============================================
endif::manvolnum[]
-This is the Proxmox SMTP filter daemon, which does the actual SPAM
+This is the Proxmox SMTP filter daemon, which does the actual spam
filtering using the SpamAssassin and the rule database. It listens on
127.0.0.1:10023 and 127.0.0.1:10024. The daemon listens to a local
address only, so you cannot access it from outside.
==================================
endif::manvolnum[]
-{pmg} use an application specific asynchronous replication
-algorythm to replicate the database to all cluster nodes.
+{pmg} uses an application specific asynchronous replication
+algorithm to replicate the database to all cluster nodes.
The daemon uses the ssh tunnel provided by 'pmgtunnel' to access
the database on remote nodes.
endif::manvolnum[]
This daemon implements the Postfix SMTP access policy delegation
-protocol on `127.0.0.1:10022`. The daemon listens to a local address
+protocol on `127.0.0.1:10022`. It listens to a local address
only, so you cannot access it from outside. We configure Postfix to
use this service for greylisting and as SPF policy server.
Host based Access Control
-------------------------
-It is possible to configure ``apache2''-like access control
+It is possible to configure Apache2-like access control
lists. Values are read from file `/etc/default/pmgproxy`. For example:
----
CIPHERS="ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
-Above is the default. See the ciphers(1) man page from the openssl
+Above is the default. See the `ciphers(1)` man page from the `openssl`
package for a list of all available options.
-Additionally you can define that the client choses the used cipher in
+Additionally you can define the order that the client chooses the used cipher in
`/etc/default/pmgproxy` (default is the first cipher in the list available to
both client and `pmgproxy`):
-----------
By default `pmgproxy` uses gzip HTTP-level compression for compressible
-content, if the client supports it. This can disabled in `/etc/default/pmgproxy`
+content if the client supports it. This can be disabled in `/etc/default/pmgproxy`
COMPRESSION=0