pmg.conf.5-opts.adoc

   1 .Section 'admin'
   2
   3 `advfilter`: `<boolean>` ('default =' `0`)::
   4
   5 Enable advanced filters for statistic.
   6 +
   7 If this is enabled, the receiver statistic are limited to active ones
   8 (receivers which also sent out mail in the 90 days before), and the contact
   9 statistic will not contain these active receivers.
  10
  11 `avast`: `<boolean>` ('default =' `0`)::
  12
  13 Use Avast Virus Scanner (/usr/bin/scan). You need to buy and install 'Avast Core Security' before you can enable this feature.
  14
  15 `clamav`: `<boolean>` ('default =' `1`)::
  16
  17 Use ClamAV Virus Scanner. This is the default virus scanner and is enabled by default.
  18
  19 `custom_check`: `<boolean>` ('default =' `0`)::
  20
  21 Use Custom Check Script. The script has to take the defined arguments and can return Virus findings or a Spamscore.
  22
  23 `custom_check_path`: `^/([^/\0]+\/)+[^/\0]+$` ('default =' `/usr/local/bin/pmg-custom-check`)::
  24
  25 Absolute Path to the Custom Check Script
  26
  27 `dailyreport`: `<boolean>` ('default =' `1`)::
  28
  29 Send daily reports.
  30
  31 `demo`: `<boolean>` ('default =' `0`)::
  32
  33 Demo mode - do not start SMTP filter.
  34
  35 `dkim-use-domain`: `<envelope | header>` ('default =' `envelope`)::
  36
  37 Whether to sign using the address from the header or the envelope.
  38
  39 `dkim_selector`: `<string>` ::
  40
  41 Default DKIM selector
  42
  43 `dkim_sign`: `<boolean>` ('default =' `0`)::
  44
  45 DKIM sign outbound mails with the configured Selector.
  46
  47 `dkim_sign_all_mail`: `<boolean>` ('default =' `0`)::
  48
  49 DKIM sign all outgoing mails irrespective of the Envelope From domain.
  50
  51 `email`: `<string>` ('default =' `admin@domain.tld`)::
  52
  53 Administrator E-Mail address.
  54
  55 `http_proxy`: `http://.*` ::
  56
  57 Specify external http proxy which is used for downloads (example: 'http://username:password@host:port/')
  58
  59 `statlifetime`: `<integer> (1 - N)` ('default =' `7`)::
  60
  61 User Statistics Lifetime (days)
  62
  63 .Section 'clamav'
  64
  65 `archiveblockencrypted`: `<boolean>` ('default =' `0`)::
  66
  67 Whether to mark encrypted archives and documents as heuristic virus match. A match does not necessarily result in an immediate block, it just raises the Spam Score by 'clamav_heuristic_score'.
  68
  69 `archivemaxfiles`: `<integer> (0 - N)` ('default =' `1000`)::
  70
  71 Number of files to be scanned within an archive, a document, or any other kind of container. Warning: disabling this limit or setting it too high may result in severe damage to the system.
  72
  73 `archivemaxrec`: `<integer> (1 - N)` ('default =' `5`)::
  74
  75 Nested archives are scanned recursively, e.g. if a ZIP archive contains a TAR  file,  all files within it will also be scanned. This options specifies how deeply the process should be continued. Warning: setting this limit too high may result in severe damage to the system.
  76
  77 `archivemaxsize`: `<integer> (1000000 - N)` ('default =' `25000000`)::
  78
  79 Files larger than this limit (in bytes) won't be scanned.
  80
  81 `dbmirror`: `<string>` ('default =' `database.clamav.net`)::
  82
  83 ClamAV database mirror server.
  84
  85 `maxcccount`: `<integer> (0 - N)` ('default =' `0`)::
  86
  87 This option sets the lowest number of Credit Card or Social Security numbers found in a file to generate a detect.
  88
  89 `maxscansize`: `<integer> (1000000 - N)` ('default =' `100000000`)::
  90
  91 Sets the maximum amount of data (in bytes) to be scanned for each input file.
  92
  93 `safebrowsing`: `<boolean>` ('default =' `0`)::
  94
  95 Enables support for Google Safe Browsing. (deprecated option, will be ignored)
  96
  97 `scriptedupdates`: `<boolean>` ('default =' `1`)::
  98
  99 Enables ScriptedUpdates (incremental download of signatures)
 100
 101 .Section 'mail'
 102
 103 `banner`: `<string>` ('default =' `ESMTP Proxmox`)::
 104
 105 ESMTP banner.
 106
 107 `before_queue_filtering`: `<boolean>` ('default =' `0`)::
 108
 109 Enable before queue filtering by pmg-smtp-filter
 110
 111 `conn_count_limit`: `<integer> (0 - N)` ('default =' `50`)::
 112
 113 How many simultaneous connections any client is allowed to make to this service. To disable this feature, specify a limit of 0.
 114
 115 `conn_rate_limit`: `<integer> (0 - N)` ('default =' `0`)::
 116
 117 The maximal number of connection attempts any client is allowed to make to this service per minute. To disable this feature, specify a limit of 0.
 118
 119 `dnsbl_sites`: `<string>` ::
 120
 121 Optional list of DNS white/blacklist domains (postfix option `postscreen_dnsbl_sites`).
 122
 123 `dnsbl_threshold`: `<integer> (0 - N)` ('default =' `1`)::
 124
 125 The inclusive lower bound for blocking a remote SMTP client, based on its combined DNSBL score (postfix option `postscreen_dnsbl_threshold`).
 126
 127 `dwarning`: `<integer> (0 - N)` ('default =' `4`)::
 128
 129 SMTP delay warning time (in hours). (postfix option `delay_warning_time`)
 130
 131 `ext_port`: `<integer> (1 - 65535)` ('default =' `25`)::
 132
 133 SMTP port number for incoming mail (untrusted). This must be a different number than 'int_port'.
 134
 135 `filter-timeout`: `<integer> (2 - 86400)` ('default =' `600`)::
 136
 137 Timeout for the processing of one mail (in seconds)  (postfix option `smtpd_proxy_timeout` and `lmtp_data_done_timeout`)
 138
 139 `greylist`: `<boolean>` ('default =' `1`)::
 140
 141 Use Greylisting for IPv4.
 142
 143 `greylist6`: `<boolean>` ('default =' `0`)::
 144
 145 Use Greylisting for IPv6.
 146
 147 `greylistmask4`: `<integer> (0 - 32)` ('default =' `24`)::
 148
 149 Netmask to apply for greylisting IPv4 hosts
 150
 151 `greylistmask6`: `<integer> (0 - 128)` ('default =' `64`)::
 152
 153 Netmask to apply for greylisting IPv6 hosts
 154
 155 `helotests`: `<boolean>` ('default =' `0`)::
 156
 157 Use SMTP HELO tests. (postfix option `smtpd_helo_restrictions`)
 158
 159 `hide_received`: `<boolean>` ('default =' `0`)::
 160
 161 Hide received header in outgoing mails.
 162
 163 `int_port`: `<integer> (1 - 65535)` ('default =' `26`)::
 164
 165 SMTP port number for outgoing mail (trusted).
 166
 167 `max_filters`: `<integer> (3 - 40)` ('default =' `25`)::
 168
 169 Maximum number of pmg-smtp-filter processes.
 170
 171 `max_policy`: `<integer> (2 - 10)` ('default =' `5`)::
 172
 173 Maximum number of pmgpolicy processes.
 174
 175 `max_smtpd_in`: `<integer> (3 - 100)` ('default =' `100`)::
 176
 177 Maximum number of SMTP daemon processes (in).
 178
 179 `max_smtpd_out`: `<integer> (3 - 100)` ('default =' `100`)::
 180
 181 Maximum number of SMTP daemon processes (out).
 182
 183 `maxsize`: `<integer> (1024 - N)` ('default =' `10485760`)::
 184
 185 Maximum email size. Larger mails are rejected. (postfix option `message_size_limit`)
 186
 187 `message_rate_limit`: `<integer> (0 - N)` ('default =' `0`)::
 188
 189 The maximal number of message delivery requests that any client is allowed to make to this service per minute.To disable this feature, specify a limit of 0.
 190
 191 `ndr_on_block`: `<boolean>` ('default =' `0`)::
 192
 193 Send out NDR when mail gets blocked
 194
 195 `rejectunknown`: `<boolean>` ('default =' `0`)::
 196
 197 Reject unknown clients. (postfix option `reject_unknown_client_hostname`)
 198
 199 `rejectunknownsender`: `<boolean>` ('default =' `0`)::
 200
 201 Reject unknown senders. (postfix option `reject_unknown_sender_domain`)
 202
 203 `relay`: `<string>` ::
 204
 205 The default mail delivery transport (incoming mails).
 206
 207 `relaynomx`: `<boolean>` ('default =' `0`)::
 208
 209 Disable MX lookups for default relay (SMTP only, ignored for LMTP).
 210
 211 `relayport`: `<integer> (1 - 65535)` ('default =' `25`)::
 212
 213 SMTP/LMTP port number for relay host.
 214
 215 `relayprotocol`: `<lmtp | smtp>` ('default =' `smtp`)::
 216
 217 Transport protocol for relay host.
 218
 219 `smarthost`: `<string>` ::
 220
 221 When set, all outgoing mails are deliverd to the specified smarthost. (postfix option `default_transport`)
 222
 223 `smarthostport`: `<integer> (1 - 65535)` ('default =' `25`)::
 224
 225 SMTP port number for smarthost. (postfix option `default_transport`)
 226
 227 `smtputf8`: `<boolean>` ('default =' `1`)::
 228
 229 Enable SMTPUTF8 support in Postfix and detection for locally generated mail (postfix option `smtputf8_enable`)
 230
 231 `spf`: `<boolean>` ('default =' `1`)::
 232
 233 Use Sender Policy Framework.
 234
 235 `tls`: `<boolean>` ('default =' `0`)::
 236
 237 Enable TLS.
 238
 239 `tlsheader`: `<boolean>` ('default =' `0`)::
 240
 241 Add TLS received header.
 242
 243 `tlslog`: `<boolean>` ('default =' `0`)::
 244
 245 Enable TLS Logging.
 246
 247 `verifyreceivers`: `<450 | 550>` ::
 248
 249 Enable receiver verification. The value specifies the numerical reply code when the Postfix SMTP server rejects a recipient address. (postfix options `reject_unknown_recipient_domain`, `reject_unverified_recipient`, and `unverified_recipient_reject_code`)
 250
 251 .Section 'spam'
 252
 253 `bounce_score`: `<integer> (0 - 1000)` ('default =' `0`)::
 254
 255 Additional score for bounce mails.
 256
 257 `clamav_heuristic_score`: `<integer> (0 - 1000)` ('default =' `3`)::
 258
 259 Score for ClamAV heuristics (Encrypted Archives/Documents, PhishingScanURLs, ...).
 260
 261 `extract_text`: `<boolean>` ('default =' `0`)::
 262
 263 Extract text from attachments (doc, pdf, rtf, images) and scan for spam.
 264
 265 `languages`: `(all|([a-z][a-z])+( ([a-z][a-z])+)*)` ('default =' `all`)::
 266
 267 This option is used to specify which languages are considered OK for incoming mail.
 268
 269 `maxspamsize`: `<integer> (64 - N)` ('default =' `262144`)::
 270
 271 Maximum size of spam messages in bytes.
 272
 273 `rbl_checks`: `<boolean>` ('default =' `1`)::
 274
 275 Enable real time blacklists (RBL) checks.
 276
 277 `use_awl`: `<boolean>` ('default =' `0`)::
 278
 279 Use the Auto-Whitelist plugin.
 280
 281 `use_bayes`: `<boolean>` ('default =' `0`)::
 282
 283 Whether to use the naive-Bayesian-style classifier.
 284
 285 `use_razor`: `<boolean>` ('default =' `1`)::
 286
 287 Whether to use Razor2, if it is available.
 288
 289 `wl_bounce_relays`: `<string>` ::
 290
 291 Whitelist legitimate bounce relays.
 292
 293 .Section 'spamquar'
 294
 295 `allowhrefs`: `<boolean>` ('default =' `1`)::
 296
 297 Allow to view hyperlinks.
 298
 299 `authmode`: `<ldap | ldapticket | ticket>` ('default =' `ticket`)::
 300
 301 Authentication mode to access the quarantine interface. Mode 'ticket' allows login using tickets sent with the daily spam report. Mode 'ldap' requires to login using an LDAP account. Finally, mode 'ldapticket' allows both ways.
 302
 303 `hostname`: `<string>` ::
 304
 305 Quarantine Host. Useful if you run a Cluster and want users to connect to a specific host.
 306
 307 `lifetime`: `<integer> (1 - N)` ('default =' `7`)::
 308
 309 Quarantine life time (days)
 310
 311 `mailfrom`: `<string>` ::
 312
 313 Text for 'From' header in daily spam report mails.
 314
 315 `port`: `<integer> (1 - 65535)` ('default =' `8006`)::
 316
 317 Quarantine Port. Useful if you have a reverse proxy or port forwarding for the webinterface. Only used for the generated Spam report.
 318
 319 `protocol`: `<http | https>` ('default =' `https`)::
 320
 321 Quarantine Webinterface Protocol. Useful if you have a reverse proxy for the webinterface. Only used for the generated Spam report.
 322
 323 `quarantinelink`: `<boolean>` ('default =' `0`)::
 324
 325 Enables user self-service for Quarantine Links. Caution: this is accessible without authentication
 326
 327 `reportstyle`: `<custom | none | short | verbose>` ('default =' `verbose`)::
 328
 329 Spam report style.
 330
 331 `viewimages`: `<boolean>` ('default =' `1`)::
 332
 333 Allow to view images.
 334
 335 .Section 'virusquar'
 336
 337 `allowhrefs`: `<boolean>` ('default =' `1`)::
 338
 339 Allow to view hyperlinks.
 340
 341 `lifetime`: `<integer> (1 - N)` ('default =' `7`)::
 342
 343 Quarantine life time (days)
 344
 345 `viewimages`: `<boolean>` ('default =' `1`)::
 346
 347 Allow to view images.
 348