
3091 | 1556 | push (@cmds, { | ||
3092 | 1557 | setting => 'bayes_use_hapaxes', | ||
3093 | 1558 | default => 1, | ||
3094 | 1559 | type => $CONF_TYPE_BOOL, | ||
3095 | 1560 | }); | ||
3096 | 1561 | |||
3097 | 1562 | =item bayes_journal_max_size (default: 102400) | ||
3098 | 1563 | |||
3099 | 1564 | SpamAssassin will opportunistically sync the journal and the database. | ||
3100 | 1565 | It will do so once a day, but will sync more often if the journal file | ||
3101 | 1566 | size goes above this setting, in bytes. If set to 0, opportunistic | ||
3102 | 1567 | syncing will not occur. | ||
3103 | 1568 | |||
3104 | 1569 | =cut | ||
3105 | 1570 | |||
3106 | 1571 | push (@cmds, { | ||
3107 | 1572 | setting => 'bayes_journal_max_size', | ||
3108 | 1573 | default => 102400, | ||
3109 | 1574 | type => $CONF_TYPE_NUMERIC, | ||
3110 | 1575 | }); | ||
3111 | 1576 | |||
3112 | 1577 | =item bayes_expiry_max_db_size (default: 150000) | ||
3113 | 1578 | |||
3114 | 1579 | What should be the maximum size of the Bayes tokens database? When expiry | ||
3115 | 1580 | occurs, the Bayes system will keep either 75% of the maximum value, or | ||
3116 | 1581 | 100,000 tokens, whichever has a larger value. 150,000 tokens is roughly | ||
3117 | 1582 | equivalent to a 8Mb database file. | ||
3118 | 1583 | |||
3119 | 1584 | =cut | ||
3120 | 1585 | |||
3121 | 1586 | push (@cmds, { | ||
3122 | 1587 | setting => 'bayes_expiry_max_db_size', | ||
3123 | 1588 | default => 150000, | ||
3124 | 1589 | type => $CONF_TYPE_NUMERIC, | ||
3125 | 1590 | }); | ||
3126 | 1591 | |||
3127 | 1592 | =item bayes_auto_expire (default: 1) | ||
3128 | 1593 | |||
3129 | 1594 | If enabled, the Bayes system will try to automatically expire old tokens | ||
3130 | 1595 | from the database. Auto-expiry occurs when the number of tokens in the | ||
3131 | 1596 | database surpasses the bayes_expiry_max_db_size value. | ||
3132 | 1597 | |||
3133 | 1598 | =cut | ||
3134 | 1599 | |||
3135 | 1600 | push (@cmds, { | ||
3136 | 1601 | setting => 'bayes_auto_expire', | ||
3137 | 1602 | default => 1, | ||
3138 | 1603 | type => $CONF_TYPE_BOOL, | ||
3139 | 1604 | }); | ||
3140 | 1605 | |||
3141 | 1606 | =item bayes_learn_to_journal (default: 0) | ||
3142 | 1607 | |||
3143 | 1608 | If this option is set, whenever SpamAssassin does Bayes learning, it | ||
3144 | 1609 | will put the information into the journal instead of directly into the | ||
3145 | 1610 | database. This lowers contention for locking the database to execute | ||
3146 | 1611 | an update, but will also cause more access to the journal and cause a | ||
3147 | 1612 | delay before the updates are actually committed to the Bayes database. | ||
3148 | 1613 | |||
3149 | 1614 | =cut | ||
3150 | 1615 | |||
3151 | 1616 | push (@cmds, { | ||
3152 | 1617 | setting => 'bayes_learn_to_journal', | ||
3153 | 1618 | default => 0, | ||
3154 | 1619 | type => $CONF_TYPE_BOOL, | ||
3155 | 1620 | }); | ||
3156 | 1621 | |||
3157 | 1622 | =back | ||
3158 | 1623 | |||
3159 | 1624 | =head2 MISCELLANEOUS OPTIONS | ||
3160 | 1625 | |||
3161 | 1626 | =over 4 | ||
3162 | 1627 | |||
3163 | 1628 | =item time_limit n (default: 300) | ||
3164 | 1629 | |||
3165 | 1630 | Specifies a limit on elapsed time in seconds that SpamAssassin is allowed | ||
3166 | 1631 | to spend before providing a result. The value may be fractional and must | ||
3167 | 1632 | not be negative, zero is interpreted as unlimited. The default is 300 | ||
3168 | 1633 | seconds for consistency with the spamd default setting of --timeout-child . | ||
3169 | 1634 | |||
3170 | 1635 | This is a best-effort advisory setting, processing will not be abruptly | ||
3171 | 1636 | aborted at an arbitrary point in processing when the time limit is exceeded, | ||
3172 | 1637 | but only on reaching one of locations in the program flow equipped with a | ||
3173 | 1638 | time test. Currently equipped with the test are the main checking loop, | ||
3174 | 1639 | asynchronous DNS lookups, plugins which are calling external programs. | ||
3175 | 1640 | Rule evaluation is guarded by starting a timer (alarm) on each set of | ||
3176 | 1641 | compiled rules. | ||
3177 | 1642 | |||
3178 | 1643 | When a message is passed to Mail::SpamAssassin::parse, a deadline time | ||
3179 | 1644 | is established as a sum of current time and the C<time_limit> setting. | ||
3180 | 1645 | |||
3181 | 1646 | This deadline may also be specified by a caller through an option | ||
3182 | 1647 | 'master_deadline' in $suppl_attrib on a call to parse(), possibly providing | ||
3183 | 1648 | a more accurate deadline taking into account past and expected future | ||
3184 | 1649 | processing of a message in a mail filtering setup. If both the config | ||
3185 | 1650 | option as well as a 'master_deadline' option in a call are provided, | ||
3186 | 1651 | the shorter time limit of the two is used (since version 3.3.2). | ||
3187 | 1652 | Note that spamd (and possibly third-party callers of SpamAssassin) will | ||
3188 | 1653 | supply the 'master_deadline' option in a call based on its --timeout-child | ||
3189 | 1654 | option (or equivalent), unlike the command line C<spamassassin>, which has | ||
3190 | 1655 | no such command line option. | ||
3191 | 1656 | |||
3192 | 1657 | When a time limit is exceeded, most of the remaining tests will be skipped, | ||
3193 | 1658 | as well as auto-learning. Whatever tests fired so far will determine the | ||
3194 | 1659 | final score. The behaviour is similar to short-circuiting with attribute 'on', | ||
3195 | 1660 | as implemented by a Shortcircuit plugin. A synthetic hit on a rule named | ||
3196 | 1661 | TIME_LIMIT_EXCEEDED with a near-zero default score is generated, so that | ||
3197 | 1662 | the report will reflect the event. A score for TIME_LIMIT_EXCEEDED may | ||
3198 | 1663 | be provided explicitly in a configuration file, for example to achieve | ||
3199 | 1664 | whitelisting or blacklisting effect for messages with long processing times. | ||
3200 | 1665 | |||
3201 | 1666 | The C<time_limit> option is a useful protection against excessive processing | ||
3202 | 1667 | time on certain degenerate or unusually long or complex mail messages, as well | ||
3203 | 1668 | as against some DoS attacks. It is also needed in time-critical pre-queue | ||
3204 | 1669 | filtering setups (e.g. milter, proxy, integration with MTA), where message | ||
3205 | 1670 | processing must finish before a SMTP client times out. RFC 5321 prescribes | ||
3206 | 1671 | in section 4.5.3.2.6 the 'DATA Termination' time limit of 10 minutes, | ||
3207 | 1672 | although it is not unusual to see some SMTP clients abort sooner on waiting | ||
3208 | 1673 | for a response. A sensible C<time_limit> for a pre-queue filtering setup is | ||
3209 | 1674 | maybe 50 seconds, assuming that clients are willing to wait at least a minute. | ||
3210 | 1675 | |||
3211 | 1676 | =cut | ||
3212 | 1677 | |||
3213 | 1678 | push (@cmds, { | ||
3214 | 1679 | setting => 'time_limit', | ||
3215 | 1680 | default => 300, | ||
3216 | 1681 | type => $CONF_TYPE_NUMERIC, | ||
3217 | 1682 | code => sub { | ||
3218 | 1683 | my ($self, $key, $value, $line) = @_; | ||
3219 | 1684 | if ($value !~ /^\d+(?:\.\d*)?$/) { return $INVALID_VALUE } | ||
3220 | 1685 | $value = 0+$value; | ||
3221 | 1686 | if ($value < 0) { return $INVALID_VALUE } | ||
3222 | 1687 | $self->{time_limit} = $value; | ||
3223 | 1688 | } | ||
3224 | 1689 | }); | ||
3225 | 1690 | |||
3226 | 1691 | =item lock_method type | ||
3227 | 1692 | |||
3228 | 1693 | Select the file-locking method used to protect database files on-disk. By | ||
3229 | 1694 | default, SpamAssassin uses an NFS-safe locking method on UNIX; however, if you | ||
3230 | 1695 | are sure that the database files you'll be using for Bayes and AWL storage will | ||
3231 | 1696 | never be accessed over NFS, a non-NFS-safe locking system can be selected. | ||
3232 | 1697 | |||
3233 | 1698 | This will be quite a bit faster, but may risk file corruption if the files are | ||
3234 | 1699 | ever accessed by multiple clients at once, and one or more of them is accessing | ||
3235 | 1700 | them through an NFS filesystem. | ||
3236 | 1701 | |||
3237 | 1702 | Note that different platforms require different locking systems. | ||
3238 | 1703 | |||
3239 | 1704 | The supported locking systems for C<type> are as follows: | ||
3240 | 1705 | |||
3241 | 1706 | =over 4 | ||
3242 | 1707 | |||
3243 | 1708 | =item I<nfssafe> - an NFS-safe locking system | ||
3244 | 1709 | |||
3245 | 1710 | =item I<flock> - simple UNIX C<flock()> locking | ||
3246 | 1711 | |||
3247 | 1712 | =item I<win32> - Win32 locking using C<sysopen (..., O_CREAT|O_EXCL)>. | ||
3248 | 1713 | |||
3249 | 1714 | =back | ||
3250 | 1715 | |||
3251 | 1716 | nfssafe and flock are only available on UNIX, and win32 is only available | ||
3252 | 1717 | on Windows. By default, SpamAssassin will choose either nfssafe or | ||
3253 | 1718 | win32 depending on the platform in use. | ||
3254 | 1719 | |||
3255 | 1720 | =cut | ||
3256 | 1721 | |||
3257 | 1722 | push (@cmds, { | ||
3258 | 1723 | setting => 'lock_method', | ||
3259 | 1724 | default => '', | ||
3260 | 1725 | type => $CONF_TYPE_STRING, | ||
3261 | 1726 | code => sub { | ||
3262 | 1727 | my ($self, $key, $value, $line) = @_; | ||
3263 | 1728 | if ($value !~ /^(nfssafe|flock|win32)$/) { | ||
3264 | 1729 | return $INVALID_VALUE; | ||
3265 | 1730 | } | ||
3266 | 1731 | |||
3267 | 1732 | $self->{lock_method} = $value; | ||
3268 | 1733 | # recreate the locker | ||
3269 | 1734 | $self->{main}->create_locker(); | ||
3270 | 1735 | } | ||
3271 | 1736 | }); | ||
3272 | 1737 | |||
3273 | 1738 | =item fold_headers ( 0 | 1 ) (default: 1) | ||
3274 | 1739 | |||
3275 | 1740 | By default, headers added by SpamAssassin will be whitespace folded. | ||
3276 | 1741 | In other words, they will be broken up into multiple lines instead of | ||
3277 | 1742 | one very long one and each continuation line will have a tabulator | ||
3278 | 1743 | prepended to mark it as a continuation of the preceding one. | ||
3279 | 1744 | |||
3280 | 1745 | The automatic wrapping can be disabled here. Note that this can generate very | ||
3281 | 1746 | long lines. RFC 2822 required that header lines do not exceed 998 characters | ||
3282 | 1747 | (not counting the final CRLF). | ||
3283 | 1748 | |||
3284 | 1749 | =cut | ||
3285 | 1750 | |||
3286 | 1751 | push (@cmds, { | ||
3287 | 1752 | setting => 'fold_headers', | ||
3288 | 1753 | default => 1, | ||
3289 | 1754 | type => $CONF_TYPE_BOOL, | ||
3290 | 1755 | }); | ||
3291 | 1756 | |||
3292 | 1757 | =item report_safe_copy_headers header_name ... | ||
3293 | 1758 | |||
3294 | 1759 | If using C<report_safe>, a few of the headers from the original message | ||
3295 | 1760 | are copied into the wrapper header (From, To, Cc, Subject, Date, etc.) | ||
3296 | 1761 | If you want to have other headers copied as well, you can add them | ||
3297 | 1762 | using this option. You can specify multiple headers on the same line, | ||
3298 | 1763 | separated by spaces, or you can just use multiple lines. | ||
3299 | 1764 | |||
3300 | 1765 | =cut | ||
3301 | 1766 | |||
3302 | 1767 | push (@cmds, { | ||
3303 | 1768 | setting => 'report_safe_copy_headers', | ||
3304 | 1769 | default => [], | ||
3305 | 1770 | type => $CONF_TYPE_STRINGLIST, | ||
3306 | 1771 | code => sub { | ||
3307 | 1772 | my ($self, $key, $value, $line) = @_; | ||
3308 | 1773 | if ($value eq '') { | ||
3309 | 1774 | return $MISSING_REQUIRED_VALUE; | ||
3310 | 1775 | } | ||
3311 | 1776 | push(@{$self->{report_safe_copy_headers}}, split(/\s+/, $value)); | ||
3312 | 1777 | } | ||
3313 | 1778 | }); | ||
3314 | 1779 | |||
3315 | 1780 | =item envelope_sender_header Name-Of-Header | ||
3316 | 1781 | |||
3317 | 1782 | SpamAssassin will attempt to discover the address used in the 'MAIL FROM:' | ||
3318 | 1783 | phase of the SMTP transaction that delivered this message, if this data has | ||
3319 | 1784 | been made available by the SMTP server. This is used in the C<EnvelopeFrom> | ||
3320 | 1785 | pseudo-header, and for various rules such as SPF checking. | ||
3321 | 1786 | |||
3322 | 1787 | By default, various MTAs will use different headers, such as the following: | ||
3323 | 1788 | |||
3324 | 1789 | X-Envelope-From | ||
3325 | 1790 | Envelope-Sender | ||
3326 | 1791 | X-Sender | ||
3327 | 1792 | Return-Path | ||
3328 | 1793 | |||
3329 | 1794 | SpamAssassin will attempt to use these, if some heuristics (such as the header | ||
3330 | 1795 | placement in the message, or the absence of fetchmail signatures) appear to | ||
3331 | 1796 | indicate that they are safe to use. However, it may choose the wrong headers | ||
3332 | 1797 | in some mailserver configurations. (More discussion of this can be found | ||
3333 | 1798 | in bug 2142 and bug 4747 in the SpamAssassin BugZilla.) | ||
3334 | 1799 | |||
3335 | 1800 | To avoid this heuristic failure, the C<envelope_sender_header> setting may be | ||
3336 | 1801 | helpful. Name the header that your MTA or MDA adds to messages containing the | ||
3337 | 1802 | address used at the MAIL FROM step of the SMTP transaction. | ||
3338 | 1803 | |||
3339 | 1804 | If the header in question contains C<E<lt>> or C<E<gt>> characters at the start | ||
3340 | 1805 | and end of the email address in the right-hand side, as in the SMTP | ||
3341 | 1806 | transaction, these will be stripped. | ||
3342 | 1807 | |||
3343 | 1808 | If the header is not found in a message, or if it's value does not contain an | ||
3344 | 1809 | C<@> sign, SpamAssassin will issue a warning in the logs and fall back to its | ||
3345 | 1810 | default heuristics. | ||
3346 | 1811 | |||
3347 | 1812 | (Note for MTA developers: we would prefer if the use of a single header be | ||
3348 | 1813 | avoided in future, since that precludes 'downstream' spam scanning. | ||
3349 | 1814 | C<http://wiki.apache.org/spamassassin/EnvelopeSenderInReceived> details a | ||
3350 | 1815 | better proposal, storing the envelope sender at each hop in the C<Received> | ||
3351 | 1816 | header.) | ||
3352 | 1817 | |||
3353 | 1818 | example: | ||
3354 | 1819 | |||
3355 | 1820 | envelope_sender_header X-SA-Exim-Mail-From | ||
3356 | 1821 | |||
3357 | 1822 | =cut | ||
3358 | 1823 | |||
3359 | 1824 | push (@cmds, { | ||
3360 | 1825 | setting => 'envelope_sender_header', | ||
3361 | 1826 | default => undef, | ||
3362 | 1827 | type => $CONF_TYPE_STRING, | ||
3363 | 1828 | }); | ||
3364 | 1829 | |||
3365 | 1830 | =item describe SYMBOLIC_TEST_NAME description ... | ||
3366 | 1831 | |||
3367 | 1832 | Used to describe a test. This text is shown to users in the detailed report. | ||
3368 | 1833 | |||
3369 | 1834 | Note that test names which begin with '__' are reserved for meta-match | ||
3370 | 1835 | sub-rules, and are not scored or listed in the 'tests hit' reports. | ||
3371 | 1836 | |||
3372 | 1837 | Also note that by convention, rule descriptions should be limited in | ||
3373 | 1838 | length to no more than 50 characters. | ||
3374 | 1839 | |||
3375 | 1840 | =cut | ||
3376 | 1841 | |||
3377 | 1842 | push (@cmds, { | ||
3378 | 1843 | command => 'describe', | ||
3379 | 1844 | setting => 'descriptions', | ||
3380 | 1845 | is_frequent => 1, | ||
3381 | 1846 | type => $CONF_TYPE_HASH_KEY_VALUE, | ||
3382 | 1847 | }); | ||
3383 | 1848 | |||
3384 | 1849 | =item report_charset CHARSET (default: unset) | ||
3385 | 1850 | |||
3386 | 1851 | Set the MIME Content-Type charset used for the text/plain report which | ||
3387 | 1852 | is attached to spam mail messages. | ||
3388 | 1853 | |||
3389 | 1854 | =cut | ||
3390 | 1855 | |||
3391 | 1856 | push (@cmds, { | ||
3392 | 1857 | setting => 'report_charset', | ||
3393 | 1858 | default => '', | ||
3394 | 1859 | type => $CONF_TYPE_STRING, | ||
3395 | 1860 | }); | ||
3396 | 1861 | |||
3397 | 1862 | =item report ...some text for a report... | ||
3398 | 1863 | |||
3399 | 1864 | Set the report template which is attached to spam mail messages. See the | ||
3400 | 1865 | C<10_default_prefs.cf> configuration file in C</usr/share/spamassassin> for an | ||
3401 | 1866 | example. | ||
3402 | 1867 | |||
3403 | 1868 | If you change this, try to keep it under 78 columns. Each C<report> | ||
3404 | 1869 | line appends to the existing template, so use C<clear_report_template> | ||
3405 | 1870 | to restart. | ||
3406 | 1871 | |||
3407 | 1872 | Tags can be included as explained above. | ||
3408 | 1873 | |||
3409 | 1874 | =cut | ||
3410 | 1875 | |||
3411 | 1876 | push (@cmds, { | ||
3412 | 1877 | command => 'report', | ||
3413 | 1878 | setting => 'report_template', | ||
3414 | 1879 | default => '', | ||
3415 | 1880 | type => $CONF_TYPE_TEMPLATE, | ||
3416 | 1881 | }); | ||
3417 | 1882 | |||
3418 | 1883 | =item clear_report_template | ||
3419 | 1884 | |||
3420 | 1885 | Clear the report template. | ||
3421 | 1886 | |||
3422 | 1887 | =cut | ||
3423 | 1888 | |||
3424 | 1889 | push (@cmds, { | ||
3425 | 1890 | command => 'clear_report_template', | ||
3426 | 1891 | setting => 'report_template', | ||
3427 | 1892 | type => $CONF_TYPE_NOARGS, | ||
3428 | 1893 | code => \&Mail::SpamAssassin::Conf::Parser::set_template_clear | ||
3429 | 1894 | }); | ||
3430 | 1895 | |||
3431 | 1896 | =item report_contact ...text of contact address... | ||
3432 | 1897 | |||
3433 | 1898 | Set what _CONTACTADDRESS_ is replaced with in the above report text. | ||
3434 | 1899 | By default, this is 'the administrator of that system', since the hostname | ||
3435 | 1900 | of the system the scanner is running on is also included. | ||
3436 | 1901 | |||
3437 | 1902 | =cut | ||
3438 | 1903 | |||
3439 | 1904 | push (@cmds, { | ||
3440 | 1905 | setting => 'report_contact', | ||
3441 | 1906 | default => 'the administrator of that system', | ||
3442 | 1907 | type => $CONF_TYPE_STRING, | ||
3443 | 1908 | }); | ||
3444 | 1909 | |||
3445 | 1910 | =item report_hostname ...hostname to use... | ||
3446 | 1911 | |||
3447 | 1912 | Set what _HOSTNAME_ is replaced with in the above report text. | ||
3448 | 1913 | By default, this is determined dynamically as whatever the host running | ||
3449 | 1914 | SpamAssassin calls itself. | ||
3450 | 1915 | |||
3451 | 1916 | =cut | ||
3452 | 1917 | |||
3453 | 1918 | push (@cmds, { | ||
3454 | 1919 | setting => 'report_hostname', | ||
3455 | 1920 | default => '', | ||
3456 | 1921 | type => $CONF_TYPE_STRING, | ||
3457 | 1922 | }); | ||
3458 | 1923 | |||
3459 | 1924 | =item unsafe_report ...some text for a report... | ||
3460 | 1925 | |||
3461 | 1926 | Set the report template which is attached to spam mail messages which contain a | ||
3462 | 1927 | non-text/plain part. See the C<10_default_prefs.cf> configuration file in | ||
3463 | 1928 | C</usr/share/spamassassin> for an example. | ||
3464 | 1929 | |||
3465 | 1930 | Each C<unsafe-report> line appends to the existing template, so use | ||
3466 | 1931 | C<clear_unsafe_report_template> to restart. | ||
3467 | 1932 | |||
3468 | 1933 | Tags can be used in this template (see above for details). | ||
3469 | 1934 | |||
3470 | 1935 | =cut | ||
3471 | 1936 | |||
3472 | 1937 | push (@cmds, { | ||
3473 | 1938 | command => 'unsafe_report', | ||
3474 | 1939 | setting => 'unsafe_report_template', | ||
3475 | 1940 | default => '', | ||
3476 | 1941 | type => $CONF_TYPE_TEMPLATE, | ||
3477 | 1942 | }); | ||
3478 | 1943 | |||
3479 | 1944 | =item clear_unsafe_report_template | ||
3480 | 1945 | |||
3481 | 1946 | Clear the unsafe_report template. | ||
3482 | 1947 | |||
3483 | 1948 | =cut | ||
3484 | 1949 | |||
3485 | 1950 | push (@cmds, { | ||
3486 | 1951 | command => 'clear_unsafe_report_template', | ||
3487 | 1952 | setting => 'unsafe_report_template', | ||
3488 | 1953 | type => $CONF_TYPE_NOARGS, | ||
3489 | 1954 | code => \&Mail::SpamAssassin::Conf::Parser::set_template_clear | ||
3490 | 1955 | }); | ||
3491 | 1956 | |||
3492 | 1957 | =back | ||
3493 | 1958 | |||
3494 | 1959 | =head1 RULE DEFINITIONS AND PRIVILEGED SETTINGS | ||
3495 | 1960 | |||
3496 | 1961 | These settings differ from the ones above, in that they are considered | ||
3497 | 1962 | 'privileged'. Only users running C<spamassassin> from their procmailrc's or | ||
3498 | 1963 | forward files, or sysadmins editing a file in C</etc/mail/spamassassin>, can | ||
3499 | 1964 | use them. C<spamd> users cannot use them in their C<user_prefs> files, for | ||
3500 | 1965 | security and efficiency reasons, unless C<allow_user_rules> is enabled (and | ||
3501 | 1966 | then, they may only add rules from below). | ||
3502 | 1967 | |||
3503 | 1968 | =over 4 | ||
3504 | 1969 | |||
3505 | 1970 | =item allow_user_rules ( 0 | 1 ) (default: 0) | ||
3506 | 1971 | |||
3507 | 1972 | This setting allows users to create rules (and only rules) in their | ||
3508 | 1973 | C<user_prefs> files for use with C<spamd>. It defaults to off, because | ||
3509 | 1974 | this could be a severe security hole. It may be possible for users to | ||
3510 | 1975 | gain root level access if C<spamd> is run as root. It is NOT a good | ||
3511 | 1976 | idea, unless you have some other way of ensuring that users' tests are | ||
3512 | 1977 | safe. Don't use this unless you are certain you know what you are | ||
3513 | 1978 | doing. Furthermore, this option causes spamassassin to recompile all | ||
3514 | 1979 | the tests each time it processes a message for a user with a rule in | ||
3515 | 1980 | his/her C<user_prefs> file, which could have a significant effect on | ||
3516 | 1981 | server load. It is not recommended. | ||
3517 | 1982 | |||
3518 | 1983 | Note that it is not currently possible to use C<allow_user_rules> to modify an | ||
3519 | 1984 | existing system rule from a C<user_prefs> file with C<spamd>. | ||
3520 | 1985 | |||
3521 | 1986 | =cut | ||
3522 | 1987 | |||
3523 | 1988 | push (@cmds, { | ||
3524 | 1989 | setting => 'allow_user_rules', | ||
3525 | 1990 | is_priv => 1, | ||
3526 | 1991 | default => 0, | ||
3527 | 1992 | type => $CONF_TYPE_BOOL, | ||
3528 | 1993 | code => sub { | ||
3529 | 1994 | my ($self, $key, $value, $line) = @_; | ||
3530 | 1995 | if ($value eq '') { | ||
3531 | 1996 | return $MISSING_REQUIRED_VALUE; | ||
3532 | 1997 | } | ||
3533 | 1998 | elsif ($value !~ /^[01]$/) { | ||
3534 | 1999 | return $INVALID_VALUE; | ||
3535 | 2000 | } | ||
3536 | 2001 | |||
3537 | 2002 | $self->{allow_user_rules} = $value+0; | ||
3538 | 2003 | dbg("config: " . ($self->{allow_user_rules} ? "allowing":"not allowing") . " user rules!"); | ||
3539 | 2004 | } | ||
3540 | 2005 | }); | ||
3541 | 2006 | |||
3542 | 2007 | =item redirector_pattern /pattern/modifiers | ||
3543 | 2008 | |||
3544 | 2009 | A regex pattern that matches both the redirector site portion, and | ||
3545 | 2010 | the target site portion of a URI. | ||
3546 | 2011 | |||
3547 | 2012 | Note: The target URI portion must be surrounded in parentheses and | ||
3548 | 2013 | no other part of the pattern may create a backreference. | ||
3549 | 2014 | |||
3550 | 2015 | Example: http://chkpt.zdnet.com/chkpt/whatever/spammer.domain/yo/dude | ||
3551 | 2016 | |||
3552 | 2017 | redirector_pattern /^https?:\/\/(?:opt\.)?chkpt\.zdnet\.com\/chkpt\/\w+\/(.*)$/i | ||
3553 | 2018 | |||
3554 | 2019 | =cut | ||
3555 | 2020 | |||
3556 | 2021 | push (@cmds, { | ||
3557 | 2022 | setting => 'redirector_pattern', | ||
3558 | 2023 | is_priv => 1, | ||
3559 | 2024 | code => sub { | ||
3560 | 2025 | my ($self, $key, $value, $line) = @_; | ||
3561 | 2026 | if ($value eq '') { | ||
3562 | 2027 | return $MISSING_REQUIRED_VALUE; | ||
3563 | 2028 | } | ||
3564 | 2029 | elsif (!$self->{parser}->is_delimited_regexp_valid("redirector_pattern", $value)) { | ||
3565 | 2030 | return $INVALID_VALUE; | ||
3566 | 2031 | } | ||
3567 | 2032 | |||
3568 | 2033 | # convert to qr// while including modifiers | ||
3569 | 2034 | local ($1,$2,$3); | ||
3570 | 2035 | $value =~ /^m?(\W)(.*)(?:\1|>|}|\)|\])(.*?)$/; | ||
3571 | 2036 | my $pattern = $2; | ||
3572 | 2037 | $pattern = "(?".$3.")".$pattern if $3; | ||
3573 | 2038 | $pattern = qr/$pattern/; | ||
3574 | 2039 | |||
3575 | 2040 | push @{$self->{main}->{conf}->{redirector_patterns}}, $pattern; | ||
3576 | 2041 | # dbg("config: adding redirector regex: " . $value); | ||
3577 | 2042 | } | ||
3578 | 2043 | }); | ||
3579 | 2044 | |||
3580 | 2045 | =item header SYMBOLIC_TEST_NAME header op /pattern/modifiers [if-unset: STRING] | ||
3581 | 2046 | |||
3582 | 2047 | Define a test. C<SYMBOLIC_TEST_NAME> is a symbolic test name, such as | ||
3583 | 2048 | 'FROM_ENDS_IN_NUMS'. C<header> is the name of a mail header field, | ||
3584 | 2049 | such as 'Subject', 'To', 'From', etc. Header field names are matched | ||
3585 | 2050 | case-insensitively (conforming to RFC 5322 section 1.2.2), except for | ||
3586 | 2051 | all-capitals metaheader fields such as ALL, MESSAGEID, ALL-TRUSTED. | ||
3587 | 2052 | |||
3588 | 2053 | Appending a modifier C<:raw> to a header field name will inhibit decoding of | ||
3589 | 2054 | quoted-printable or base-64 encoded strings, and will preserve all whitespace | ||
3590 | 2055 | inside the header string. The C<:raw> may also be applied to pseudo-headers | ||
3591 | 2056 | e.g. C<ALL:raw> will return a pristine (unmodified) header section. | ||
3592 | 2057 | |||
3593 | 2058 | Appending a modifier C<:addr> to a header field name will cause everything | ||
3594 | 2059 | except the first email address to be removed from the header field. It is | ||
3595 | 2060 | mainly applicable to header fields 'From', 'Sender', 'To', 'Cc' along with | ||
3596 | 2061 | their 'Resent-*' counterparts, and the 'Return-Path'. | ||
3597 | 2062 | |||
3598 | 2063 | Appending a modifier C<:name> to a header field name will cause everything | ||
3599 | 2064 | except the first display name to be removed from the header field. It is | ||
3600 | 2065 | mainly applicable to header fields 'From' and 'Resent-From'. | ||
3601 | 2066 | |||
3602 | 2067 | It is syntactically permitted to append more than one modifier to a header | ||
3603 | 2068 | field name, although currently most combinations achieve no additional effect, | ||
3604 | 2069 | for example C<From:addr:raw> or C<From:raw:addr> is currently the same as | ||
3605 | 2070 | C<From:addr> . | ||
3606 | 2071 | |||
3607 | 2072 | =over 4 | ||
3608 | 2073 | |||
3609 | 2074 | =item example@foo | ||
3610 | 2075 | |||
3611 | 2076 | =item example@foo (Foo Blah) | ||
3612 | 2077 | |||
3613 | 2078 | =item example@foo, example@bar | ||
3614 | 2079 | |||
3615 | 2080 | =item display: example@foo (Foo Blah), example@bar ; | ||
3616 | 2081 | |||
3617 | 2082 | =item Foo Blah <example@foo> | ||
3618 | 2083 | |||
3619 | 2084 | =item "Foo Blah" <example@foo> | ||
3620 | 2085 | |||
3621 | 2086 | =item "'Foo Blah'" <example@foo> | ||
3622 | 2087 | |||
3623 | 2088 | =back | ||
3624 | 2089 | |||
3625 | 2090 | Appending C<:name> to the header name will cause everything except | ||
3626 | 2091 | the first real name to be removed from the header. For example, | ||
3627 | 2092 | all of the following will result in "Foo Blah" | ||
3628 | 2093 | |||
3629 | 2094 | =over 4 | ||
3630 | 2095 | |||
3631 | 2096 | =item example@foo (Foo Blah) | ||
3632 | 2097 | |||
3633 | 2098 | =item example@foo (Foo Blah), example@bar | ||
3634 | 2099 | |||
3635 | 2100 | =item display: example@foo (Foo Blah), example@bar ; | ||
3636 | 2101 | |||
3637 | 2102 | =item Foo Blah <example@foo> | ||
3638 | 2103 | |||
3639 | 2104 | =item "Foo Blah" <example@foo> | ||
3640 | 2105 | |||
3641 | 2106 | =item "'Foo Blah'" <example@foo> | ||
3642 | 2107 | |||
3643 | 2108 | =back | ||
3644 | 2109 | |||
3645 | 2110 | There are several special pseudo-headers that can be specified: | ||
3646 | 2111 | |||
3647 | 2112 | =over 4 | ||
3648 | 2113 | |||
3649 | 2114 | =item C<ALL> can be used to mean the text of all the message's headers. | ||
3650 | 2115 | Note that all whitespace inside the headers, at line folds, is currently | ||
3651 | 2116 | compressed into a single space (' ') character. To obtain a pristine | ||
3652 | 2117 | (unmodified) header section, use C<ALL:raw> - the :raw modifier is documented | ||
3653 | 2118 | above. | ||
3654 | 2119 | |||
3655 | 2120 | =item C<ToCc> can be used to mean the contents of both the 'To' and 'Cc' | ||
3656 | 2121 | headers. | ||
3657 | 2122 | |||
3658 | 2123 | =item C<EnvelopeFrom> is the address used in the 'MAIL FROM:' phase of the SMTP | ||
3659 | 2124 | transaction that delivered this message, if this data has been made available | ||
3660 | 2125 | by the SMTP server. See C<envelope_sender_header> for more information | ||
3661 | 2126 | on how to set this. | ||
3662 | 2127 | |||
3663 | 2128 | =item C<MESSAGEID> is a symbol meaning all Message-Id's found in the message; | ||
3664 | 2129 | some mailing list software moves the real 'Message-Id' to 'Resent-Message-Id' | ||
3665 | 2130 | or to 'X-Message-Id', then uses its own one in the 'Message-Id' header. | ||
3666 | 2131 | The value returned for this symbol is the text from all 3 headers, separated | ||
3667 | 2132 | by newlines. | ||
3668 | 2133 | |||
3669 | 2134 | =item C<X-Spam-Relays-Untrusted>, C<X-Spam-Relays-Trusted>, | ||
3670 | 2135 | C<X-Spam-Relays-Internal> and C<X-Spam-Relays-External> represent a portable, | ||
3671 | 2136 | pre-parsed representation of the message's network path, as recorded in the | ||
3672 | 2137 | Received headers, divided into 'trusted' vs 'untrusted' and 'internal' vs | ||
3673 | 2138 | 'external' sets. See C<http://wiki.apache.org/spamassassin/TrustedRelays> for | ||
3674 | 2139 | more details. | ||
3675 | 2140 | |||
3676 | 2141 | =back | ||
3677 | 2142 | |||
3678 | 2143 | C<op> is either C<=~> (contains regular expression) or C<!~> (does not contain | ||
3679 | 2144 | regular expression), and C<pattern> is a valid Perl regular expression, with | ||
3680 | 2145 | C<modifiers> as regexp modifiers in the usual style. Note that multi-line | ||
3681 | 2146 | rules are not supported, even if you use C<x> as a modifier. Also note that | ||
3682 | 2147 | the C<#> character must be escaped (C<\#>) or else it will be considered to be | ||
3683 | 2148 | the start of a comment and not part of the regexp. | ||
3684 | 2149 | |||
3685 | 2150 | If the C<[if-unset: STRING]> tag is present, then C<STRING> will | ||
3686 | 2151 | be used if the header is not found in the mail message. | ||
3687 | 2152 | |||
3688 | 2153 | Test names must not start with a number, and must contain only | ||
3689 | 2154 | alphanumerics and underscores. It is suggested that lower-case characters | ||
3690 | 2155 | not be used, and names have a length of no more than 22 characters, | ||
3691 | 2156 | as an informal convention. Dashes are not allowed. | ||
3692 | 2157 | |||
3693 | 2158 | Note that test names which begin with '__' are reserved for meta-match | ||
3694 | 2159 | sub-rules, and are not scored or listed in the 'tests hit' reports. | ||
3695 | 2160 | Test names which begin with 'T_' are reserved for tests which are | ||
3696 | 2161 | undergoing QA, and these are given a very low score. | ||
3697 | 2162 | |||
3698 | 2163 | If you add or modify a test, please be sure to run a sanity check afterwards | ||
3699 | 2164 | by running C<spamassassin --lint>. This will avoid confusing error | ||
3700 | 2165 | messages, or other tests being skipped as a side-effect. | ||
3701 | 2166 | |||
3702 | 2167 | =item header SYMBOLIC_TEST_NAME exists:name_of_header | ||
3703 | 2168 | |||
3704 | 2169 | Define a header existence test. C<name_of_header> is the name of a | ||
3705 | 2170 | header field to test for existence. This is just a very simple version | ||
3706 | 2171 | of the above header tests. | ||
3707 | 2172 | |||
3708 | 2173 | =item header SYMBOLIC_TEST_NAME eval:name_of_eval_method([arguments]) | ||
3709 | 2174 | |||
3710 | 2175 | Define a header eval test. C<name_of_eval_method> is the name of | ||
3711 | 2176 | a method on the C<Mail::SpamAssassin::EvalTests> object. C<arguments> | ||
3712 | 2177 | are optional arguments to the function call. | ||
3713 | 2178 | |||
3714 | 2179 | =item header SYMBOLIC_TEST_NAME eval:check_rbl('set', 'zone' [, 'sub-test']) | ||
3715 | 2180 | |||
3716 | 2181 | Check a DNSBL (a DNS blacklist or whitelist). This will retrieve Received: | ||
3717 | 2182 | headers from the message, extract the IP addresses, select which ones are | ||
3718 | 2183 | 'untrusted' based on the C<trusted_networks> logic, and query that DNSBL | ||
3719 | 2184 | zone. There's a few things to note: | ||
3720 | 2185 | |||
3721 | 2186 | =over 4 | ||
3722 | 2187 | |||
3723 | 2188 | =item duplicated or private IPs | ||
3724 | 2189 | |||
3725 | 2190 | Duplicated IPs are only queried once and reserved IPs are not queried. | ||
3726 | 2191 | Private IPs are those listed in | ||
3727 | 2192 | <http://www.iana.org/assignments/ipv4-address-space>, | ||
3728 | 2193 | <http://duxcw.com/faq/network/privip.htm>, | ||
3729 | 2194 | <http://duxcw.com/faq/network/autoip.htm>, or | ||
3730 | 2195 | <ftp://ftp.rfc-editor.org/in-notes/rfc3330.txt> as private. | ||
3731 | 2196 | |||
3732 | 2197 | =item the 'set' argument | ||
3733 | 2198 | |||
3734 | 2199 | This is used as a 'zone ID'. If you want to look up a multiple-meaning zone | ||
3735 | 2200 | like NJABL or SORBS, you can then query the results from that zone using it; | ||
3736 | 2201 | but all check_rbl_sub() calls must use that zone ID. | ||
3737 | 2202 | |||
3738 | 2203 | Also, if more than one IP address gets a DNSBL hit for a particular rule, it | ||
3739 | 2204 | does not affect the score because rules only trigger once per message. | ||
3740 | 2205 | |||
3741 | 2206 | =item the 'zone' argument | ||
3742 | 2207 | |||
3743 | 2208 | This is the root zone of the DNSBL, ending in a period. | ||
3744 | 2209 | |||
3745 | 2210 | =item the 'sub-test' argument | ||
3746 | 2211 | |||
3747 | 2212 | This optional argument behaves the same as the sub-test argument in | ||
3748 | 2213 | C<check_rbl_sub()> below. | ||
3749 | 2214 | |||
3750 | 2215 | =item selecting all IPs except for the originating one | ||
3751 | 2216 | |||
3752 | 2217 | This is accomplished by placing '-notfirsthop' at the end of the set name. | ||
3753 | 2218 | This is useful for querying against DNS lists which list dialup IP | ||
3754 | 2219 | addresses; the first hop may be a dialup, but as long as there is at least | ||
3755 | 2220 | one more hop, via their outgoing SMTP server, that's legitimate, and so | ||
3756 | 2221 | should not gain points. If there is only one hop, that will be queried | ||
3757 | 2222 | anyway, as it should be relaying via its outgoing SMTP server instead of | ||
3758 | 2223 | sending directly to your MX (mail exchange). | ||
3759 | 2224 | |||
3760 | 2225 | =item selecting IPs by whether they are trusted | ||
3761 | 2226 | |||
3762 | 2227 | When checking a 'nice' DNSBL (a DNS whitelist), you cannot trust the IP | ||
3763 | 2228 | addresses in Received headers that were not added by trusted relays. To | ||
3764 | 2229 | test the first IP address that can be trusted, place '-firsttrusted' at the | ||
3765 | 2230 | end of the set name. That should test the IP address of the relay that | ||
3766 | 2231 | connected to the most remote trusted relay. | ||
3767 | 2232 | |||
3768 | 2233 | Note that this requires that SpamAssassin know which relays are trusted. For | ||
3769 | 2234 | simple cases, SpamAssassin can make a good estimate. For complex cases, you | ||
3770 | 2235 | may get better results by setting C<trusted_networks> manually. | ||
3771 | 2236 | |||
3772 | 2237 | In addition, you can test all untrusted IP addresses by placing '-untrusted' | ||
3773 | 2238 | at the end of the set name. Important note -- this does NOT include the | ||
3774 | 2239 | IP address from the most recent 'untrusted line', as used in '-firsttrusted' | ||
3775 | 2240 | above. That's because we're talking about the trustworthiness of the | ||
3776 | 2241 | IP address data, not the source header line, here; and in the case of | ||
3777 | 2242 | the most recent header (the 'firsttrusted'), that data can be trusted. | ||
3778 | 2243 | See the Wiki page at C<http://wiki.apache.org/spamassassin/TrustedRelays> | ||
3779 | 2244 | for more information on this. | ||
3780 | 2245 | |||
3781 | 2246 | =item Selecting just the last external IP | ||
3782 | 2247 | |||
3783 | 2248 | By using '-lastexternal' at the end of the set name, you can select only | ||
3784 | 2249 | the external host that connected to your internal network, or at least | ||
3785 | 2250 | the last external host with a public IP. | ||
3786 | 2251 | |||
3787 | 2252 | =back | ||
3788 | 2253 | |||
3789 | 2254 | =item header SYMBOLIC_TEST_NAME eval:check_rbl_txt('set', 'zone') | ||
3790 | 2255 | |||
3791 | 2256 | Same as check_rbl(), except querying using IN TXT instead of IN A records. | ||
3792 | 2257 | If the zone supports it, it will result in a line of text describing | ||
3793 | 2258 | why the IP is listed, typically a hyperlink to a database entry. | ||
3794 | 2259 | |||
3795 | 2260 | =item header SYMBOLIC_TEST_NAME eval:check_rbl_sub('set', 'sub-test') | ||
3796 | 2261 | |||
3797 | 2262 | Create a sub-test for 'set'. If you want to look up a multi-meaning zone | ||
3798 | 2263 | like relays.osirusoft.com, you can then query the results from that zone | ||
3799 | 2264 | using the zone ID from the original query. The sub-test may either be an | ||
3800 | 2265 | IPv4 dotted address for RBLs that return multiple A records or a | ||
3801 | 2266 | non-negative decimal number to specify a bitmask for RBLs that return a | ||
3802 | 2267 | single A record containing a bitmask of results, a SenderBase test | ||
3803 | 2268 | beginning with "sb:", or (if none of the preceding options seem to fit) a | ||
3804 | 2269 | regular expression. | ||
3805 | 2270 | |||
3806 | 2271 | Note: the set name must be exactly the same for as the main query rule, | ||
3807 | 2272 | including selections like '-notfirsthop' appearing at the end of the set | ||
3808 | 2273 | name. | ||
3809 | 2274 | |||
3810 | 2275 | =cut | ||
3811 | 2276 | |||
3812 | 2277 | push (@cmds, { | ||
3813 | 2278 | setting => 'header', | ||
3814 | 2279 | is_frequent => 1, | ||
3815 | 2280 | is_priv => 1, | ||
3816 | 2281 | code => sub { | ||
3817 | 2282 | my ($self, $key, $value, $line) = @_; | ||
3818 | 2283 | local ($1,$2); | ||
3819 | 2284 | if ($value =~ /^(\S+)\s+(?:rbl)?eval:(.*)$/) { | ||
3820 | 2285 | my ($name, $fn) = ($1, $2); | ||
3821 | 2286 | |||
3822 | 2287 | if ($fn =~ /^check_(?:rbl|dns)/) { | ||
3823 | 2288 | $self->{parser}->add_test ($name, $fn, $TYPE_RBL_EVALS); | ||
3824 | 2289 | } | ||
3825 | 2290 | else { | ||
3826 | 2291 | $self->{parser}->add_test ($name, $fn, $TYPE_HEAD_EVALS); | ||
3827 | 2292 | } | ||
3828 | 2293 | } | ||
3829 | 2294 | elsif ($value =~ /^(\S+)\s+exists:([!-9;-\176]+)$/) { | ||
3830 | 2295 | # RFC 5322 section 3.6.8, ftext printable US-ASCII ch not including ":" | ||
3831 | 2296 | $self->{parser}->add_test ($1, "defined($2)", $TYPE_HEAD_TESTS); | ||
3832 | 2297 | $self->{descriptions}->{$1} = "Found a $2 header"; | ||
3833 | 2298 | } | ||
3834 | 2299 | else { | ||
3835 | 2300 | my @values = split(/\s+/, $value, 2); | ||
3836 | 2301 | if (@values != 2) { | ||
3837 | 2302 | return $MISSING_REQUIRED_VALUE; | ||
3838 | 2303 | } | ||
3839 | 2304 | $self->{parser}->add_test (@values, $TYPE_HEAD_TESTS); | ||
3840 | 2305 | } | ||
3841 | 2306 | } | ||
3842 | 2307 | }); | ||
3843 | 2308 | |||
3844 | 2309 | =item body SYMBOLIC_TEST_NAME /pattern/modifiers | ||
3845 | 2310 | |||
3846 | 2311 | Define a body pattern test. C<pattern> is a Perl regular expression. Note: | ||
3847 | 2312 | as per the header tests, C<#> must be escaped (C<\#>) or else it is considered | ||
3848 | 2313 | the beginning of a comment. | ||
3849 | 2314 | |||
3850 | 2315 | The 'body' in this case is the textual parts of the message body; | ||
3851 | 2316 | any non-text MIME parts are stripped, and the message decoded from | ||
3852 | 2317 | Quoted-Printable or Base-64-encoded format if necessary. The message | ||
3853 | 2318 | Subject header is considered part of the body and becomes the first | ||
3854 | 2319 | paragraph when running the rules. All HTML tags and line breaks will | ||
3855 | 2320 | be removed before matching. | ||
3856 | 2321 | |||
3857 | 2322 | =item body SYMBOLIC_TEST_NAME eval:name_of_eval_method([args]) | ||
3858 | 2323 | |||
3859 | 2324 | Define a body eval test. See above. | ||
3860 | 2325 | |||
3861 | 2326 | =cut | ||
3862 | 2327 | |||
3863 | 2328 | push (@cmds, { | ||
3864 | 2329 | setting => 'body', | ||
3865 | 2330 | is_frequent => 1, | ||
3866 | 2331 | is_priv => 1, | ||
3867 | 2332 | code => sub { | ||
3868 | 2333 | my ($self, $key, $value, $line) = @_; | ||
3869 | 2334 | local ($1,$2); | ||
3870 | 2335 | if ($value =~ /^(\S+)\s+eval:(.*)$/) { | ||
3871 | 2336 | $self->{parser}->add_test ($1, $2, $TYPE_BODY_EVALS); | ||
3872 | 2337 | } | ||
3873 | 2338 | else { | ||
3874 | 2339 | my @values = split(/\s+/, $value, 2); | ||
3875 | 2340 | if (@values != 2) { | ||
3876 | 2341 | return $MISSING_REQUIRED_VALUE; | ||
3877 | 2342 | } | ||
3878 | 2343 | $self->{parser}->add_test (@values, $TYPE_BODY_TESTS); | ||
3879 | 2344 | } | ||
3880 | 2345 | } | ||
3881 | 2346 | }); | ||
3882 | 2347 | |||
3883 | 2348 | =item uri SYMBOLIC_TEST_NAME /pattern/modifiers | ||
3884 | 2349 | |||
3885 | 2350 | Define a uri pattern test. C<pattern> is a Perl regular expression. Note: as | ||
3886 | 2351 | per the header tests, C<#> must be escaped (C<\#>) or else it is considered | ||
3887 | 2352 | the beginning of a comment. | ||
3888 | 2353 | |||
3889 | 2354 | The 'uri' in this case is a list of all the URIs in the body of the email, | ||
3890 | 2355 | and the test will be run on each and every one of those URIs, adjusting the | ||
3891 | 2356 | score if a match is found. Use this test instead of one of the body tests | ||
3892 | 2357 | when you need to match a URI, as it is more accurately bound to the start/end | ||
3893 | 2358 | points of the URI, and will also be faster. | ||
3894 | 2359 | |||
3895 | 2360 | =cut | ||
3896 | 2361 | |||
3897 | 2362 | # we don't do URI evals yet - maybe later | ||
3898 | 2363 | # if (/^uri\s+(\S+)\s+eval:(.*)$/) { | ||
3899 | 2364 | # $self->{parser}->add_test ($1, $2, $TYPE_URI_EVALS); | ||
3900 | 2365 | # next; | ||
3901 | 2366 | # } | ||
3902 | 2367 | push (@cmds, { | ||
3903 | 2368 | setting => 'uri', | ||
3904 | 2369 | is_priv => 1, | ||
3905 | 2370 | code => sub { | ||
3906 | 2371 | my ($self, $key, $value, $line) = @_; | ||
3907 | 2372 | my @values = split(/\s+/, $value, 2); | ||
3908 | 2373 | if (@values != 2) { | ||
3909 | 2374 | return $MISSING_REQUIRED_VALUE; | ||
3910 | 2375 | } | ||
3911 | 2376 | $self->{parser}->add_test (@values, $TYPE_URI_TESTS); | ||
3912 | 2377 | } | ||
3913 | 2378 | }); | ||
3914 | 2379 | |||
3915 | 2380 | =item rawbody SYMBOLIC_TEST_NAME /pattern/modifiers | ||
3916 | 2381 | |||
3917 | 2382 | Define a raw-body pattern test. C<pattern> is a Perl regular expression. | ||
3918 | 2383 | Note: as per the header tests, C<#> must be escaped (C<\#>) or else it is | ||
3919 | 2384 | considered the beginning of a comment. | ||
3920 | 2385 | |||
3921 | 2386 | The 'raw body' of a message is the raw data inside all textual parts. The | ||
3922 | 2387 | text will be decoded from base64 or quoted-printable encoding, but HTML | ||
3923 | 2388 | tags and line breaks will still be present. Multiline expressions will | ||
3924 | 2389 | need to be used to match strings that are broken by line breaks. | ||
3925 | 2390 | |||
3926 | 2391 | =item rawbody SYMBOLIC_TEST_NAME eval:name_of_eval_method([args]) | ||
3927 | 2392 | |||
3928 | 2393 | Define a raw-body eval test. See above. | ||
3929 | 2394 | |||
3930 | 2395 | =cut | ||
3931 | 2396 | |||
3932 | 2397 | push (@cmds, { | ||
3933 | 2398 | setting => 'rawbody', | ||
3934 | 2399 | is_frequent => 1, | ||
3935 | 2400 | is_priv => 1, | ||
3936 | 2401 | code => sub { | ||
3937 | 2402 | my ($self, $key, $value, $line) = @_; | ||
3938 | 2403 | local ($1,$2); | ||
3939 | 2404 | if ($value =~ /^(\S+)\s+eval:(.*)$/) { | ||
3940 | 2405 | $self->{parser}->add_test ($1, $2, $TYPE_RAWBODY_EVALS); | ||
3941 | 2406 | } else { | ||
3942 | 2407 | my @values = split(/\s+/, $value, 2); | ||
3943 | 2408 | if (@values != 2) { | ||
3944 | 2409 | return $MISSING_REQUIRED_VALUE; | ||
3945 | 2410 | } | ||
3946 | 2411 | $self->{parser}->add_test (@values, $TYPE_RAWBODY_TESTS); | ||
3947 | 2412 | } | ||
3948 | 2413 | } | ||
3949 | 2414 | }); | ||
3950 | 2415 | |||
3951 | 2416 | =item full SYMBOLIC_TEST_NAME /pattern/modifiers | ||
3952 | 2417 | |||
3953 | 2418 | Define a full message pattern test. C<pattern> is a Perl regular expression. | ||
3954 | 2419 | Note: as per the header tests, C<#> must be escaped (C<\#>) or else it is | ||
3955 | 2420 | considered the beginning of a comment. | ||
3956 | 2421 | |||
3957 | 2422 | The full message is the pristine message headers plus the pristine message | ||
3958 | 2423 | body, including all MIME data such as images, other attachments, MIME | ||
3959 | 2424 | boundaries, etc. | ||
3960 | 2425 | |||
3961 | 2426 | =item full SYMBOLIC_TEST_NAME eval:name_of_eval_method([args]) | ||
3962 | 2427 | |||
3963 | 2428 | Define a full message eval test. See above. | ||
3964 | 2429 | |||
3965 | 2430 | =cut | ||
3966 | 2431 | |||
3967 | 2432 | push (@cmds, { | ||
3968 | 2433 | setting => 'full', | ||
3969 | 2434 | is_priv => 1, | ||
3970 | 2435 | code => sub { | ||
3971 | 2436 | my ($self, $key, $value, $line) = @_; | ||
3972 | 2437 | local ($1,$2); | ||
3973 | 2438 | if ($value =~ /^(\S+)\s+eval:(.*)$/) { | ||
3974 | 2439 | $self->{parser}->add_test ($1, $2, $TYPE_FULL_EVALS); | ||
3975 | 2440 | } else { | ||
3976 | 2441 | my @values = split(/\s+/, $value, 2); | ||
3977 | 2442 | if (@values != 2) { | ||
3978 | 2443 | return $MISSING_REQUIRED_VALUE; | ||
3979 | 2444 | } | ||
3980 | 2445 | $self->{parser}->add_test (@values, $TYPE_FULL_TESTS); | ||
3981 | 2446 | } | ||
3982 | 2447 | } | ||
3983 | 2448 | }); | ||
3984 | 2449 | |||
3985 | 2450 | =item meta SYMBOLIC_TEST_NAME boolean expression | ||
3986 | 2451 | |||
3987 | 2452 | Define a boolean expression test in terms of other tests that have | ||
3988 | 2453 | been hit or not hit. For example: | ||
3989 | 2454 | |||
3990 | 2455 | meta META1 TEST1 && !(TEST2 || TEST3) | ||
3991 | 2456 | |||
3992 | 2457 | Note that English language operators ("and", "or") will be treated as | ||
3993 | 2458 | rule names, and that there is no C<XOR> operator. | ||
3994 | 2459 | |||
3995 | 2460 | =item meta SYMBOLIC_TEST_NAME boolean arithmetic expression | ||
3996 | 2461 | |||
3997 | 2462 | Can also define an arithmetic expression in terms of other tests, | ||
3998 | 2463 | with an unhit test having the value "0" and a hit test having a | ||
3999 | 2464 | nonzero value. The value of a hit meta test is that of its arithmetic | ||
4000 | 2465 | expression. The value of a hit eval test is that returned by its | ||
4001 | 2466 | method. The value of a hit header, body, rawbody, uri, or full test | ||
4002 | 2467 | which has the "multiple" tflag is the number of times the test hit. | ||
4003 | 2468 | The value of any other type of hit test is "1". | ||
4004 | 2469 | |||
4005 | 2470 | For example: | ||
4006 | 2471 | |||
4007 | 2472 | meta META2 (3 * TEST1 - 2 * TEST2) > 0 | ||
4008 | 2473 | |||
4009 | 2474 | Note that Perl builtins and functions, like C<abs()>, B<can't> be | ||
4010 | 2475 | used, and will be treated as rule names. | ||
4011 | 2476 | |||
4012 | 2477 | If you want to define a meta-rule, but do not want its individual sub-rules to | ||
4013 | 2478 | count towards the final score unless the entire meta-rule matches, give the | ||
4014 | 2479 | sub-rules names that start with '__' (two underscores). SpamAssassin will | ||
4015 | 2480 | ignore these for scoring. | ||
4016 | 2481 | |||
4017 | 2482 | =cut | ||
4018 | 2483 | |||
4019 | 2484 | push (@cmds, { | ||
4020 | 2485 | setting => 'meta', | ||
4021 | 2486 | is_frequent => 1, | ||
4022 | 2487 | is_priv => 1, | ||
4023 | 2488 | code => sub { | ||
4024 | 2489 | my ($self, $key, $value, $line) = @_; | ||
4025 | 2490 | my @values = split(/\s+/, $value, 2); | ||
4026 | 2491 | if (@values != 2) { | ||
4027 | 2492 | return $MISSING_REQUIRED_VALUE; | ||
4028 | 2493 | } | ||
4029 | 2494 | if ($values[1] =~ /\*\s*\*/) { | ||
4030 | 2495 | info("config: found invalid '**' or '* *' operator in meta command"); | ||
4031 | 2496 | return $INVALID_VALUE; | ||
4032 | 2497 | } | ||
4033 | 2498 | $self->{parser}->add_test (@values, $TYPE_META_TESTS); | ||
4034 | 2499 | } | ||
4035 | 2500 | }); | ||
4036 | 2501 | |||
4037 | 2502 | =item reuse SYMBOLIC_TEST_NAME [ OLD_SYMBOLIC_TEST_NAME_1 ... ] | ||
4038 | 2503 | |||
4039 | 2504 | Defines the name of a test that should be "reused" during the scoring | ||
4040 | 2505 | process. If a message has an X-Spam-Status header that shows a hit for | ||
4041 | 2506 | this rule or any of the old rule names given, a hit will be added for | ||
4042 | 2507 | this rule when B<mass-check --reuse> is used. Examples: | ||
4043 | 2508 | |||
4044 | 2509 | C<reuse SPF_PASS> | ||
4045 | 2510 | |||
4046 | 2511 | C<reuse MY_NET_RULE_V2 MY_NET_RULE_V1> | ||
4047 | 2512 | |||
4048 | 2513 | The actual logic for reuse tests is done by | ||
4049 | 2514 | B<Mail::SpamAssassin::Plugin::Reuse>. | ||
4050 | 2515 | |||
4051 | 2516 | =cut | ||
4052 | 2517 | |||
4053 | 2518 | push (@cmds, { | ||
4054 | 2519 | setting => 'reuse', | ||
4055 | 2520 | is_priv => 1, | ||
4056 | 2521 | code => sub { | ||
4057 | 2522 | my ($self, $key, $value, $line) = @_; | ||
4058 | 2523 | if ($value !~ /\s*(\w+)(?:\s+(?:\w+(?:\s+\w+)*))?\s*$/) { | ||
4059 | 2524 | return $INVALID_VALUE; | ||
4060 | 2525 | } | ||
4061 | 2526 | my $rule_name = $1; | ||
4062 | 2527 | # don't overwrite tests, just define them so scores, priorities work | ||
4063 | 2528 | if (!exists $self->{tests}->{$rule_name}) { | ||
4064 | 2529 | $self->{parser}->add_test($rule_name, undef, $TYPE_EMPTY_TESTS); | ||
4065 | 2530 | } | ||
4066 | 2531 | } | ||
4067 | 2532 | }); | ||
4068 | 2533 | |||
4069 | 2534 | =item tflags SYMBOLIC_TEST_NAME [ {net|nice|learn|userconf|noautolearn|multiple} ] | ||
4070 | 2535 | |||
4071 | 2536 | Used to set flags on a test. These flags are used in the | ||
4072 | 2537 | score-determination back end system for details of the test's | ||
4073 | 2538 | behaviour. Please see C<bayes_auto_learn> for more information | ||
4074 | 2539 | about tflag interaction with those systems. The following flags | ||
4075 | 2540 | can be set: | ||
4076 | 2541 | |||
4077 | 2542 | =over 4 | ||
4078 | 2543 | |||
4079 | 2544 | =item net | ||
4080 | 2545 | |||
4081 | 2546 | The test is a network test, and will not be run in the mass checking system | ||
4082 | 2547 | or if B<-L> is used, therefore its score should not be modified. | ||
4083 | 2548 | |||
4084 | 2549 | =item nice | ||
4085 | 2550 | |||
4086 | 2551 | The test is intended to compensate for common false positives, and should be | ||
4087 | 2552 | assigned a negative score. | ||
4088 | 2553 | |||
4089 | 2554 | =item userconf | ||
4090 | 2555 | |||
4091 | 2556 | The test requires user configuration before it can be used (like language- | ||
4092 | 2557 | specific tests). | ||
4093 | 2558 | |||
4094 | 2559 | =item learn | ||
4095 | 2560 | |||
4096 | 2561 | The test requires training before it can be used. | ||
4097 | 2562 | |||
4098 | 2563 | =item noautolearn | ||
4099 | 2564 | |||
4100 | 2565 | The test will explicitly be ignored when calculating the score for | ||
4101 | 2566 | learning systems. | ||
4102 | 2567 | |||
4103 | 2568 | =item multiple | ||
4104 | 2569 | |||
4105 | 2570 | The test will be evaluated multiple times, for use with meta rules. | ||
4106 | 2571 | Only affects header, body, rawbody, uri, and full tests. | ||
4107 | 2572 | |||
4108 | 2573 | =back | ||
4109 | 2574 | |||
4110 | 2575 | =cut | ||
4111 | 2576 | |||
4112 | 2577 | push (@cmds, { | ||
4113 | 2578 | setting => 'tflags', | ||
4114 | 2579 | is_frequent => 1, | ||
4115 | 2580 | is_priv => 1, | ||
4116 | 2581 | type => $CONF_TYPE_HASH_KEY_VALUE, | ||
4117 | 2582 | }); | ||
4118 | 2583 | |||
4119 | 2584 | =item priority SYMBOLIC_TEST_NAME n | ||
4120 | 2585 | |||
4121 | 2586 | Assign a specific priority to a test. All tests, except for DNS and Meta | ||
4122 | 2587 | tests, are run in increasing priority value order (negative priority values | ||
4123 | 2588 | are run before positive priority values). The default test priority is 0 | ||
4124 | 2589 | (zero). | ||
4125 | 2590 | |||
4126 | 2591 | The values <-99999999999999> and <-99999999999998> have a special meaning | ||
4127 | 2592 | internally, and should not be used. | ||
4128 | 2593 | |||
4129 | 2594 | =cut | ||
4130 | 2595 | |||
4131 | 2596 | push (@cmds, { | ||
4132 | 2597 | setting => 'priority', | ||
4133 | 2598 | is_priv => 1, | ||
4134 | 2599 | type => $CONF_TYPE_HASH_KEY_VALUE, | ||
4135 | 2600 | }); | ||
4136 | 2601 | |||
4137 | 2602 | =back | ||
4138 | 2603 | |||
4139 | 2604 | =head1 ADMINISTRATOR SETTINGS | ||
4140 | 2605 | |||
4141 | 2606 | These settings differ from the ones above, in that they are considered 'more | ||
4142 | 2607 | privileged' -- even more than the ones in the B<PRIVILEGED SETTINGS> section. | ||
4143 | 2608 | No matter what C<allow_user_rules> is set to, these can never be set from a | ||
4144 | 2609 | user's C<user_prefs> file when spamc/spamd is being used. However, all | ||
4145 | 2610 | settings can be used by local programs run directly by the user. | ||
4146 | 2611 | |||
4147 | 2612 | =over 4 | ||
4148 | 2613 | |||
4149 | 2614 | =item version_tag string | ||
4150 | 2615 | |||
4151 | 2616 | This tag is appended to the SA version in the X-Spam-Status header. You should | ||
4152 | 2617 | include it when modify your ruleset, especially if you plan to distribute it. | ||
4153 | 2618 | A good choice for I<string> is your last name or your initials followed by a | ||
4154 | 2619 | number which you increase with each change. | ||
4155 | 2620 | |||
4156 | 2621 | The version_tag will be lowercased, and any non-alphanumeric or period | ||
4157 | 2622 | character will be replaced by an underscore. | ||
4158 | 2623 | |||
4159 | 2624 | e.g. | ||
4160 | 2625 | |||
4161 | 2626 | version_tag myrules1 # version=2.41-myrules1 | ||
4162 | 2627 | |||
4163 | 2628 | =cut | ||
4164 | 2629 | |||
4165 | 2630 | push (@cmds, { | ||
4166 | 2631 | setting => 'version_tag', | ||
4167 | 2632 | is_admin => 1, | ||
4168 | 2633 | code => sub { | ||
4169 | 2634 | my ($self, $key, $value, $line) = @_; | ||
4170 | 2635 | if ($value eq '') { | ||
4171 | 2636 | return $MISSING_REQUIRED_VALUE; | ||
4172 | 2637 | } | ||
4173 | 2638 | my $tag = lc($value); | ||
4174 | 2639 | $tag =~ tr/a-z0-9./_/c; | ||
4175 | 2640 | foreach (@Mail::SpamAssassin::EXTRA_VERSION) { | ||
4176 | 2641 | if($_ eq $tag) { $tag = undef; last; } | ||
4177 | 2642 | } | ||
4178 | 2643 | push(@Mail::SpamAssassin::EXTRA_VERSION, $tag) if($tag); | ||
4179 | 2644 | } | ||
4180 | 2645 | }); | ||
4181 | 2646 | |||
4182 | 2647 | =item test SYMBOLIC_TEST_NAME (ok|fail) Some string to test against | ||
4183 | 2648 | |||
4184 | 2649 | Define a regression testing string. You can have more than one regression test | ||
4185 | 2650 | string per symbolic test name. Simply specify a string that you wish the test | ||
4186 | 2651 | to match. | ||
4187 | 2652 | |||
4188 | 2653 | These tests are only run as part of the test suite - they should not affect the | ||
4189 | 2654 | general running of SpamAssassin. | ||
4190 | 2655 | |||
4191 | 2656 | =cut | ||
4192 | 2657 | |||
4193 | 2658 | push (@cmds, { | ||
4194 | 2659 | setting => 'test', | ||
4195 | 2660 | is_admin => 1, | ||
4196 | 2661 | code => sub { | ||
4197 | 2662 | return unless defined $COLLECT_REGRESSION_TESTS; | ||
4198 | 2663 | my ($self, $key, $value, $line) = @_; | ||
4199 | 2664 | local ($1,$2,$3); | ||
4200 | 2665 | if ($value !~ /^(\S+)\s+(ok|fail)\s+(.*)$/) { return $INVALID_VALUE; } | ||
4201 | 2666 | $self->{parser}->add_regression_test($1, $2, $3); | ||
4202 | 2667 | } | ||
4203 | 2668 | }); | ||
4204 | 2669 | |||
4205 | 2670 | =item rbl_timeout t [t_min] [zone] (default: 15 3) | ||
4206 | 2671 | |||
4207 | 2672 | All DNS queries are made at the beginning of a check and we try to read | ||
4208 | 2673 | the results at the end. This value specifies the maximum period of time | ||
4209 | 2674 | (in seconds) to wait for a DNS query. If most of the DNS queries have | ||
4210 | 2675 | succeeded for a particular message, then SpamAssassin will not wait for | ||
4211 | 2676 | the full period to avoid wasting time on unresponsive server(s), but will | ||
4212 | 2677 | shrink the timeout according to a percentage of queries already completed. | ||
4213 | 2678 | As the number of queries remaining approaches 0, the timeout value will | ||
4214 | 2679 | gradually approach a t_min value, which is an optional second parameter | ||
4215 | 2680 | and defaults to 0.2 * t. If t is smaller than t_min, the initial timeout | ||
4216 | 2681 | is set to t_min. Here is a chart of queries remaining versus the timeout | ||
4217 | 2682 | in seconds, for the default 15 second / 3 second timeout setting: | ||
4218 | 2683 | |||
4219 | 2684 | queries left 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% | ||
4220 | 2685 | timeout 15 14.9 14.5 13.9 13.1 12.0 10.7 9.1 7.3 5.3 3 | ||
4221 | 2686 | |||
4222 | 2687 | For example, if 20 queries are made at the beginning of a message check | ||
4223 | 2688 | and 16 queries have returned (leaving 20%), the remaining 4 queries should | ||
4224 | 2689 | finish within 7.3 seconds since their query started or they will be timed out. | ||
4225 | 2690 | Note that timed out queries are only aborted when there is nothing else left | ||
4226 | 2691 | for SpamAssassin to do - long evaluation of other rules may grant queries | ||
4227 | 2692 | additional time. | ||
4228 | 2693 | |||
4229 | 2694 | If a parameter 'zone' is specified (it must end with a letter, which | ||
4230 | 2695 | distinguishes it from other numeric parametrs), then the setting only | ||
4231 | 2696 | applies to DNS queries against the specified DNS domain (host, domain or | ||
4232 | 2697 | RBL (sub)zone). Matching is case-insensitive, the actual domain may be a | ||
4233 | 2698 | subdomain of the specified zone. | ||
4234 | 2699 | |||
4235 | 2700 | =cut | ||
4236 | 2701 | |||
4237 | 2702 | push (@cmds, { | ||
4238 | 2703 | setting => 'rbl_timeout', | ||
4239 | 2704 | is_admin => 1, | ||
4240 | 2705 | default => 15, | ||
4241 | 2706 | code => sub { | ||
4242 | 2707 | my ($self, $key, $value, $line) = @_; | ||
4243 | 2708 | unless (defined $value && $value !~ /^$/) { | ||
4244 | 2709 | return $MISSING_REQUIRED_VALUE; | ||
4245 | 2710 | } | ||
4246 | 2711 | local ($1,$2,$3); | ||
4247 | 2712 | unless ($value =~ /^ ( [+-]? \d+ (?: \. \d*)? ) | ||
4248 | 2713 | (?: \s+ ( [+-]? \d+ (?: \. \d*)? ) )? | ||
4249 | 2714 | (?: \s+ (\S* [a-zA-Z]) )? $/xs) { | ||
4250 | 2715 | return $INVALID_VALUE; | ||
4251 | 2716 | } | ||
4252 | 2717 | my $zone = $3; | ||
4253 | 2718 | if (!defined $zone) { # a global setting | ||
4254 | 2719 | $self->{rbl_timeout} = $1+0; | ||
4255 | 2720 | $self->{rbl_timeout_min} = $2+0 if defined $2; | ||
4256 | 2721 | } | ||
4257 | 2722 | else { # per-zone settings | ||
4258 | 2723 | $zone =~ s/^\.//; $zone =~ s/\.$//; # strip leading and trailing dot | ||
4259 | 2724 | $zone = lc $zone; | ||
4260 | 2725 | $self->{by_zone}{$zone}{rbl_timeout} = $1+0; | ||
4261 | 2726 | $self->{by_zone}{$zone}{rbl_timeout_min} = $2+0 if defined $2; | ||
4262 | 2727 | } | ||
4263 | 2728 | }, | ||
4264 | 2729 | type => $CONF_TYPE_NUMERIC, | ||
4265 | 2730 | }); | ||
4266 | 2731 | |||
4267 | 2732 | =item util_rb_tld tld1 tld2 ... | ||
4268 | 2733 | |||
4269 | 2734 | This option allows the addition of new TLDs to the RegistrarBoundaries code. | ||
4270 | 2735 | Updates to the list usually happen when new versions of SpamAssassin are | ||
4271 | 2736 | released, but sometimes it's necessary to add in new TLDs faster than a | ||
4272 | 2737 | release can occur. TLDs include things like com, net, org, etc. | ||
4273 | 2738 | |||
4274 | 2739 | =cut | ||
4275 | 2740 | |||
4276 | 2741 | push (@cmds, { | ||
4277 | 2742 | setting => 'util_rb_tld', | ||
4278 | 2743 | is_admin => 1, | ||
4279 | 2744 | code => sub { | ||
4280 | 2745 | my ($self, $key, $value, $line) = @_; | ||
4281 | 2746 | unless (defined $value && $value !~ /^$/) { | ||
4282 | 2747 | return $MISSING_REQUIRED_VALUE; | ||
4283 | 2748 | } | ||
4284 | 2749 | unless ($value =~ /^[a-zA-Z]+(?:\s+[a-zA-Z]+)*$/) { | ||
4285 | 2750 | return $INVALID_VALUE; | ||
4286 | 2751 | } | ||
4287 | 2752 | foreach (split(/\s+/, $value)) { | ||
4288 | 2753 | $Mail::SpamAssassin::Util::RegistrarBoundaries::VALID_TLDS{lc $_} = 1; | ||
4289 | 2754 | } | ||
4290 | 2755 | } | ||
4291 | 2756 | }); | ||
4292 | 2757 | |||
4293 | 2758 | =item util_rb_2tld 2tld-1.tld 2tld-2.tld ... | ||
4294 | 2759 | |||
4295 | 2760 | This option allows the addition of new 2nd-level TLDs (2TLD) to the | ||
4296 | 2761 | RegistrarBoundaries code. Updates to the list usually happen when new | ||
4297 | 2762 | versions of SpamAssassin are released, but sometimes it's necessary to add in | ||
4298 | 2763 | new 2TLDs faster than a release can occur. 2TLDs include things like co.uk, | ||
4299 | 2764 | fed.us, etc. | ||
4300 | 2765 | |||
4301 | 2766 | =cut | ||
4302 | 2767 | |||
4303 | 2768 | push (@cmds, { | ||
4304 | 2769 | setting => 'util_rb_2tld', | ||
4305 | 2770 | is_admin => 1, | ||
4306 | 2771 | code => sub { | ||
4307 | 2772 | my ($self, $key, $value, $line) = @_; | ||
4308 | 2773 | unless (defined $value && $value !~ /^$/) { | ||
4309 | 2774 | return $MISSING_REQUIRED_VALUE; | ||
4310 | 2775 | } | ||
4311 | 2776 | unless ($value =~ /^[^\s.]+\.[^\s.]+(?:\s+[^\s.]+\.[^\s.]+)*$/) { | ||
4312 | 2777 | return $INVALID_VALUE; | ||
4313 | 2778 | } | ||
4314 | 2779 | foreach (split(/\s+/, $value)) { | ||
4315 | 2780 | $Mail::SpamAssassin::Util::RegistrarBoundaries::TWO_LEVEL_DOMAINS{lc $_} = 1; | ||
4316 | 2781 | } | ||
4317 | 2782 | } | ||
4318 | 2783 | }); | ||
4319 | 2784 | |||
4320 | 2785 | =item util_rb_3tld 3tld1.some.tld 3tld2.other.tld ... | ||
4321 | 2786 | |||
4322 | 2787 | This option allows the addition of new 3rd-level TLDs (3TLD) to the | ||
4323 | 2788 | RegistrarBoundaries code. Updates to the list usually happen when new | ||
4324 | 2789 | versions of SpamAssassin are released, but sometimes it's necessary to add in | ||
4325 | 2790 | new 3TLDs faster than a release can occur. 3TLDs include things like | ||
4326 | 2791 | demon.co.uk, plc.co.im, etc. | ||
4327 | 2792 | |||
4328 | 2793 | =cut | ||
4329 | 2794 | |||
4330 | 2795 | push (@cmds, { | ||
4331 | 2796 | setting => 'util_rb_3tld', | ||
4332 | 2797 | is_admin => 1, | ||
4333 | 2798 | code => sub { | ||
4334 | 2799 | my ($self, $key, $value, $line) = @_; | ||
4335 | 2800 | unless (defined $value && $value !~ /^$/) { | ||
4336 | 2801 | return $MISSING_REQUIRED_VALUE; | ||
4337 | 2802 | } | ||
4338 | 2803 | unless ($value =~ /^[^\s.]+\.[^\s.]+\.[^\s.]+(?:\s+[^\s.]+\.[^\s.]+)*$/) { | ||
4339 | 2804 | return $INVALID_VALUE; | ||
4340 | 2805 | } | ||
4341 | 2806 | foreach (split(/\s+/, $value)) { | ||
4342 | 2807 | $Mail::SpamAssassin::Util::RegistrarBoundaries::THREE_LEVEL_DOMAINS{lc $_} = 1; | ||
4343 | 2808 | } | ||
4344 | 2809 | } | ||
4345 | 2810 | }); | ||
4346 | 2811 | |||
4347 | 2812 | =item bayes_path /path/filename (default: ~/.spamassassin/bayes) | ||
4348 | 2813 | |||
4349 | 2814 | This is the directory and filename for Bayes databases. Several databases | ||
4350 | 2815 | will be created, with this as the base directory and filename, with C<_toks>, | ||
4351 | 2816 | C<_seen>, etc. appended to the base. The default setting results in files | ||
4352 | 2817 | called C<~/.spamassassin/bayes_seen>, C<~/.spamassassin/bayes_toks>, etc. | ||
4353 | 2818 | |||
4354 | 2819 | By default, each user has their own in their C<~/.spamassassin> directory with | ||
4355 | 2820 | mode 0700/0600. For system-wide SpamAssassin use, you may want to reduce disk | ||
4356 | 2821 | space usage by sharing this across all users. However, Bayes appears to be | ||
4357 | 2822 | more effective with individual user databases. | ||
4358 | 2823 | |||
4359 | 2824 | =cut | ||
4360 | 2825 | |||
4361 | 2826 | push (@cmds, { | ||
4362 | 2827 | setting => 'bayes_path', | ||
4363 | 2828 | is_admin => 1, | ||
4364 | 2829 | default => '__userstate__/bayes', | ||
4365 | 2830 | type => $CONF_TYPE_STRING, | ||
4366 | 2831 | code => sub { | ||
4367 | 2832 | my ($self, $key, $value, $line) = @_; | ||
4368 | 2833 | unless (defined $value && $value !~ /^$/) { | ||
4369 | 2834 | return $MISSING_REQUIRED_VALUE; | ||
4370 | 2835 | } | ||
4371 | 2836 | if (-d $value) { | ||
4372 | 2837 | return $INVALID_VALUE; | ||
4373 | 2838 | } | ||
4374 | 2839 | $self->{bayes_path} = $value; | ||
4375 | 2840 | } | ||
4376 | 2841 | }); | ||
4377 | 2842 | |||
4378 | 2843 | =item bayes_file_mode (default: 0700) | ||
4379 | 2844 | |||
4380 | 2845 | The file mode bits used for the Bayesian filtering database files. | ||
4381 | 2846 | |||
4382 | 2847 | Make sure you specify this using the 'x' mode bits set, as it may also be used | ||
4383 | 2848 | to create directories. However, if a file is created, the resulting file will | ||
4384 | 2849 | not have any execute bits set (the umask is set to 111). The argument is a | ||
4385 | 2850 | string of octal digits, it is converted to a numeric value internally. | ||
4386 | 2851 | |||
4387 | 2852 | =cut | ||
4388 | 2853 | |||
4389 | 2854 | push (@cmds, { | ||
4390 | 2855 | setting => 'bayes_file_mode', | ||
4391 | 2856 | is_admin => 1, | ||
4392 | 2857 | default => '0700', | ||
4393 | 2858 | type => $CONF_TYPE_NUMERIC, | ||
4394 | 2859 | code => sub { | ||
4395 | 2860 | my ($self, $key, $value, $line) = @_; | ||
4396 | 2861 | if ($value !~ /^0?\d{3}$/) { return $INVALID_VALUE } | ||
4397 | 2862 | $self->{bayes_file_mode} = untaint_var($value); | ||
4398 | 2863 | } | ||
4399 | 2864 | }); | ||
4400 | 2865 | |||
4401 | 2866 | =item bayes_store_module Name::Of::BayesStore::Module | ||
4402 | 2867 | |||
4403 | 2868 | If this option is set, the module given will be used as an alternate | ||
4404 | 2869 | to the default bayes storage mechanism. It must conform to the | ||
4405 | 2870 | published storage specification (see | ||
4406 | 2871 | Mail::SpamAssassin::BayesStore). For example, set this to | ||
4407 | 2872 | Mail::SpamAssassin::BayesStore::SQL to use the generic SQL storage | ||
4408 | 2873 | module. | ||
4409 | 2874 | |||
4410 | 2875 | =cut | ||
4411 | 2876 | |||
4412 | 2877 | push (@cmds, { | ||
4413 | 2878 | setting => 'bayes_store_module', | ||
4414 | 2879 | is_admin => 1, | ||
4415 | 2880 | default => '', | ||
4416 | 2881 | type => $CONF_TYPE_STRING, | ||
4417 | 2882 | code => sub { | ||
4418 | 2883 | my ($self, $key, $value, $line) = @_; | ||
4419 | 2884 | local ($1); | ||
4420 | 2885 | if ($value !~ /^([_A-Za-z0-9:]+)$/) { return $INVALID_VALUE; } | ||
4421 | 2886 | $self->{bayes_store_module} = $1; | ||
4422 | 2887 | } | ||
4423 | 2888 | }); | ||
4424 | 2889 | |||
4425 | 2890 | =item bayes_sql_dsn DBI::databasetype:databasename:hostname:port | ||
4426 | 2891 | |||
4427 | 2892 | Used for BayesStore::SQL storage implementation. | ||
4428 | 2893 | |||
4429 | 2894 | This option give the connect string used to connect to the SQL based Bayes storage. | ||
4430 | 2895 | |||
4431 | 2896 | =cut | ||
4432 | 2897 | |||
4433 | 2898 | push (@cmds, { | ||
4434 | 2899 | setting => 'bayes_sql_dsn', | ||
4435 | 2900 | is_admin => 1, | ||
4436 | 2901 | default => '', | ||
4437 | 2902 | type => $CONF_TYPE_STRING, | ||
4438 | 2903 | }); | ||
4439 | 2904 | |||
4440 | 2905 | =item bayes_sql_username | ||
4441 | 2906 | |||
4442 | 2907 | Used by BayesStore::SQL storage implementation. | ||
4443 | 2908 | |||
4444 | 2909 | This option gives the username used by the above DSN. | ||
4445 | 2910 | |||
4446 | 2911 | =cut | ||
4447 | 2912 | |||
4448 | 2913 | push (@cmds, { | ||
4449 | 2914 | setting => 'bayes_sql_username', | ||
4450 | 2915 | is_admin => 1, | ||
4451 | 2916 | default => '', | ||
4452 | 2917 | type => $CONF_TYPE_STRING, | ||
4453 | 2918 | }); | ||
4454 | 2919 | |||
4455 | 2920 | =item bayes_sql_password | ||
4456 | 2921 | |||
4457 | 2922 | Used by BayesStore::SQL storage implementation. | ||
4458 | 2923 | |||
4459 | 2924 | This option gives the password used by the above DSN. | ||
4460 | 2925 | |||
4461 | 2926 | =cut | ||
4462 | 2927 | |||
4463 | 2928 | push (@cmds, { | ||
4464 | 2929 | setting => 'bayes_sql_password', | ||
4465 | 2930 | is_admin => 1, | ||
4466 | 2931 | default => '', | ||
4467 | 2932 | type => $CONF_TYPE_STRING, | ||
4468 | 2933 | }); | ||
4469 | 2934 | |||
4470 | 2935 | =item bayes_sql_username_authorized ( 0 | 1 ) (default: 0) | ||
4471 | 2936 | |||
4472 | 2937 | Whether to call the services_authorized_for_username plugin hook in BayesSQL. | ||
4473 | 2938 | If the hook does not determine that the user is allowed to use bayes or is | ||
4474 | 2939 | invalid then then database will not be initialized. | ||
4475 | 2940 | |||
4476 | 2941 | NOTE: By default the user is considered invalid until a plugin returns | ||
4477 | 2942 | a true value. If you enable this, but do not have a proper plugin | ||
4478 | 2943 | loaded, all users will turn up as invalid. | ||
4479 | 2944 | |||
4480 | 2945 | The username passed into the plugin can be affected by the | ||
4481 | 2946 | bayes_sql_override_username config option. | ||
4482 | 2947 | |||
4483 | 2948 | =cut | ||
4484 | 2949 | |||
4485 | 2950 | push (@cmds, { | ||
4486 | 2951 | setting => 'bayes_sql_username_authorized', | ||
4487 | 2952 | is_admin => 1, | ||
4488 | 2953 | default => 0, | ||
4489 | 2954 | type => $CONF_TYPE_BOOL, | ||
4490 | 2955 | }); | ||
4491 | 2956 | |||
4492 | 2957 | =item user_scores_dsn DBI:databasetype:databasename:hostname:port | ||
4493 | 2958 | |||
4494 | 2959 | If you load user scores from an SQL database, this will set the DSN | ||
4495 | 2960 | used to connect. Example: C<DBI:mysql:spamassassin:localhost> | ||
4496 | 2961 | |||
4497 | 2962 | If you load user scores from an LDAP directory, this will set the DSN used to | ||
4498 | 2963 | connect. You have to write the DSN as an LDAP URL, the components being the | ||
4499 | 2964 | host and port to connect to, the base DN for the search, the scope of the | ||
4500 | 2965 | search (base, one or sub), the single attribute being the multivalued attribute | ||
4501 | 2966 | used to hold the configuration data (space separated pairs of key and value, | ||
4502 | 2967 | just as in a file) and finally the filter being the expression used to filter | ||
4503 | 2968 | out the wanted username. Note that the filter expression is being used in a | ||
4504 | 2969 | sprintf statement with the username as the only parameter, thus is can hold a | ||
4505 | 2970 | single __USERNAME__ expression. This will be replaced with the username. | ||
4506 | 2971 | |||
4507 | 2972 | Example: C<ldap://localhost:389/dc=koehntopp,dc=de?saconfig?uid=__USERNAME__> | ||
4508 | 2973 | |||
4509 | 2974 | =cut | ||
4510 | 2975 | |||
4511 | 2976 | push (@cmds, { | ||
4512 | 2977 | setting => 'user_scores_dsn', | ||
4513 | 2978 | is_admin => 1, | ||
4514 | 2979 | default => '', | ||
4515 | 2980 | type => $CONF_TYPE_STRING, | ||
4516 | 2981 | }); | ||
4517 | 2982 | |||
4518 | 2983 | =item user_scores_sql_username username | ||
4519 | 2984 | |||
4520 | 2985 | The authorized username to connect to the above DSN. | ||
4521 | 2986 | |||
4522 | 2987 | =cut | ||
4523 | 2988 | |||
4524 | 2989 | push (@cmds, { | ||
4525 | 2990 | setting => 'user_scores_sql_username', | ||
4526 | 2991 | is_admin => 1, | ||
4527 | 2992 | default => '', | ||
4528 | 2993 | type => $CONF_TYPE_STRING, | ||
4529 | 2994 | }); | ||
4530 | 2995 | |||
4531 | 2996 | =item user_scores_sql_password password | ||
4532 | 2997 | |||
4533 | 2998 | The password for the database username, for the above DSN. | ||
4534 | 2999 | |||
4535 | 3000 | =cut | ||
4536 | 3001 | |||
4537 | 3002 | push (@cmds, { | ||
4538 | 3003 | setting => 'user_scores_sql_password', | ||
4539 | 3004 | is_admin => 1, | ||
4540 | 3005 | default => '', | ||
4541 | 3006 | type => $CONF_TYPE_STRING, | ||
4542 | 3007 | }); | ||
4543 | 3008 | |||
4544 | 3009 | =item user_scores_sql_custom_query query | ||
4545 | 3010 | |||
4546 | 3011 | This option gives you the ability to create a custom SQL query to | ||
4547 | 3012 | retrieve user scores and preferences. In order to work correctly your | ||
4548 | 3013 | query should return two values, the preference name and value, in that | ||
4549 | 3014 | order. In addition, there are several "variables" that you can use | ||
4550 | 3015 | as part of your query, these variables will be substituted for the | ||
4551 | 3016 | current values right before the query is run. The current allowed | ||
4552 | 3017 | variables are: | ||
4553 | 3018 | |||
4554 | 3019 | =over 4 | ||
4555 | 3020 | |||
4556 | 3021 | =item _TABLE_ | ||
4557 | 3022 | |||
4558 | 3023 | The name of the table where user scores and preferences are stored. Currently | ||
4559 | 3024 | hardcoded to userpref, to change this value you need to create a new custom | ||
4560 | 3025 | query with the new table name. | ||
4561 | 3026 | |||
4562 | 3027 | =item _USERNAME_ | ||
4563 | 3028 | |||
4564 | 3029 | The current user's username. | ||
4565 | 3030 | |||
4566 | 3031 | =item _MAILBOX_ | ||
4567 | 3032 | |||
4568 | 3033 | The portion before the @ as derived from the current user's username. | ||
4569 | 3034 | |||
4570 | 3035 | =item _DOMAIN_ | ||
4571 | 3036 | |||
4572 | 3037 | The portion after the @ as derived from the current user's username, this | ||
4573 | 3038 | value may be null. | ||
4574 | 3039 | |||
4575 | 3040 | =back | ||
4576 | 3041 | |||
4577 | 3042 | The query must be one continuous line in order to parse correctly. | ||
4578 | 3043 | |||
4579 | 3044 | Here are several example queries, please note that these are broken up | ||
4580 | 3045 | for easy reading, in your config it should be one continuous line. | ||
4581 | 3046 | |||
4582 | 3047 | =over 4 | ||
4583 | 3048 | |||
4584 | 3049 | =item Current default query: | ||
4585 | 3050 | |||
4586 | 3051 | C<SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '@GLOBAL' ORDER BY username ASC> | ||
4587 | 3052 | |||
4588 | 3053 | =item Use global and then domain level defaults: | ||
4589 | 3054 | |||
4590 | 3055 | C<SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '@GLOBAL' OR username = '@~'||_DOMAIN_ ORDER BY username ASC> | ||
4591 | 3056 | |||
4592 | 3057 | =item Maybe global prefs should override user prefs: | ||
4593 | 3058 | |||
4594 | 3059 | C<SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '@GLOBAL' ORDER BY username DESC> | ||
4595 | 3060 | |||
4596 | 3061 | =back | ||
4597 | 3062 | |||
4598 | 3063 | =cut | ||
4599 | 3064 | |||
4600 | 3065 | push (@cmds, { | ||
4601 | 3066 | setting => 'user_scores_sql_custom_query', | ||
4602 | 3067 | is_admin => 1, | ||
4603 | 3068 | default => undef, | ||
4604 | 3069 | type => $CONF_TYPE_STRING, | ||
4605 | 3070 | }); | ||
4606 | 3071 | |||
4607 | 3072 | =item user_scores_ldap_username | ||
4608 | 3073 | |||
4609 | 3074 | This is the Bind DN used to connect to the LDAP server. It defaults | ||
4610 | 3075 | to the empty string (""), allowing anonymous binding to work. | ||
4611 | 3076 | |||
4612 | 3077 | Example: C<cn=master,dc=koehntopp,dc=de> | ||
4613 | 3078 | |||
4614 | 3079 | =cut | ||
4615 | 3080 | |||
4616 | 3081 | push (@cmds, { | ||
4617 | 3082 | setting => 'user_scores_ldap_username', | ||
4618 | 3083 | is_admin => 1, | ||
4619 | 3084 | default => '', | ||
4620 | 3085 | type => $CONF_TYPE_STRING, | ||
4621 | 3086 | }); | ||
4622 | 3087 | |||
4623 | 3088 | =item user_scores_ldap_password | ||
4624 | 3089 | |||
4625 | 3090 | This is the password used to connect to the LDAP server. It defaults | ||
4626 | 3091 | to the empty string (""). | ||
4627 | 3092 | |||
4628 | 3093 | =cut | ||
4629 | 3094 | |||
4630 | 3095 | push (@cmds, { | ||
4631 | 3096 | setting => 'user_scores_ldap_password', | ||
4632 | 3097 | is_admin => 1, | ||
4633 | 3098 | default => '', | ||
4634 | 3099 | type => $CONF_TYPE_STRING, | ||
4635 | 3100 | }); | ||
4636 | 3101 | |||
4637 | 3102 | =item loadplugin PluginModuleName [/path/module.pm] | ||
4638 | 3103 | |||
4639 | 3104 | Load a SpamAssassin plugin module. The C<PluginModuleName> is the perl module | ||
4640 | 3105 | name, used to create the plugin object itself. | ||
4641 | 3106 | |||
4642 | 3107 | C</path/to/module.pm> is the file to load, containing the module's perl code; | ||
4643 | 3108 | if it's specified as a relative path, it's considered to be relative to the | ||
4644 | 3109 | current configuration file. If it is omitted, the module will be loaded | ||
4645 | 3110 | using perl's search path (the C<@INC> array). | ||
4646 | 3111 | |||
4647 | 3112 | See C<Mail::SpamAssassin::Plugin> for more details on writing plugins. | ||
4648 | 3113 | |||
4649 | 3114 | =cut | ||
4650 | 3115 | |||
4651 | 3116 | push (@cmds, { | ||
4652 | 3117 | setting => 'loadplugin', | ||
4653 | 3118 | is_admin => 1, | ||
4654 | 3119 | code => sub { | ||
4655 | 3120 | my ($self, $key, $value, $line) = @_; | ||
4656 | 3121 | if ($value eq '') { | ||
4657 | 3122 | return $MISSING_REQUIRED_VALUE; | ||
4658 | 3123 | } | ||
4659 | 3124 | my ($package, $path); | ||
4660 | 3125 | local ($1,$2); | ||
4661 | 3126 | if ($value =~ /^(\S+)\s+(\S+)$/) { | ||
4662 | 3127 | ($package, $path) = ($1, $2); | ||
4663 | 3128 | } elsif ($value =~ /^\S+$/) { | ||
4664 | 3129 | ($package, $path) = ($value, undef); | ||
4665 | 3130 | } else { | ||
4666 | 3131 | return $INVALID_VALUE; | ||
4667 | 3132 | } | ||
4668 | 3133 | # is blindly untainting safe? it is no worse than before | ||
4669 | 3134 | $_ = untaint_var($_) for ($package,$path); | ||
4670 | 3135 | $self->load_plugin ($package, $path); | ||
4671 | 3136 | } | ||
4672 | 3137 | }); | ||
4673 | 3138 | |||
4674 | 3139 | =item tryplugin PluginModuleName [/path/module.pm] | ||
4675 | 3140 | |||
4676 | 3141 | Same as C<loadplugin>, but silently ignored if the .pm file cannot be found in | ||
4677 | 3142 | the filesystem. | ||
4678 | 3143 | |||
4679 | 3144 | =cut | ||
4680 | 3145 | |||
4681 | 3146 | push (@cmds, { | ||
4682 | 3147 | setting => 'tryplugin', | ||
4683 | 3148 | is_admin => 1, | ||
4684 | 3149 | code => sub { | ||
4685 | 3150 | my ($self, $key, $value, $line) = @_; | ||
4686 | 3151 | if ($value eq '') { | ||
4687 | 3152 | return $MISSING_REQUIRED_VALUE; | ||
4688 | 3153 | } | ||
4689 | 3154 | my ($package, $path); | ||
4690 | 3155 | local ($1,$2); | ||
4691 | 3156 | if ($value =~ /^(\S+)\s+(\S+)$/) { | ||
4692 | 3157 | ($package, $path) = ($1, $2); | ||
4693 | 3158 | } elsif ($value =~ /^\S+$/) { | ||
4694 | 3159 | ($package, $path) = ($value, undef); | ||
4695 | 3160 | } else { | ||
4696 | 3161 | return $INVALID_VALUE; | ||
4697 | 3162 | } | ||
4698 | 3163 | # is blindly untainting safe? it is no worse than before | ||
4699 | 3164 | $_ = untaint_var($_) for ($package,$path); | ||
4700 | 3165 | $self->load_plugin ($package, $path, 1); | ||
4701 | 3166 | } | ||
4702 | 3167 | }); | ||
4703 | 3168 | |||
4704 | 3169 | =item ignore_always_matching_regexps (Default: 0) | ||
4705 | 3170 | |||
4706 | 3171 | Ignore any rule which contains a regexp which always matches. | ||
4707 | 3172 | Currently only catches regexps which contain '||', or which begin or | ||
4708 | 3173 | end with a '|'. Also ignore rules with C<some> combinatorial explosions. | ||
4709 | 3174 | |||
4710 | 3175 | =cut | ||
4711 | 3176 | |||
4712 | 3177 | push (@cmds, { | ||
4713 | 3178 | setting => 'ignore_always_matching_regexps', | ||
4714 | 3179 | is_admin => 1, | ||
4715 | 3180 | default => 0, | ||
4716 | 3181 | type => $CONF_TYPE_BOOL, | ||
4717 | 3182 | }); | ||
4718 | 3183 | |||
4719 | 3184 | =back | ||
4720 | 3185 | |||
4721 | 3186 | =head1 PREPROCESSING OPTIONS | ||
4722 | 3187 | |||
4723 | 3188 | =over 4 | ||
4724 | 3189 | |||
4725 | 3190 | =item include filename | ||
4726 | 3191 | |||
4727 | 3192 | Include configuration lines from C<filename>. Relative paths are considered | ||
4728 | 3193 | relative to the current configuration file or user preferences file. | ||
4729 | 3194 | |||
4730 | 3195 | =item if (boolean perl expression) | ||
4731 | 3196 | |||
4732 | 3197 | Used to support conditional interpretation of the configuration | ||
4733 | 3198 | file. Lines between this and a corresponding C<else> or C<endif> line | ||
4734 | 3199 | will be ignored unless the expression evaluates as true | ||
4735 | 3200 | (in the perl sense; that is, defined and non-0 and non-empty string). | ||
4736 | 3201 | |||
4737 | 3202 | The conditional accepts a limited subset of perl for security -- just enough to | ||
4738 | 3203 | perform basic arithmetic comparisons. The following input is accepted: | ||
4739 | 3204 | |||
4740 | 3205 | =over 4 | ||
4741 | 3206 | |||
4742 | 3207 | =item numbers, whitespace, arithmetic operations and grouping | ||
4743 | 3208 | |||
4744 | 3209 | Namely these characters and ranges: | ||
4745 | 3210 | |||
4746 | 3211 | ( ) - + * / _ . , < = > ! ~ 0-9 whitespace | ||
4747 | 3212 | |||
4748 | 3213 | =item version | ||
4749 | 3214 | |||
4750 | 3215 | This will be replaced with the version number of the currently-running | ||
4751 | 3216 | SpamAssassin engine. Note: The version used is in the internal SpamAssassin | ||
4752 | 3217 | version format which is C<x.yyyzzz>, where x is major version, y is minor | ||
4753 | 3218 | version, and z is maintenance version. So 3.0.0 is C<3.000000>, and 3.4.80 is | ||
4754 | 3219 | C<3.004080>. | ||
4755 | 3220 | |||
4756 | 3221 | =item plugin(Name::Of::Plugin) | ||
4757 | 3222 | |||
4758 | 3223 | This is a function call that returns C<1> if the plugin named | ||
4759 | 3224 | C<Name::Of::Plugin> is loaded, or C<undef> otherwise. | ||
4760 | 3225 | |||
4761 | 3226 | =item can(Name::Of::Package::function_name) | ||
4762 | 3227 | |||
4763 | 3228 | This is a function call that returns C<1> if the perl package named | ||
4764 | 3229 | C<Name::Of::Package> includes a function called C<function_name>, or C<undef> | ||
4765 | 3230 | otherwise. Note that packages can be SpamAssassin plugins or built-in classes, | ||
4766 | 3231 | there's no difference in this respect. | ||
4767 | 3232 | |||
4768 | 3233 | =back | ||
4769 | 3234 | |||
4770 | 3235 | If the end of a configuration file is reached while still inside a | ||
4771 | 3236 | C<if> scope, a warning will be issued, but parsing will restart on | ||
4772 | 3237 | the next file. | ||
4773 | 3238 | |||
4774 | 3239 | For example: | ||
4775 | 3240 | |||
4776 | 3241 | if (version > 3.000000) | ||
4777 | 3242 | header MY_FOO ... | ||
4778 | 3243 | endif | ||
4779 | 3244 | |||
4780 | 3245 | loadplugin MyPlugin plugintest.pm | ||
4781 | 3246 | |||
4782 | 3247 | if plugin (MyPlugin) | ||
4783 | 3248 | header MY_PLUGIN_FOO eval:check_for_foo() | ||
4784 | 3249 | score MY_PLUGIN_FOO 0.1 | ||
4785 | 3250 | endif | ||
4786 | 3251 | |||
4787 | 3252 | =item ifplugin PluginModuleName | ||
4788 | 3253 | |||
4789 | 3254 | An alias for C<if plugin(PluginModuleName)>. | ||
4790 | 3255 | |||
4791 | 3256 | =item else | ||
4792 | 3257 | |||
4793 | 3258 | Used to support conditional interpretation of the configuration | ||
4794 | 3259 | file. Lines between this and a corresponding C<endif> line, | ||
4795 | 3260 | will be ignored unless the conditional expression evaluates as false | ||
4796 | 3261 | (in the perl sense; that is, not defined and not 0 and non-empty string). | ||
4797 | 3262 | |||
4798 | 3263 | =item require_version n.nnnnnn | ||
4799 | 3264 | |||
4800 | 3265 | Indicates that the entire file, from this line on, requires a certain | ||
4801 | 3266 | version of SpamAssassin to run. If a different (older or newer) version | ||
4802 | 3267 | of SpamAssassin tries to read the configuration from this file, it will | ||
4803 | 3268 | output a warning instead, and ignore it. | ||
4804 | 3269 | |||
4805 | 3270 | Note: The version used is in the internal SpamAssassin version format which is | ||
4806 | 3271 | C<x.yyyzzz>, where x is major version, y is minor version, and z is maintenance | ||
4807 | 3272 | version. So 3.0.0 is C<3.000000>, and 3.4.80 is C<3.004080>. | ||
4808 | 3273 | |||
4809 | 3274 | =cut | ||
4810 | 3275 | |||
4811 | 3276 | push (@cmds, { | ||
4812 | 3277 | setting => 'require_version', | ||
4813 | 3278 | type => $CONF_TYPE_STRING, | ||
4814 | 3279 | code => sub { | ||
4815 | 3280 | } | ||
4816 | 3281 | }); | ||
4817 | 3282 | |||
4818 | 3283 | =back | ||
4819 | 3284 | |||
4820 | 3285 | =head1 TEMPLATE TAGS | ||
4821 | 3286 | |||
4822 | 3287 | The following C<tags> can be used as placeholders in certain options. | ||
4823 | 3288 | They will be replaced by the corresponding value when they are used. | ||
4824 | 3289 | |||
4825 | 3290 | Some tags can take an argument (in parentheses). The argument is | ||
4826 | 3291 | optional, and the default is shown below. | ||
4827 | 3292 | |||
4828 | 3293 | _YESNO_ "Yes" for spam, "No" for nonspam (=ham) | ||
4829 | 3294 | _YESNO(spam_str,ham_str)_ returns the first argument ("Yes" if missing) | ||
4830 | 3295 | for spam, and the second argument ("No" if missing) for ham | ||
4831 | 3296 | _YESNOCAPS_ "YES" for spam, "NO" for nonspam (=ham) | ||
4832 | 3297 | _YESNOCAPS(spam_str,ham_str)_ same as _YESNO(...)_, but uppercased | ||
4833 | 3298 | _SCORE(PAD)_ message score, if PAD is included and is either spaces or | ||
4834 | 3299 | zeroes, then pad scores with that many spaces or zeroes | ||
4835 | 3300 | (default, none) ie: _SCORE(0)_ makes 2.4 become 02.4, | ||
4836 | 3301 | _SCORE(00)_ is 002.4. 12.3 would be 12.3 and 012.3 | ||
4837 | 3302 | respectively. | ||
4838 | 3303 | _REQD_ message threshold | ||
4839 | 3304 | _VERSION_ version (eg. 3.0.0 or 3.1.0-r26142-foo1) | ||
4840 | 3305 | _SUBVERSION_ sub-version/code revision date (eg. 2004-01-10) | ||
4841 | 3306 | _HOSTNAME_ hostname of the machine the mail was processed on | ||
4842 | 3307 | _REMOTEHOSTNAME_ hostname of the machine the mail was sent from, only | ||
4843 | 3308 | available with spamd | ||
4844 | 3309 | _REMOTEHOSTADDR_ ip address of the machine the mail was sent from, only | ||
4845 | 3310 | available with spamd | ||
4846 | 3311 | _BAYES_ bayes score | ||
4847 | 3312 | _TOKENSUMMARY_ number of new, neutral, spammy, and hammy tokens found | ||
4848 | 3313 | _BAYESTC_ number of new tokens found | ||
4849 | 3314 | _BAYESTCLEARNED_ number of seen tokens found | ||
4850 | 3315 | _BAYESTCSPAMMY_ number of spammy tokens found | ||
4851 | 3316 | _BAYESTCHAMMY_ number of hammy tokens found | ||
4852 | 3317 | _HAMMYTOKENS(N)_ the N most significant hammy tokens (default, 5) | ||
4853 | 3318 | _SPAMMYTOKENS(N)_ the N most significant spammy tokens (default, 5) | ||
4854 | 3319 | _DATE_ rfc-2822 date of scan | ||
4855 | 3320 | _STARS(*)_ one "*" (use any character) for each full score point | ||
4856 | 3321 | (note: limited to 50 'stars') | ||
4857 | 3322 | _RELAYSTRUSTED_ relays used and deemed to be trusted (see the | ||
4858 | 3323 | 'X-Spam-Relays-Trusted' pseudo-header) | ||
4859 | 3324 | _RELAYSUNTRUSTED_ relays used that can not be trusted (see the | ||
4860 | 3325 | 'X-Spam-Relays-Untrusted' pseudo-header) | ||
4861 | 3326 | _RELAYSINTERNAL_ relays used and deemed to be internal (see the | ||
4862 | 3327 | 'X-Spam-Relays-Internal' pseudo-header) | ||
4863 | 3328 | _RELAYSEXTERNAL_ relays used and deemed to be external (see the | ||
4864 | 3329 | 'X-Spam-Relays-External' pseudo-header) | ||
4865 | 3330 | _LASTEXTERNALIP_ IP address of client in the external-to-internal | ||
4866 | 3331 | SMTP handover | ||
4867 | 3332 | _LASTEXTERNALRDNS_ reverse-DNS of client in the external-to-internal | ||
4868 | 3333 | SMTP handover | ||
4869 | 3334 | _LASTEXTERNALHELO_ HELO string used by client in the external-to-internal | ||
4870 | 3335 | SMTP handover | ||
4871 | 3336 | _AUTOLEARN_ autolearn status ("ham", "no", "spam", "disabled", | ||
4872 | 3337 | "failed", "unavailable") | ||
4873 | 3338 | _AUTOLEARNSCORE_ portion of message score used by autolearn | ||
4874 | 3339 | _TESTS(,)_ tests hit separated by "," (or other separator) | ||
4875 | 3340 | _TESTSSCORES(,)_ as above, except with scores appended (eg. AWL=-3.0,...) | ||
4876 | 3341 | _SUBTESTS(,)_ subtests (start with "__") hit separated by "," | ||
4877 | 3342 | (or other separator) | ||
4878 | 3343 | _DCCB_ DCC's "Brand" | ||
4879 | 3344 | _DCCR_ DCC's results | ||
4880 | 3345 | _PYZOR_ Pyzor results | ||
4881 | 3346 | _RBL_ full results for positive RBL queries in DNS URI format | ||
4882 | 3347 | _LANGUAGES_ possible languages of mail | ||
4883 | 3348 | _PREVIEW_ content preview | ||
4884 | 3349 | _REPORT_ terse report of tests hit (for header reports) | ||
4885 | 3350 | _SUMMARY_ summary of tests hit for standard report (for body reports) | ||
4886 | 3351 | _CONTACTADDRESS_ contents of the 'report_contact' setting | ||
4887 | 3352 | _HEADER(NAME)_ includes the value of a message header. value is the same | ||
4888 | 3353 | as is found for header rules (see elsewhere in this doc) | ||
4889 | 3354 | _TIMING_ timing breakdown report | ||
4890 | 3355 | _ADDEDHEADERHAM_ resulting header fields as requested by add_header for spam | ||
4891 | 3356 | _ADDEDHEADERSPAM_ resulting header fields as requested by add_header for ham | ||
4892 | 3357 | _ADDEDHEADER_ same as ADDEDHEADERHAM for ham or ADDEDHEADERSPAM for spam | ||
4893 | 3358 | |||
4894 | 3359 | If a tag reference uses the name of a tag which is not in this list or defined | ||
4895 | 3360 | by a loaded plugin, the reference will be left intact and not replaced by any | ||
4896 | 3361 | value. | ||
4897 | 3362 | |||
4898 | 3363 | The C<HAMMYTOKENS> and C<SPAMMYTOKENS> tags have an optional second argument | ||
4899 | 3364 | which specifies a format. See the B<HAMMYTOKENS/SPAMMYTOKENS TAG FORMAT> | ||
4900 | 3365 | section, below, for details. | ||
4901 | 3366 | |||
4902 | 3367 | =head2 HAMMYTOKENS/SPAMMYTOKENS TAG FORMAT | ||
4903 | 3368 | |||
4904 | 3369 | The C<HAMMYTOKENS> and C<SPAMMYTOKENS> tags have an optional second argument | ||
4905 | 3370 | which specifies a format: C<_SPAMMYTOKENS(N,FMT)_>, C<_HAMMYTOKENS(N,FMT)_> | ||
4906 | 3371 | The following formats are available: | ||
4907 | 3372 | |||
4908 | 3373 | =over 4 | ||
4909 | 3374 | |||
4910 | 3375 | =item short | ||
4911 | 3376 | |||
4912 | 3377 | Only the tokens themselves are listed. | ||
4913 | 3378 | I<For example, preference file entry:> | ||
4914 | 3379 | |||
4915 | 3380 | C<add_header all Spammy _SPAMMYTOKENS(2,short)_> | ||
4916 | 3381 | |||
4917 | 3382 | I<Results in message header:> | ||
4918 | 3383 | |||
4919 | 3384 | C<X-Spam-Spammy: remove.php, UD:jpg> | ||
4920 | 3385 | |||
4921 | 3386 | Indicating that the top two spammy tokens found are C<remove.php> | ||
4922 | 3387 | and C<UD:jpg>. (The token itself follows the last colon, the | ||
4923 | 3388 | text before the colon indicates something about the token. | ||
4924 | 3389 | C<UD> means the token looks like it might be part of a domain name.) | ||
4925 | 3390 | |||
4926 | 3391 | =item compact | ||
4927 | 3392 | |||
4928 | 3393 | The token probability, an abbreviated declassification distance (see | ||
4929 | 3394 | example), and the token are listed. | ||
4930 | 3395 | I<For example, preference file entry:> | ||
4931 | 3396 | |||
4932 | 3397 | C<add_header all Spammy _SPAMMYTOKENS(2,compact)_> | ||
4933 | 3398 | |||
4934 | 3399 | I<Results in message header:> | ||
4935 | 3400 | |||
4936 | 3401 | C<0.989-6--remove.php, 0.988-+--UD:jpg> | ||
4937 | 3402 | |||
4938 | 3403 | Indicating that the probabilities of the top two tokens are 0.989 and | ||
4939 | 3404 | 0.988, respectively. The first token has a declassification distance | ||
4940 | 3405 | of 6, meaning that if the token had appeared in at least 6 more ham | ||
4941 | 3406 | messages it would not be considered spammy. The C<+> for the second | ||
4942 | 3407 | token indicates a declassification distance greater than 9. | ||
4943 | 3408 | |||
4944 | 3409 | =item long | ||
4945 | 3410 | |||
4946 | 3411 | Probability, declassification distance, number of times seen in a ham | ||
4947 | 3412 | message, number of times seen in a spam message, age and the token are | ||
4948 | 3413 | listed. | ||
4949 | 3414 | |||
4950 | 3415 | I<For example, preference file entry:> | ||
4951 | 3416 | |||
4952 | 3417 | C<add_header all Spammy _SPAMMYTOKENS(2,long)_> | ||
4953 | 3418 | |||
4954 | 3419 | I<Results in message header:> | ||
4955 | 3420 | |||
4956 | 3421 | C<X-Spam-Spammy: 0.989-6--0h-4s--4d--remove.php, 0.988-33--2h-25s--1d--UD:jpg> | ||
4957 | 3422 | |||
4958 | 3423 | In addition to the information provided by the compact option, | ||
4959 | 3424 | the long option shows that the first token appeared in zero | ||
4960 | 3425 | ham messages and four spam messages, and that it was last | ||
4961 | 3426 | seen four days ago. The second token appeared in two ham messages, | ||
4962 | 3427 | 25 spam messages and was last seen one day ago. | ||
4963 | 3428 | (Unlike the C<compact> option, the long option shows declassification | ||
4964 | 3429 | distances that are greater than 9.) | ||
4965 | 3430 | |||
4966 | 3431 | =back | ||
4967 | 3432 | |||
4968 | 3433 | =cut | ||
4969 | 3434 | |||
4970 | 3435 | return \@cmds; | ||
4971 | 3436 | } | ||
4972 | 3437 | |||
4973 | 3438 | ########################################################################### | ||
4974 | 3439 | |||
4975 | 3440 | # settings that were once part of core, but are now in (possibly-optional) | ||
4976 | 3441 | # bundled plugins. These will be warned about, but do not generate a fatal | ||
4977 | 3442 | # error when "spamassassin --lint" is run like a normal syntax error would. | ||
4978 | 3443 | |||
4979 | 3444 | @MIGRATED_SETTINGS = qw{ | ||
4980 | 3445 | ok_languages | ||
4981 | 3446 | }; | ||
4982 | 3447 | |||
4983 | 3448 | ########################################################################### | ||
4984 | 3449 | |||
4985 | 3450 | sub new { | ||
4986 | 3451 | my $class = shift; | ||
4987 | 3452 | $class = ref($class) || $class; | ||
4988 | 3453 | my $self = { | ||
4989 | 3454 | main => shift, | ||
4990 | 3455 | registered_commands => [], | ||
4991 | 3456 | }; bless ($self, $class); | ||
4992 | 3457 | |||
4993 | 3458 | $self->{parser} = Mail::SpamAssassin::Conf::Parser->new($self); | ||
4994 | 3459 | $self->{parser}->register_commands($self->set_default_commands()); | ||
4995 | 3460 | |||
4996 | 3461 | $self->{errors} = 0; | ||
4997 | 3462 | $self->{plugins_loaded} = { }; | ||
4998 | 3463 | |||
4999 | 3464 | $self->{tests} = { }; | ||
5000 | 3465 | $self->{test_types} = { }; |
The diff has been truncated for viewing.
thanks for your work