192 lines
5.1 KiB
Groff
192 lines
5.1 KiB
Groff
.\" $NetBSD: spamd.conf.5,v 1.2 2004/06/25 16:27:02 itojun Exp $
|
|
.\" $OpenBSD: spamd.conf.5,v 1.12 2004/01/29 17:44:29 jmc Exp $
|
|
.\"
|
|
.\" Copyright (c) 2003 Jason L. Wright (jason@thought.net)
|
|
.\" Copyright (c) 2003 Bob Beck
|
|
.\" All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
.\" DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
|
|
.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
|
|
.\" POSSIBILITY OF SUCH DAMAGE.
|
|
.\"
|
|
.Dd March 8, 2003
|
|
.Dt SPAMD.CONF 5
|
|
.Os
|
|
.Sh NAME
|
|
.Nm spamd.conf
|
|
.Nd configuration file read by
|
|
.Xr spamd-setup 8
|
|
for
|
|
.Xr spamd 8
|
|
.Sh SYNOPSIS
|
|
.Nm spamd.conf
|
|
.Sh DESCRIPTION
|
|
The
|
|
.Nm
|
|
file is read by
|
|
.Xr spamd-setup 8
|
|
to configure blacklists and whitelists with corresponding
|
|
.Xr pf 4
|
|
table entries for
|
|
.Xr spamd 8 .
|
|
.Nm
|
|
follows the syntax of configuration databases as documented in
|
|
.Xr getcap 3 .
|
|
Example:
|
|
.Bd -literal -offset indent
|
|
all:\e
|
|
:spews1:white:myblack:
|
|
|
|
spews1:\e
|
|
:black:\e
|
|
:msg="SPAM. Your address \&%A is in the spews\e
|
|
level 1 database\ensee http://www.spews.org/ask.cgi?x=\&%A\en":\e
|
|
:method=http:\e
|
|
:file=www.spews.org/spews_list_level1.txt:
|
|
|
|
white:\e
|
|
:white:\e
|
|
:method=file:\e
|
|
:file=/var/mail/mywhite.txt:
|
|
|
|
myblack:\e
|
|
:black:\e
|
|
:msg=/var/mail/myblackmsg.txt:\e
|
|
:method=file:\e
|
|
:file=/var/mail/myblack.txt:
|
|
.Ed
|
|
.Pp
|
|
The default configuration file must include the entry
|
|
.Ar all
|
|
which specifies the order in which named blacklists and whitelists
|
|
are to be applied.
|
|
The addresses in a whitelist are removed from the preceding blacklist.
|
|
In the above example, if the address was present in all three lists, blacklists
|
|
.Ar spews1
|
|
and
|
|
.Ar myblack ,
|
|
as well as whitelist
|
|
.Ar white ,
|
|
the address would be removed from blacklist
|
|
.Ar spews1
|
|
by the subsequent
|
|
.Ar white
|
|
whitelist.
|
|
However, the address would not be removed from the
|
|
.Ar myblack
|
|
blacklist.
|
|
To remove all the addresses in
|
|
.Ar white
|
|
from
|
|
.Ar myblack ,
|
|
the configuration
|
|
.Bd -literal -offset indent
|
|
all:\e
|
|
:spews1:white:myblack:white:
|
|
.Ed
|
|
.Pp
|
|
would be used instead.
|
|
.Pp
|
|
Blacklists and whitelists are then constructed by name;
|
|
blacklists are identified by the capability
|
|
.Ar black ,
|
|
and whitelists by the capability
|
|
.Ar white .
|
|
.Pp
|
|
The source of the addresses for blacklists and whitelists is
|
|
specified using the
|
|
.Ar method
|
|
and
|
|
.Ar file
|
|
capability entries.
|
|
.Pp
|
|
.Ar method
|
|
specifies the method by which to retrieve a file containing a list of
|
|
addresses that consist of the blacklist or whitelist, and may be
|
|
.Ar http ,
|
|
.Ar ftp ,
|
|
.Ar file
|
|
or
|
|
.Ar exec .
|
|
The methods
|
|
.Ar http ,
|
|
.Ar ftp
|
|
and
|
|
.Ar file
|
|
capabilities will make
|
|
.Nm
|
|
retrieve a list of addresses specified in the location in the
|
|
.Ar file
|
|
capability for the list.
|
|
The
|
|
.Ar exec
|
|
capability will make
|
|
.Nm
|
|
spawn the program with arguments indicated in the
|
|
.Ar file
|
|
capability for the list, and reads a list of addresses
|
|
from the output of the program.
|
|
.Pp
|
|
The format of the list of addresses is expected to consist of one
|
|
network block or address per line (optionally followed by a space and
|
|
text that is ignored).
|
|
Comment lines beginning with
|
|
.Ar #
|
|
are ignored.
|
|
Network blocks may be specified in any of the formats as in
|
|
the following example:
|
|
.Bd -literal -offset indent
|
|
# CIDR format
|
|
192.168.20.0/24
|
|
# A start - end range
|
|
192.168.21.0 - 192.168.21.255
|
|
# As a single IP address
|
|
192.168.23.1
|
|
.Ed
|
|
.Pp
|
|
Each blacklist must include a message, specified in the
|
|
.Ar msg
|
|
capability as a string.
|
|
If the
|
|
.Ar msg
|
|
string is enclosed in double quotes, the characters in the quoted string
|
|
are escaped as specified in
|
|
.Xr getcap 3
|
|
with the exception that a colon (:) is allowed in the quoted string.
|
|
The resulting string is used as the message.
|
|
Alternatively, if the
|
|
.Ar msg
|
|
string is not specified in quotes, it is assumed to be a local filename
|
|
from which the message text may be read.
|
|
.Pp
|
|
The message is configured in
|
|
.Xr spamd 8
|
|
to be displayed in the SMTP dialogue to any connections that match
|
|
addresses in the blacklist.
|
|
The sequence \e" in the message will produce a double quote in the output.
|
|
The sequence %% will produce a single % in the output,
|
|
and the sequence \&%A will be expanded in the message by
|
|
.Xr spamd 8
|
|
to display the connecting IP address in the output.
|
|
.Sh SEE ALSO
|
|
.Xr ftp 1 ,
|
|
.Xr pf 4 ,
|
|
.Xr spamd 8 ,
|
|
.Xr spamd-setup 8
|