]>
Commit | Line | Data |
---|---|---|
4a08dffe | 1 | [[chapter_mailfilter]] |
62e86eb6 DM |
2 | Mail Filter |
3 | =========== | |
4 | ||
5 | {pmg} ships with a highly configurable mail filter. It’s an easy but | |
6 | powerful way to define filter rules by user, domains, time frame, | |
7 | content type and resulting action. | |
8 | ||
9 | image::images/screenshot/pmg-gui-mail-filter-rules.png[] | |
10 | ||
c9d28a2b DM |
11 | Every rule has 5 categories ('FROM', 'TO', 'WHEN', 'WHAT' and |
12 | 'ACTION'), and each category may contain several objects to match | |
13 | certain criteria: | |
62e86eb6 | 14 | |
a16d5544 | 15 | 'Who' - objects:: |
62e86eb6 | 16 | |
c9d28a2b | 17 | Who is the sender or receiver of the e-mail? Those objects can be used |
62e86eb6 DM |
18 | for the 'TO' and/or 'FROM' category. |
19 | + | |
20 | ==== | |
21 | Example: EMail-object - Who is the sender or receiver of the e-mail? | |
22 | ==== | |
23 | ||
a16d5544 | 24 | 'What' - objects:: |
62e86eb6 DM |
25 | |
26 | What is in the e-mail? | |
27 | + | |
28 | ==== | |
c9d28a2b | 29 | Example: Does the e-mail contain spam? |
62e86eb6 DM |
30 | ==== |
31 | ||
a16d5544 | 32 | 'When' - objects:: |
62e86eb6 DM |
33 | |
34 | When is the e-mail received by {pmg}? | |
35 | + | |
36 | ==== | |
37 | Example: Office Hours - Mail is received between 8:00 and 16:00. | |
38 | ==== | |
39 | ||
a16d5544 | 40 | 'Action' - objects:: |
62e86eb6 DM |
41 | |
42 | Defines the final actions. | |
43 | + | |
44 | ==== | |
45 | Example: Mark e-mail with “SPAM:” in the subject. | |
46 | ==== | |
c9d28a2b DM |
47 | |
48 | Rules are ordered by priority, so rules with higher priority are | |
49 | executed first. It is also possible to set a processing direction: | |
50 | ||
51 | 'In':: Rule applies for all incoming e-mails | |
52 | ||
53 | 'Out':: Rule applies for all outgoing e-mails | |
54 | ||
55 | 'In & Out':: Rule applies for both directions | |
56 | ||
57 | And you can also disable a rule completely, which is mostly useful for | |
58 | testing and debugging. The 'Factory Defaults' button alows you to | |
59 | reset the filter rules. | |
60 | ||
61 | ||
4a08dffe | 62 | [[pmg_mailfilter_action]] |
a16d5544 DM |
63 | 'Action' - objects |
64 | ------------------ | |
c9d28a2b DM |
65 | |
66 | image::images/screenshot/pmg-gui-mail-filter-actions.png[] | |
67 | ||
68 | Please note that some actions stops further rule precessing. We call | |
69 | such actions 'final'. | |
70 | ||
71 | Accept | |
72 | ~~~~~~ | |
73 | ||
74 | Accept mail for Delivery. This is a 'final' action. | |
75 | ||
76 | ||
77 | Block | |
78 | ~~~~~ | |
79 | ||
80 | Block mail. This is a 'final' action. | |
81 | ||
82 | ||
83 | Quarantine | |
84 | ~~~~~~~~~~ | |
85 | ||
86 | Move to quarantine (virus mails are moved to the “virus quarantine”, | |
87 | other mails are moved to “spam quarantine”). This is also a 'final' action. | |
88 | ||
89 | ||
90 | Notification | |
91 | ~~~~~~~~~~~~ | |
92 | ||
93 | Send notifications. Please note that object configuration can use | |
94 | xref:rule_system_macros[macros], so it is easy to include additional | |
95 | information. For example, the default 'Notify Admin' object sends the | |
96 | following information: | |
97 | ||
98 | .Sample notification action body: | |
99 | ---- | |
100 | Proxmox Notification: | |
101 | Sender: __SENDER__ | |
102 | Receiver: __RECEIVERS__ | |
103 | Targets: __TARGETS__ | |
104 | Subject: __SUBJECT__ | |
105 | Matching Rule: __RULE__ | |
106 | ||
107 | __RULE_INFO__ | |
108 | ||
109 | __VIRUS_INFO__ | |
110 | __SPAM_INFO__ | |
111 | ---- | |
112 | ||
113 | Notification can also include a copy of the original mail. | |
114 | ||
115 | ||
116 | Blind Carbon Copy (BCC) | |
117 | ~~~~~~~~~~~~~~~~~~~~~~~ | |
118 | ||
119 | The BCC object simply sends a copy to another target. It is possible to | |
120 | send the original unmodified mail, or the processed result. Please | |
121 | note that this can be quite different, i.e. when a previous rule | |
122 | removed attachments. | |
123 | ||
124 | ||
125 | Header Attributes | |
126 | ~~~~~~~~~~~~~~~~~ | |
127 | ||
128 | This object is able to add or modify mail header attributes. As notice above, you can use xref:rule_system_macros[macros], making this a very powerful object. For example, the 'Modify Spam Level' actions adds detailed infomation about detected Spam characteristics to the ` X-SPAM-LEVEL` header. | |
129 | ||
733e5b36 | 130 | .'Modify Spam Level' Header Attribute |
c9d28a2b DM |
131 | ---- |
132 | Field: X-SPAM-LEVEL | |
133 | Value: __SPAM_INFO__ | |
134 | ---- | |
135 | ||
136 | Another prominent example is the 'Modify Spam Subject' action. This | |
137 | simply adds the 'SPAM:' prefix to the original mail subject: | |
138 | ||
733e5b36 | 139 | .'Modify Spam Subject' Header Attribute |
c9d28a2b DM |
140 | ---- |
141 | Field: subject | |
142 | Value: SPAM: __SUBJECT__ | |
143 | ---- | |
144 | ||
145 | ||
146 | Remove attachments | |
147 | ~~~~~~~~~~~~~~~~~~ | |
148 | ||
149 | Remove attachments can either remove all attachments, or only those | |
a16d5544 | 150 | matched by the rules 'What' - object. You can also specify the |
c9d28a2b DM |
151 | replacement text if you want. |
152 | ||
153 | ||
154 | Disclaimer | |
155 | ~~~~~~~~~~ | |
156 | ||
157 | Add a Disclaimer. | |
66b48b3a DM |
158 | |
159 | ||
4a08dffe | 160 | [[pmg_mailfilter_who]] |
a16d5544 DM |
161 | 'Who' - objects |
162 | --------------- | |
66b48b3a DM |
163 | |
164 | image::images/screenshot/pmg-gui-mail-filter-who-objects.png[] | |
165 | ||
166 | This type of objects can be used for the 'TO' and/or 'FROM' category, | |
167 | and macth the sender or receiver of the e-mail. A single object can | |
168 | combine multiple items, and the following item types are available: | |
169 | ||
170 | EMail:: | |
171 | ||
172 | Allows you to match a single mail address. | |
173 | ||
174 | Domain:: | |
175 | ||
176 | Only match the domain part of the mail address. | |
177 | ||
178 | Regular Expression:: | |
179 | ||
180 | This one uses a regular expression to match the whole mail address. | |
181 | ||
182 | IP Address or Network:: | |
183 | ||
184 | This can be used to match the senders IP address. | |
185 | ||
186 | LDAP User or Group:: | |
187 | ||
188 | Test if the mail address belong to a specific LDAP user or group. | |
189 | ||
a16d5544 | 190 | We have two important 'Who' - objects called 'Blacklist' and |
66b48b3a | 191 | 'Whitelist'. Those are used in the default ruleset to globally block |
3228913a DM |
192 | or allow specific senders. |
193 | ||
40ed107a | 194 | |
4a08dffe | 195 | [[pmg_mailfilter_what]] |
a16d5544 DM |
196 | 'What' - objects |
197 | ---------------- | |
40ed107a DM |
198 | |
199 | image::images/screenshot/pmg-gui-mail-filter-what-objects.png[] | |
200 | ||
a16d5544 DM |
201 | 'What' - objects are used to classify the mail content. A single |
202 | object can combine multiple items, and the following item types are | |
40ed107a DM |
203 | available: |
204 | ||
205 | Spam Filter:: | |
206 | ||
207 | Matches if configured value if greater than the detected spam level. | |
208 | ||
209 | Virus Filter:: | |
210 | ||
211 | Matches on infected mails. | |
212 | ||
fc900299 DM |
213 | Match Field:: |
214 | ||
215 | Match specified mail header fields (eg. `Subject:`, `From:`, ...) | |
216 | ||
40ed107a DM |
217 | Content Type Filter:: |
218 | ||
219 | Can be used to match specific content types. | |
220 | ||
221 | Match Filename:: | |
222 | ||
223 | Uses regular expressions to match attachment filenames. | |
224 | ||
225 | Archive Filter:: | |
226 | ||
227 | Can be used to match specific content types inside archives. | |
228 | ||
229 | ||
4a08dffe | 230 | [[pmg_mailfilter_when]] |
a16d5544 DM |
231 | 'When' - objects |
232 | ---------------- | |
3228913a DM |
233 | |
234 | image::images/screenshot/pmg-gui-mail-filter-when-objects.png[] | |
235 | ||
a16d5544 DM |
236 | 'When' - objects are use to activate rules at specific daytimes. You |
237 | can compose them of one or more time-frame items. | |
3228913a DM |
238 | |
239 | The default ruleset defines 'Office Hours', but this is not used by | |
240 | the default rules. | |
99fd4bd4 DM |
241 | |
242 | ||
4a08dffe | 243 | [[pmg_mailfilter_regex]] |
99fd4bd4 DM |
244 | Using regular expressions |
245 | ------------------------- | |
246 | ||
247 | A regular expression is a string of characters which tells us which | |
248 | string you are looking for. The following is a short introduction in | |
249 | the syntax of regular expressions used by some objects. If you are | |
250 | familiar with Perl, you already know the syntax. | |
251 | ||
252 | Simple regular expressions | |
253 | ~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
254 | ||
255 | In its simplest form, a regular expression is just a word or phrase to | |
256 | search for. `Mail` would match the string "Mail". The search is case | |
257 | sensitive so "MAIL", "Mail", "mail" would not be matched. | |
258 | ||
259 | Metacharacters | |
260 | ~~~~~~~~~~~~~~ | |
261 | ||
262 | Some characters have a special meaning. These characters are called | |
263 | metacharacters. The Period (`.`) is a commonly used metacharacter. It | |
264 | matches exactly one character, regardless of what the character is. | |
265 | `e.mail` would match either "e-mail" or "e-mail" or "e2mail" but not | |
266 | "e-some-mail". | |
267 | ||
268 | The question mark (`?`) indicates that the character immediately | |
269 | preceding it either zero or one time. `e?mail` would match | |
270 | either "email" or "mail" but not "e-mail". | |
271 | ||
272 | Another metacharacter is the star (`*`). This indicates that the | |
273 | character immediately to its left may repeated any number of times, | |
274 | including zero. `e*mail` would match either "email" or "mail" or | |
275 | "eeemail". | |
276 | ||
277 | The plus (`+`) metacharacter does the same as the star (*) excluding | |
278 | zero. So `e+mail` does not match "mail". | |
279 | ||
280 | Metacharacters may be combined. A common combination includes the | |
281 | period and star metacharacters (`.*`), with the star immediately following | |
282 | the period. This is used to match an arbitrary string of any length, | |
283 | including the null string. For example: `.*company.*` matches | |
284 | "company@domain.com" or "company@domain.co.uk" or | |
285 | "department.company@domain.com". | |
0601bef2 DM |
286 | |
287 | The book xref:Friedl97[] provides a more comprehensive introduction. |