Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Reviewed-By: Aaron Lauterer <a.lauterer@proxmox.com>
============================================
endif::manvolnum[]
============================================
endif::manvolnum[]
-This is the Proxmox SMTP filter daemon, which does the actual SPAM
+This is the Proxmox SMTP filter daemon, which does the actual spam
filtering using the SpamAssassin and the rule database. It listens on
127.0.0.1:10023 and 127.0.0.1:10024. The daemon listens to a local
address only, so you cannot access it from outside.
filtering using the SpamAssassin and the rule database. It listens on
127.0.0.1:10023 and 127.0.0.1:10024. The daemon listens to a local
address only, so you cannot access it from outside.
==================================
endif::manvolnum[]
==================================
endif::manvolnum[]
-{pmg} use an application specific asynchronous replication
-algorythm to replicate the database to all cluster nodes.
+{pmg} uses an application specific asynchronous replication
+algorithm to replicate the database to all cluster nodes.
The daemon uses the ssh tunnel provided by 'pmgtunnel' to access
the database on remote nodes.
The daemon uses the ssh tunnel provided by 'pmgtunnel' to access
the database on remote nodes.
endif::manvolnum[]
This daemon implements the Postfix SMTP access policy delegation
endif::manvolnum[]
This daemon implements the Postfix SMTP access policy delegation
-protocol on `127.0.0.1:10022`. The daemon listens to a local address
+protocol on `127.0.0.1:10022`. It listens to a local address
only, so you cannot access it from outside. We configure Postfix to
use this service for greylisting and as SPF policy server.
only, so you cannot access it from outside. We configure Postfix to
use this service for greylisting and as SPF policy server.
Host based Access Control
-------------------------
Host based Access Control
-------------------------
-It is possible to configure ``apache2''-like access control
+It is possible to configure Apache2-like access control
lists. Values are read from file `/etc/default/pmgproxy`. For example:
----
lists. Values are read from file `/etc/default/pmgproxy`. For example:
----
CIPHERS="ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
CIPHERS="ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
-Above is the default. See the ciphers(1) man page from the openssl
+Above is the default. See the `ciphers(1)` man page from the `openssl`
package for a list of all available options.
package for a list of all available options.
-Additionally you can define that the client choses the used cipher in
+Additionally you can define the order that the client chooses the used cipher in
`/etc/default/pmgproxy` (default is the first cipher in the list available to
both client and `pmgproxy`):
`/etc/default/pmgproxy` (default is the first cipher in the list available to
both client and `pmgproxy`):
-----------
By default `pmgproxy` uses gzip HTTP-level compression for compressible
-----------
By default `pmgproxy` uses gzip HTTP-level compression for compressible
-content, if the client supports it. This can disabled in `/etc/default/pmgproxy`
+content if the client supports it. This can be disabled in `/etc/default/pmgproxy`
projects / pmg-docs.git / commitdiff