NAME

spmfilter.conf - configuration file for spmfilter

SYNOPSIS

spmfilter.conf

DESCRIPTION

The spmfilter.conf file is the runtime configuration file for spmfilter(1).

The spmfilter.conf file controls available modules, logging, header checking and delivery options.

FILE FORMAT

The file consists of modules and parameters. A module begins with the name of the module in square brackets and continues until the next module begins. Modules contain parameters of the form “name = value”.

The file is line-based — that is, each newline-terminated line represents either a comment, a module name or a parameter.

Only the first equals sign in a parameter is significant. Whitespace before or after the first equals sign is discarded. Leading, trailing and internal whitespace in module and parameter names is irrelevant. Leading and trailing whitespace in a parameter value is discarded. Internal whitespace within a parameter value is retained verbatim.

Any line beginning with a hash (#) is ignored, as are lines containing only whitespace.

The values following the equals sign in parameters are all either a string (no quotes needed) or a boolean, which may be given as true/false. Case is not significant in boolean values, but is preserved in string values.

SECTIONS

The [global] section

Parameters in this section are global and do not affect any modules.

engine

The "engine" option allows you to specify the spmfilter engine. It's possible to switch the engine for receiving mails. There are two engines in spmfilter for receiving emails:

smtpd - This engine allows to inject emails via smtp to
spmfilter. But please note, with this engine, spmfilter has to be
started with inetd, Postfix or similar TCP server programs.
pipe - The pipe engine lets you inject emails via shell
pipe to spmfilter. This is usefully, when you don't need a full
smtp server.

debug

Enables verbose debugging output. Debugging output will be written to the configured syslog facility.

true - debugging enabled
false - debugging disabled (default)

modules

Specifies the modules, which will be loaded at runtime. All modules will be process in the same order, as listed. Module names have to be separated by a semicolon.

module_fail

If one module fails, the behaviour of spmfilter can be configured. Possible values are:

1 = proceed and ignore
2 = cancel further processing and return permanet error
3 = cancel further processing and return temporary error (default)

nexthop

This parameter specifies the final destination, after a mail is processed by spmfilter. The value can be a hostname or IP address, with a port number, e.g. localhost:2525 to send filtered mails to localhost at port 2525.

queue_dir

Path to queue directory

backend

Define lookup backend, this can be either sql or ldap. Every backend has it's own config section, [sql] and [ldap].

backend_connection

If there are multiple server configured in the specified backend, it's possible to define a failover or load-balancing behaviour. Possible values are:

balance	=	when you configure the backend profile for load 
			balancing, spmfilter distributes connections across
			the list of hosts. If the actual host is not reachable,
			spmfilter switches back to failover configuration.

failover	=	when you configure the backend profile for 
			failover, spmfilter fails over to the next host in
			the list if it cannot connect to the first host.

lookup_persistent

If true, spmfilter will use persistent connections to sql or ldap server.

add_header

If true, spmfilter will add a header with the processed modules.

max_size

The maximal size in bytes of a message

tls_enable

Enable TLS for client connections. If set to 2 the protocol will quit rather than transferring any messages if the STARTTLS extension is not available.

0 = disable starttls
1 = use STARTTLS, if available (default)
2 = require STARTTLS

pid_file

The pid_file option sets the file to which the daemon records the process id.

bind_ip

The IP addresses the daemon will bind to

bind_port

Port to bind to

max_childs

Maximum number of child processes allowed

spare_childs

Unused children to always have availale

listen_backlog

The maximum length of the queue of pending connections

user

Drop root privs and switch to the specified user

group

Drop root privs and switch to the specified group

syslog_facility

The syslog facility of spmfilter logging

The [smtpd] section

Parameters in this section affect the smtpd engine and smtp delivery.

nexthop_fail_code: If the delivery to the final destination fails for any reason, this code is used as response to the sending MTA (default 451).
nexthop_fail_msg: If the delivery to the final destination fails for any reason, this message is used as reponse for the sending MTA. (default "Requested action aborted: local error in processing").

If you ever need to define SMTP response messages for other error codes, such as 500, than it's possible to configure these in the smtpd section. The following example will configure spmfilter to send the message "Customized error message" with a 500 error code:

[smtpd]
500=Customized error message.

The [sql] section

Parameters in this section affect the sql backend configuration.

driver

SQL database driver. Supported drivers are mysql, postgresql, sqlite.

host

List of available database hosts, separated by a semicolon. Set to localhost if database is on the same host as spmfilter.

port

TCP/IP port of database host, if the database is running on a non-standard port.

name

Database name, or path to database if driver is set to sqlite.

user

Database username.

pass

Database password.

encoding

Encoding to match database/table encoding, e.g., latin1, utf8

max_connections

Maximum number of connections to database server

user_query

user_query setting contains the sql query to look up user information in your sql database.

This parameter supports the following '%' expansions:

%s = replaced by the full email address.

%u = replaced by the local part of the email address.

%d = replaced by the domain part of the email address.

The [ldap] section

Parameters in this section affect the ldap backend configuration.

host

List of available LDAP hosts, separated by a semicolon. Set to localhost if LDAP server is on the same host as spmfilter.

port

LDAP Port

binddn

Bind DN of LDAP user

bindpw

Password of LDAP user

base

Base DN (distinguishing name) for the LDAP server.

scope

LDAP search scope, either subtree, onelevel or base.

user_query

user_query setting contains the ldap query to look up user information in your directory.

This parameter supports the following '%' expansions:

%s = replaced by the full email address.

%u = replaced by the local part of the email address.

%d = replaced by the domain part of the email address.

result_attributes

The attribute(s) spmfilter will read from any directory entries returned by the lookup, to be resolved to an email address.

EXAMPLE

What follows is a sample configuration file:

[global]
engine = smtpd
debug = false
modules=clamav
module_fail = 3
nexthop = localhost:2525
max_size = 0
tls_enable = 1
backend = sql
backend_connection = balance
bind_ip = 127.0.0.1
bind_port = 10025
spare_childs = 5
max_childs = 15
pid_file = /var/run/spmfilter.pid
user = nobody
group = mail
[sql]
driver = postgresql
host = 192.168.0.1;192.168.0.2
name = maildb
user = mail
pass = password
user_query = SELECT * FROM accounts WHERE email='%s'
[clamav]
host = 127.0.0.1
port = 3310
add_header = true

FILES

/etc/spmfilter.conf or spmfilter.conf

BUGS

If you believe you have found a bug, please send this information, plus information about the machine and OS platform used along with a description of the problem to bugs@spmfilter.org

AUTHOR(s)

spmfilter was written by Axel Steiner <ast@treibsand.com>