cgpav.conf

# $Id: cgpav.conf, v 1.5 2010/07/01 12:00:00 farit Exp $

# cgpav Configuration File
# Anti-Virus and Anti-Spam External Filter for CommuniGate Pro
# Place it into /var/CommuniGate/Settings, /var/CommuniGate or /etc dir


############### CommuniGate Pro ########################################
# *** CommuniGate Pro Home Directory, where Queue subdir resides ***
# Usually /var/CommuniGate
cgpro_home = /var/CommuniGate

# *** CommuniGate Pro Submitted Directory ***
# Usually /var/CommuniGate/Submitted
cgpro_submitted = /var/CommuniGate/Submitted

# *** Temporary dir to extract attachments from messages ***
# Without the trailing slash '/'
# If unsure, set it to /tmp
tmp_dir = /tmp


################### cgpav ##############################################
# *** Maximum number of virus scanning children processes ***
# Must be equal to the number of Message Enqueuer and Dequeuer Processors
# in Settings->Queue
# If unsure, set it to 10
max_childs = 3

# *** Maximum number of errors while message scanning ***
# For example, if your anti-virus daemon is not running,
# the program counts these errors and when the number of errors reaches
# the max_errors level, it begins to answer OK.
# Before that level has been reached it just answers REJECTED
# and messages stay in the queue.
# When an av daemon starts working properly, the program begins to scan messages again.
# If unsure, set it to 20
max_errors = 20

# *** Timeout in seconds while waiting for a response ***
# from the anti-virus or anti-spam daemon.
# Scanning large attachments can take a lot of time.
# When the timeout has been reached, the virus scanning will be stopped
# and a message will be delivered as clean.
# If unsure, set it to 120
av_timeout = 120

# *** Logging ***
# Logging facility
# Possible facility values: mail, from local0 to local7
# Also insert a line into /etc/syslog.conf if you want to
# redirect this facility messages to another logfile:
# local0.* /var/log/virus.log
# If unsure, set it to local0
log_facility = local0

# *** Action upon detection a virus in a message ***
# Actions are: none, reject, discard, addheader
# none - do nothing, no virus scanning
# reject - bounce the message with the undeliverable response,
# discard - silently remove the message: use it if you don't want the default undeliverable messages to be sent,
# addheader - add the infected_header to the message.
# The text of the mail header must be defined in the
# infected_header option below.
# If unsure, set it to discard
infected_action = none

# *** Infected mail header ***
# Added when a virus was found and infected_action = addheader
# Attention: begin it with X-
# Default is: X-Virus-Flag: Yes
infected_header = X-Virus-Flag: Yes

# *** Add the uninfected mail header ***
# Add the header when a message is not infected.
# If unsure, set it to false
add_not_infected_header = true

# *** Not-infected mail header ***
# Added when no virus was found in the scanned message
# and indicate that it has passed through the AV filter.
# Default is: X-Virus-Scanned: by cgpav
not_infected_header = X-Virus-Scanned: by cgpav


####### Additional Notifications ###########################################
# If you don't want the default undeliverable notifications, set
# infected_action = discard

# *** Notifications From: e-mail  ***
# You can enable additional notifications for a virus sender
# and/or recipients. They will be sent From this e-mail address.
# Use the pseudo e-mail, in Settings->Router add a line:
#   <antivirus> = null;
# This will silently discard all messages to this address.
antivirus_email = antivirus

# *** Enable an additional notification to the virus sender ***
# Enable - true, disable - false
# If unsure, set it to false
sender_notification = false

# *** Enable additional notifications to the virus recipients ***
# Enable - true, disable - false
# If unsure, set it to false
recipients_notification = true

# *** Enable notifications to the postmaster of the mail server ***
# If unsure, set it to false
postmaster_notification = false

# *** Mail server's postmaster account ***
# If unsure, set it to postmaster
postmaster_account = postmaster

# *** Enable notifications to postmasters of the virtual domains ***
# Options:
# false - no notificaions,
# true - all notifications: viruses from users and to users,
# from - viruses from users of the domains,
# to - viruses to users
# If unsure, set it to false
virtual_postmaster_notification = false

# *** Send notifications to the postmasters of these virtual domains ***
# Separate them by , (comma)
# Can continue on the next line by adding 'virtual_domains =' in front.
# Example:
# virtual_domains = domain.ru, domain.com, domain.net
# virtual_domains = mail.domain.org
# If unsure, leave the options empty
virtual_domains =
virtual_domains =

# *** Name of the virtual domain postmaster account ***
# The first part of postmasters' e-mails before the '@' sign.
# You can't use different accounts for different domains.
# If unsure, set it to postmaster
virtual_postmaster_account = postmaster

# *** Enable sending notifications to local users, ***
# identified by the IP addresses from which messages were sent.
# His/her IP address must be inside the local_networks option ranges.
# Options:
# false - no notificaions,
# true - all notifications: when a local user sent a virus,
# notify both him and the message recipients
# from - notify only the local user
# to - notify only the recipients
# You must disable the sender_notification and recipients_notification options above.
# If unsure, set it to false
local_notification = false

# *** Local networks, ip addresses only ***
# The option can be multi-line, use , (comma) as delimeter.
# Exclude any mail backup relays IP from these networks.
# Examples:
# local_networks = 213.100.100.0-213.100.110.255, 213.100.200.0/24
# local_networks = 213.100.200.0/255.255.255.0, 127.0.0.1
# If unsure, leave it empty
local_networks = 127.0.0.1
local_networks =

# *** Local domains ***
# Used in conjunction with the local_networks to enable
# sending notifications only to users from your networks and your domains.
# If unsure, leave it empty
local_domains = example.com
local_domains =

# *** Enable notifications depending on the virus name ***
# Some viruses fake sender's e-mail, making notifications unnecessary.
# They are usually named Worms.
# Define fake_virus_strings option below to include common parts of them.
# If unsure, set it to false
virus_name_notification = false

# *** Fake virus strings ***
# Deny sending notifications if the fake virus contains one of these strings.
# Option is case insensitive and multi-line, delimeter is , (comma)
# If won't affect the local senders, they will still get notifications
# of all viruses sent by them.
# Example:
# fake_virus_strings = Worm., Exploit.
# If unsure, left it empty
fake_virus_strings = Worm.
fake_virus_strings =

# *** Notifications charset and languages ***
# Notifications can contain texts in different languages
# Set charset for your language.
# English:  us-ascii
# Russian:  koi8-r
# European: iso-8859-1
# If unsure, set it to us-ascii
charset = us-ascii

# *** Subject of the notification to a virus sender ***
sender_subject = VIRUS in your message

# *** Subject of the notification to virus recipients ***
recipient_subject = VIRUS in message to you

# *** Original infected message headers ***
# Include them into notifications or not
# If unsure, set it to false
original_message_headers = false

# *** Your own text at the bottom of notifications ***
# Type it on one line!
# Use \n as a new line separator, \t as tab indent.
# Example,
# own_text = Thank you!\nTry to check your computer for viruses.
# If unsure, leave it empty
own_text =

# *** Notification languages ***
# English is always enabled.
# Type true or false
# Russian
russian = false
# German
german = false
# French
french = false
# Spanish
spanish = false
# Italian
italian = false
# Tatar
tatar = false
# Latvian
latvian = false
# Ukrainian
ukrainian = false
# Dutch
dutch = false


##### Antivirus daemons ###############################
# AV daemon is chosen at the ./configure step.

# *** Clamd daemon for Clamav Anti-Virus ***
# Clamd control socket
# Check /etc/clamav.conf or /usr/local/etc/clamav.conf
# for the LocalSocket value.
# Also, check the user Clamav running under: User setting.
# It must be 'root', or the user must be in the 'mail' group.
# Examples: /tmp/clamd or /var/run/clamav/clamd.ctl or /var/run/clamav
clamd_socket = /var/run/clamav/clamd.ctl

# *** Kaspersky (AVP) daemon ***
# AVP control socket filename
# Usually, /var/run/AvpCtl for KAV < 4.5
# And /var/run/aveserver for KAV >= 4.5
avpctl_filename = /var/run/aveserver

# *** Sophie daemon for Sophos Anti-Virus ***
# Sophie control socket
# Usually, /var/run/sophie
sophos_socket = /var/run/sophie

# *** Trophie daemon for Trend Micro Anti-Virus ***
# Trophie control socket
# Usually, /var/run/trophie
trophie_socket = /var/run/trophie

# *** Drwebd daemon for Dr.Web ***
# Dr.Web control socket
# Usually, /var/run/drwebd.socket
# Set the value of the socket in /etc/drweb/drweb32.ini:
# Socket = /var/run/drwebd.socket
drwebd_socket = /var/run/drwebd.socket


# *** Infected file extensions ***
# Reject some attached file extensions that viruses often use.
# Separate them by , (comma), the setting is multi-line.
# Not available for AVP and DrWeb.
# Example:
# infected_extensions = .pif, .lnk, .scr, .bat, .vbs, .vbe, .js
infected_extensions = .pif, .lnk, .scr, .bat, .vbs, .vbe, .js
infected_extensions =


######## Virus Quarantine #######################################
# *** Quarantine infected messages ***
# Copy infected messages to the virus_quarantine_dir
# If unsure, set it to false
virus_quarantine = false

# *** Virus quarantine directory ***
# to store viruses if the virus_quarantine option above is enabled
virus_quarantine_dir =

# *** Create the virus collection ***
# Copy viruses to the virus_collection_dir.
# A new example of the same virus will overwrite the previous one.
# Useful in collecting original viruses.
# If unsure, set it to false
virus_collection = false

# *** Virus collection directory ***
# to store viruses if the virus_collection option above is enabled
virus_collection_dir =


########## Spamassassin ########################################
# *** Enable SpamAssassin ***
# Type true or false
# Enable it if you've installed and tested SpamAssassin.
# If unsure, say false
enable_spamassassin = true

# *** Spam scanning messages from the local senders ***
# Scan messages if they were sent from the IPs defined in the local_networks.
# Attention! This can cause problems if you have some relays
# in the local_networks range, as incoming messages will have their IPs.
# So don't forget to exclude those relays from local_networks.
# If unsure, say false, because spam scanning process is so time consuming.
spam_scan_local = false

# *** Spam message action ***
# What to do when spam was detected.
# Actions: none, reject, discard, addheader, addheaderjunk, addheaderall
# none - do nothing, no spam scanning
# reject - bounce message,
# discard - remove silently,
# addheader - add the spam_header
# addheaderjunk - add the header X-Junk-Score
# addheaderall - add the spam header to all messages whether they are spam
# or not. You should definitely enable spam_level_header to allow users
# defining their own rules and set local_networks to avoid scanning
# outgoing mail in this mode
# The text of the spam mail header is defined in the spam_header option below.
# If unsure, set it to addheaderjunk
spam_action = addheaderjunk

# *** Spam mail header ***
# The program adds default header like
# X-Spam-Status: Yes, hits=18.7 required=5.0 tests=GTUBE
# You can define here an additional header to add upon spam detection.
# Begin it with X-
# If unsure, set it to X-Spam-Flag: Yes
spam_header = X-Spam-Flag: Yes

# *** Spam level header ***
# If it's enabled, the header X-Spam-Level: *****
# will be added, where the number of asterisk * (or spam_level_char)
# signs indicates the level of spam.
# For example, hits=5 and X-Spam-Level: *****
# Then users can filter such messages in their e-mail clients.
# For example, they can define to filter messages containing the header
# X-Spam-Level: ***** , another words the messages with spam hits >= 5.
# If unsure, set it to false
spam_level_header = false

# *** Spam level header char ***
# If the spam_level_header is enabled, this char will indicate the spam level.
# There is a problem in CommuniGate Pro rules that prevents using
# the default '*' sign. Use another one, e.g. 'x'.
# Then your set of rules can look like:
# Header Field is X-Spam-Level: xxxxxxxx*
# store in spam_folder
# Header Field is X-Spam-Level: xxxxxxxx*
# discard
spam_level_char = *

# *** Extra spam score ***
# Spam filter counts spam score for every message.
# When this score is low, the program runs the default spam_action.
# But when score is higher than the extra_spam_score it runs
# extra_spam_action. This is useful to reject obvious spam,
# for example, from blacklisted domains.
# If unsure, set it to 15
extra_spam_score = 10

# *** Extra spam action ***
# Action when the extra_spam_score is reached.
# Actions: none, reject, discard
# If unsure, set it to reject
extra_spam_action = reject

#blacklist_cmd = "/usr/local/bin/cg_blacklist_add.php %s"
#blacklist_cmd = "cg_blacklist_add.php %s"
#blacklist_cmd = "echo hallo %s          "

# *** SpamAssassin socket type ***
# Options: unix or tcp
# Use unix when spamd is at the localhost, tcp - to make a network connection
# If unsure, use unix
spamassassin_socket_type = tcp

# *** SpamAssassin control socket ***
# Unix socket, run spamd with the options like:
# spamd -d -m 10 -x -q -u mail --socketpath=/var/run/spam
# Usually, /var/run/spam
spamassassin_socket = /var/run/spamd.socket

# *** SpamAssassin host ***
# Where spamd is listening on the tcp port.
# spamd options:
# spamd -d -m 10 -x -q -u mail -i 127.0.0.1 -p 783
# Usually, 127.0.0.1
spamassassin_host = 127.0.0.1

# *** SpamAssassin port ***
# Where spamd is listening on
# Usually, 783
spamassassin_port = 783

# *** Maximum message scan size ***
# If a message is larger in bytes than specified in this option,
# only the first max_spamscan_size bytes will be scanned.
# The size is smaller, the scanning is faster.
# Set it in bytes: 65536, kilobytes: 50K, megabytes: 1M
# Add a line into /etc/spamassassin/local.cf
# score MIME_MISSING_BOUNDARY 0
# That test is triggered when a message was cut off.
# If unsure, set it to 50K.
max_spamscan_size = 50K

# *** Text of the message sent to the spam sender ***
# Type it on one line!
# Use \n as a new line separator, \t as tab indent.
# For example:
# antispam_message = This user rejects any mail from your e-mail address!\nYou seems to be a spammer.
antispam_message = This user rejects any mail from your e-mail address!\nYou seem to be a spammer.

# *** Domain aliases ***
# The option is useful when your domains have several aliases.
# Its purpose is to have the same user settings for several domains.
# Format: mail.domain.com => domain.com, smtp.domain.com => domain.com
# Then user@mail.domain.com will have the settings of user@domain.com
# If unsure, leave it empty.
domain_aliases =
domain_aliases =

# *** Quarantine spam messages ***
# Copy spam messages to the spam_quarantine_dir
# If unsure, set it to false
spam_quarantine = false

# *** Spam quarantine directory ***
# to store spam if the spam_quarantine option above is enabled
spam_quarantine_dir =

########## Database #########################################################
# *** Database host name ***
# Name of the host to connect to.
# Usually, localhost
db_host = localhost

# *** Database port number ***
# Port number to connect to at the database host.
# If unsure, leave it empty
db_port =

# *** Database user name ***
# User name to connect as
db_username = spamassassin

# *** Database user's password ***
# User's password to connect
db_password =

# *** Database name ***
# Usually, spamassassin
db_database = spamassassin


########## Restrictions #####################################################
# *** Enable restrictions if you want to scan only certain domains ***
# Useful, if you want to charge some domains for scanning.
# Options:
# false - disable any restrictions
# true - enable restrictions, scan only domains listed
# in the scan_domains option,
# deny - enable restrictions, scan all domains but not in the not_scan_domains
# If unsure, set it to false
restrictions = false

# *** Scan only these domains ***
# The option is multi-line, separate domains by , (comma).
# If unsure, leave it empty
scan_domains =
scan_domains =

# *** Do not scan these domains ***
# The option is multi-line.
# If unsure, leave it empty
not_scan_domains =
not_scan_domains =