This page provides information about how the
ptsfilter.conf file functions, and how to
use it to work on your system properly and
effectively.
Mydomainname and mynodename
are the principals in this file which
determine how Ptsfilter will function.
If the values of these two parameters
are incorrect, Ptsfilter will try to
retrieve this information from the
UNIX system itself.
do_check_for_mailserver
Check ip address against blacklist database. Options are "1" or "2"
Option "1" performs check at connect phase
option "2" performs check at recipient list
Default database is dul.dnsbl.sorbs.net.
check_local_user~
Checks the from address against the passwd, alias
and virtusertable files on your Sendmail server.
connect_blacklist
Change blacklist database used for checking mailserver.
do_check_for_openrelay
Check for open relay or proxy. Options are "1" or "2"
Option "1" performs check at connect phase
option "2" performs check at recipient list
Default database is list.dsbl.org.
connect_openrelay
Change blacklist database used for checking open relay.
connect_priority
scheduling priority for connect phase of message.
1 lowest 63 highest
discard_bad_addresses~
If the number of bad addresses is greater than the
number specified, the messageis dropped. Used to prevent dictionary attacks.
discard_invalid_address~
If the format of the address is invalid,discard the message.
helo_priority
scheduling priority for helo phase of message.
1 lowest 63 highest
from_priority
scheduling priority for from phase of message.
1 lowest 63 highest
to_priority
scheduling priority for to phase of message.
1 lowest 63 highest
header_priority
scheduling priority for header phase of message.
1 lowest 63 highest
eoh_priority
scheduling priority for eoh phase of message.
1 lowest 63 highest
body_priority
scheduling priority for body phase of message.
1 lowest 63 highest
eom_priority
scheduling priority for end of message phase of message.
1 lowest 63 highest
abort_priority
scheduling priority for abort phase of message.
1 lowest 63 highest
close_priiority
scheduling priority for close phase of message.
1 lowest 63 highest
match_priority
scheduling priority for pattern matching tests.
1 lowest 63 highest
num_rejections~
Used with a numerical option when multiple messages
are coming in over a single connection. When the number
of message rejections exceeds the number specified,
the entire connection is dropped.
ptsdomainlist
A list of domain blacklist from the PTS blacklist server.
ptsiplist
A list of ip blacklist from the PTS blacklist server.
spam_priority
scheduling priority for spam_test.
1 lowest 63 highest
write_stats_priority
scheduling priority for writing to stats file.
1 lowest 63 highest
write_to_database_priority
scheduling priority for writing to database.
1 lowest 63 highest
greylist_priority
scheduling priority for greylist test.
1 lowest 63 highest
query_users_priority
scheduling priority for query users test.
1 lowest 63 highest
query_ptsdatabase_priority
scheduling priority for query ptsdatabase test.
1 lowest 63 highest
query_blacklist_priority
scheduling priority for query blacklist test.
1 lowest 63 highest
query_emailalert_priority
ex: query_emailalert_priority~1~
sets the priority for email alert
query_exceptions_priority
scheduling priority for query exceptions test.
1 lowest 63 highest
rejects_time~
Used with a numerical option. Will clean out every file
in the /usr/local/etc/ptsfilter/rejects directory that
are older than the number of hours specified.
cleanup_priority
scheduling priority for cleanup routines.
1 lowest 63 highest
sendmail_binary
This should be the fully qualified pathname to sendmail.
ex: sendmail_binary~/usr/sbin/sendmail~
sendmail_options
These are options to sendmail
ex: sendmail_options~-bd -q30m~
sendmail_priority
ex: sendmail_priority~1~ 1 is lowest priority, 63 is highest
subprogram_priority
This allows you to set a priority the third party AND custom script tests.
ex: subprogram_priority~1~
mydomainname
This should be your domain name.
ex: mydomainname~mydomain.com~
discard_user_restriction
The option that rejects messages with no valid recipients.
do_early_test
The option that does blacklist checks at the connect phase.
do_from_address_check
The option that checks the from address against the from header
to see if they are a match. If it's not a match the message is
rejected. If this option is set to 0, exact match on whole address.
If option is 1, exact match on domain name only.
ex: do_from_address_check~1~
will_do_return_path_check
The option that checks the from address against the return path to
see if they match. If it's not a match the message is rejected. If
this option is set to 0, exact match on whole address. If option is
1, exact match on domain name only.
ex: will_do_return_path_check~1~
will_do_reply_to_check
The option that checks the from address against the reply-to address
to see if they match. If it's not a match the message is rejected.
If this option is set to 0, exact match on whole address. If option
is 1, exact match on domain name only.
ex: will_do_return_path_check~1~
do_spf_exception
The option that exempts a selected domain from the spf test.
ex: do_spf_exception~
do_mx_exception
The option that exempts a selected domain from the mx test.
ex: do_mx_exception~
do_mx_check
The option that checks a selected domain in the from address
for a valid mx record.
ex: do_mx_check~
mynodename
This should be your system name of the unix system.
ex: mynodename~mail~
will_do_external
This option should be your system name of the unix system.
ex: mynodename~mail~
format_list
This is a comma separated list of
fields allowing you to determine
your own report stats. The first
field is one through eleven, followed
by a : and the number of characters.
ex: format_list~4:15,2:40,3:40,8:30,1:70~
dnsbl_domain_list
Comma separated list of
Domain Blacklist Database.
Takes argument of 1 for Server only check
ex: dnsbl_domain_list~bogusmc.rfc-ignorant.org,abuse.rfc-ignorant.org~1~
surbl_list
Comma separated list of Surbl Blacklist Database.
Takes argument of 1 for Server only check or 2
which will also check against your dnsbl_domain_list
and dnsbl_list
ex: surbl_list~sc.surbl.org,ws.surbl.org~1~
dnsbl_list
Comma separated list of Blacklist Database.
Takes argument of 1 for Server only check 2 for all IP addresses
ex: dnsbl_list~list.dsbl.org,dnsbl.sorbs.net~1~
stats_file
Variable used to indicate stats file you want web
configurator to look at.
ex: stats_file~/usr/local/etc/ptsfilter/stats~
razor
fully qualified pathname to razor-check.
You can now have the option of 1, 2, or 3.
1 only test message if it has not failed any other test,
2 test message even if it is an exception, and
3 test all messages both incoming and outgoing.
ex: razor~/usr/local/bin/razor-check~1~
clamav
fully qualified pathname to clamscan, used by filter.
You can now have the option of the
1, 2, or 3. 1 only test message if it has not failed any other test, 2
test message even if it is an exception, and 3
test all messages both incoming and outgoing.
ex: clamav~/usr/local/bin/clamscan~3~
subject_spam_msg
message sent to sender due to subject spam rejection.
(subject-list.conf)domain.
domain_reject_msg
message sent to sender is a message is sent to a restricted
(to-restrict.conf)domain.
domain_reject_msg
message sent to sender is a message is sent to a restricted
(to-restrict.conf)domain.
clamav_reject_msg
message sent to sender if clamav rejects message.
razor_reject_msg
message sent to sender if vipul's razor rejects message.
maxsubsize_reject_msg
message sent to sender if the message is rejected because
the subject is larger than the maximum allowed subject size.
minsubsize_reject_msg
message sent to sender if the message is rejected because
the subject is smaller than the minimum allowed subject size.
minmsgsize_reject_msg
message sent to sender if the message is rejected because
it is smaller than the minimum allowed message size.
no_header_reject_msg
message sent to sender if message is rejected due to no header
(do_header_check)
open_relay_msg
message sent to sender if message rejected due to open relay detection.
invalid_mailserver_msg
message sent to sender if sending mailserver is not valid
surbl_reject_msg
message sent to sender if surbl (Spam URI Realtime BlockList)
rejects message.
external_reject_msg
message sent to sender if an external program rejects a message.
spf_reject_msg
message sent to sender if there is a SPF or DNS rejection
user_reject
message sent to sender if the user is not in (user-list.conf)
user_namereject
message sent to sender is there is a user name length restriction.
check_to_reject
message sent back to mail client if our domain does not appear
in the to address
forged_reject
message sent back to mail client if address is possibly forged.
intranet_reject
message sent to sender due to intranet restriction.(intranet-list.conf)
msg_size_reject
message sent to sender if mail exceded (message_size-list.conf)
message size limit.
domain_reject
message sent to sender because of domain ip
(domain-ip-list.conf)restriction.
address_from_to_reject
message sent to sender if the "from" and "to" addresses match.
address_from_reject
message sent to sender mail if address length exceeds limit.
num_of_ip_reject
message sent to sender if the number of relays exceeds limit.
dns_reject
message sent to sender if dns lookup fails.
blacklist_reject
message sent to sender if mail is rejected by blacklist database.
quota_reject
message sent to sender if mailbox quota limit is
(quota-list.conf) exceeded.
reject_spam
message sent to sender due to a spam rejection. (spam-list.conf)
ip_address_reject
message sent to sender if ip address has been (ip-list.conf) rejected.
address_reject
message sent to sender when from address has been rejected
(address-list.conf) rejected.
virus_reject
message sent to sender if a sign of a virus in (string-list.conf)
mail message has been detected.
local_virus
message sent to local user when the mail shows (string-list.conf)
signs of a possible virus.
dcc
DCC is the Distributed Checksum Clearing House.
The first field is the tag, the constant.
The second field is the fully qualfied pathname to the
exectuable you want to run. The third field is the
option of how you want the check to be, will either be 1, 2, or 3.
1 only test message is it has not failed any other test,
2 test message even if it is an exception,
and 3 test all messages both incoming and outgoing.
ex: dcc~usr/local/bin/dccproc -QR -ccmn,10 >/dev/null 2>&1~1~
lhnmode
Checks local host names for outbound exemptions.
This only takes one argument, which would be a fully qualified file name.
lhnmode~/etc/mail/local-host-names~
will_do_external
Performs a user specified script.
This takes a fully qualified pathname for the program to run.
This also has the options of 1, 2, and 3.
ex: will_do_external~/usr/local/bin/myscript~3~
option 1 performs the command on messages accepted
option 2 performs the command on messages exempted or accepted
option 3 performs the command on all messages
check_num_recipients
sets the number of recipients to allow before rejecting
message*(takes a numerical argument)*
ex: check_num_recipients~7~
will_do_dcc_exception
allows an exception for the dcc test.
ex: will_do_dcc_exception~1~
check_num_recipients
sets the number of recipients to allow before rejecting
message*(takes a numerical argument)*
ex: check_num_recipients~7~
do_body_check
checks to see if message has no body
ex: do_body_check~
do_header_check
checks to see if message has no headers
ex: do_header_check~
do_dictionary
stops dictionary attacks
ex: do_dictionary~
check_num_ips
sets the number of relays to allow before rejecting
message*(takes a numerical argument)*
ex: check_num_ip~7~
size_limit
This option allows for a certain number of bytes,
chosen by the system administrator, to be
scanned. Once the set number of bytes is scanned,
the scanning stops.*(Takes a numerical argument)*
ex: size_limit~25000~
noroot
Allows ptsfilter to run as users other than smmsp
ex: noroot~nobody~
check_user_from_length
checks the length of the from address*(takes a numerical argument)*
must be less than check_user_from_length
ex: check_user_from_length~50~
check_from_length
checks the length of the from address*(takes a numerical argument)*
must be greater than check_from_length
ex: check_from_length~50~
forceviruscheck
This option forces attachment scanning on Exceptions.
*(Takes a numerical argument 1 for incoming only. 2 for all messages)*
ex: force_virus_check~1~
spfflag
Do SPF (Sender Policy Framework) Test.
Takes a numerical argument. (1 only accept message on
pass condition, 2 only fail message on fail condition)
ex: spfflag~2~
do_bonded_sender
This option makes ptsfilter do an accreditation check with Bonded Sender
do_habeas_check
This option makes ptsfilter do an accreditation check with Habeas
spfmydomain
This option forces a SPF check on the system's domain
spfexception
This option forces a SPF exception on the system's domain
check_base64
Checks base64 encoded strings against the spamlist entries
noscanattachment
Make Ptsfilter not scan encoded attachments
check_to_domain
Ensures that messages with many different domainnames
in the "to", "CC" and "BCC" fields are not
accepted. Only messages containing one common domainname in the "to",
"CC" and "BCC" fields are accepted.
trace
Adds trace statements to syslog showing routines message went through
check_if_forged
rejects forged ip addresses
discard_dsn
Discards unwanted DSN (Dellivery Status Notice) which contain spam.
discardmessage
Discards unwanted messages rather than sending
reject reply back to the sender
logging
Create copies of offending messages
do_syslog
Do not send messages to the syslog
dnscheck
DNS lookups on all server addresses (IP ADDRESS must resolve)
Takes an argument of 1 for server address only
Takes an argument of 2 for all IP adresses.
A 2 is very RESTRICTIVE.
use_mysql
Read/Write to ptsmail database requires mysql
blacklist_mysql
Write Blacklist entries to BlackList table
dcc_mysql
Write DCC entries to BlackList table
no_valid_recipients_mysql
Write IP address of of messages with no valid recipeints
to BlackList table
surbl_mysql
Write Surbls Domain entries to BlackList Domain table
razor_mysql
Write Vipuls Razor entries to BlackList IP table
spf_mysql
Write SPF entries to BlackList IP table
check_from_to
Disallow from and to address that are the same
testmode
Puts Ptsfilter in testmode. Does all checks and reports
but deliver's all mail.
scansubject
Scan subject only for spam
exemptoutspam
exempt all outgoing mail from spam check
exemptout
exempt all outgoing mail from all checks
intranetout
Restricts incoming mail for users on intranet restriction
multipletoaddresses
Checks multiple to addresses to ensure that if one address fails,
all addresses fail.(turn exceptions off)
quarantine_time
time in hours to clean out quaratine directory.(used by smd).
ex:quarantine_time ~24~
reject_time
time in hours to clean out rejects directory.(used by smd).
ex: reject_time~24~
tmp_time
time in hours to clean out tmp directory.(used by smd).
ex: tmp_time~24~
users_time
time in hours to clean out users directory.(used by smd).
ex: users_time~24~
surbl_count
number of bytes in a message to check for surbl's
ex: surbl_count~50000~
elapsedtime
time in minutes to refresh filter.(used by smd).
ex: elapsedtime~360~
freshclam
command to run clamav database updates(used by smd).
fqpn for freshclam. Will be run on filter refresh time.
ex: freshclam~/usr/local/bin/freshclam 2>/dev/null 2>&1~
num_of_processes
number of threaded processes for ptsfilter (used by smd).
normally 1. Older versions of Linux use 3.
ex: num_of_processes~1~
BlackList
Clean tblBlackList table of entries past N days old
Takes 1 argument of number of days
tblEmailFilter
Clean tblUserList table of entries past N days old
Takes 1 argument of number of days
tblUserList
Clean tblUserList table of entries past N days old
Takes 1 argument of number of days
DomainList
Clean DomainList table of entries past N days old
Takes 1 argument of number of days
tblmessage
Clean tblmessage table of entries past N days old
Takes 1 argument of number of days
rebuild_access
Add addresses from the Blacklisr mysql tables to sendmail
access database. Takes 2 arguments action (DISCARD,REJECT)
ip only (1), domain only (2) or both (3)
ex: rebuild_access~DISCARD~1~
When the smd daemon elapsed time expires the access database will be
rebuilt adding the entries to your access table.
users_mysql
Use the tblEmailAddress table to get a list of valid users
users_full_address
Do exact match on full address entries in tblEmailAddress
needs users_exact_match.
users_exact_match
Do exact match on entries in tblEmailAddress
allow_deny_exact_match
Do exact match on entries in tblUserList
repair_table
Repair mysql tables as part of regulary scheduled maintenance
will_do_clamupdate
Automatically update clamav virus database
orderly_shutdown
Do orderly shutdown of milter. Needed most when using mysql
users_mysql
Use tblEmailAddress table for User Restriction Lookups
users_exact_match
Do exact match on user test against tblEmailAddress
insert_delayed
Use delayed inserts writing to mysql database
write_message_dir
Takes argument of fully qualified path name to write messages to
The filename will be the queue_id. No limit on number of bytes.
write_message_record
Takes numerical argument of number of bytes
of message to write to tblmessage table. Limit is 50000 bytes.
wiil_do_absolutly_from_restrict
will do from restrict test regardless of exemption.
spfauththenticate
bypasses spf test on your domain if spfmydomain is set
and user authenticates through sendmail
temp_fail_on_database_error
temp fail message if mysql error
abort_by_sendmail
Adds entries to statistics file for connections aborted by sendmail
connect_timeout
Time in seconds to allow for MTA connect to ptsfilter.
listen_backlog
Listen queue backlog for ptsfilter from sendmail. This should set no
higher than the system allowable backlog on a listening socket.
maxsubjectsize
Maximum allowable subject size
minsubjectsize
Minimum allowable subject size
minmessagesize
Minimum allowable message size
greylisttype
Turns on greylisting. Take 1 argument.
0 for ipaddress, from address and to address. 1 for to address
and from address
greylist
Turns on greylisting. Take 2 arguments, time minutes
for message temp fail and time in hours for record expiration
if greylisttype is not set greylisttype is 0;
do_network_time_check
Gives time in milliseconds of certain network connections
do_x_header
Adds header to message with status.
bayesian
Checks email against PTSMail Utilities Bayesian filter.
do_mx_check
Checks to verify sending domain has valid mx record.
mailbox_location
Location of email boxes (usually /var/spool/email).
Takes 1 argument, fully qualified pathname.
check_my_user
check local domain to check if sender is valid user
Takes argument of ip address to check against
do_user_check
check sending domain to check if sender is valid user
Takes argument of 1 just check user or 2 to also
check if sever refuses connection.
Argument of 3 gives temporary fail on error connection.
Argument of 4 passes to next test on error connection.
user_delrcpt
Allows you to delete unknown recipients from the recipient list.
Example File
mydomainname~anydomain.com~
mynodename~mail~
exemptout~
bayesian~
use_mysql~
spfflag~2~
noscanattachment~
spfmydomain~
maillog~/var/log/maillog~
do_habeas_check~
do_bonded_sender~
lhnmode~/etc/mail/local-host-names~
clamav~/usr/local/bin/clamscan >/dev/null 2>&1~3~
razor~/usr/local/bin/razor-check >/dev/null 2>&1~1~
format_list~4:15,2:40,3:40,8:30,1:70~
dnsbl_list~dnsbl.sorbs.net,bl.spamcop.net,sbl.spamhaus.org~1~
stats_file~/usr/local/etc/ptsfilter/stats~
sendmail_binary~/usr/sbin/sendmail~
dcc~/usr/local/bin/dccproc -QR -ccmn,10 >/dev/null 2>&1~1~
freshclam~/usr/local/bin/freshclam >/dev/null 2>&1~
num_of_processes~1~
blacklist_mysql~
razor_mysql~
quarantine_time~240~
Need to upgrade your license?
Go to the upgrade area to upgrade your
license the latest version of the PTSMail Utilties. |
