Mail-SpamAssassin-SpamCopURI
view release on metacpan or search on metacpan
lib/Mail/SpamAssassin/Conf.pm view on Meta::CPAN
lang es describe FROM_FORGED_HOTMAIL Forzado From: simula ser de hotmail.com
=head1 DESCRIPTION
SpamAssassin is configured using some traditional UNIX-style configuration
files, loaded from the /usr/share/spamassassin and /etc/mail/spamassassin
directories.
The C<#> character starts a comment, which continues until end of line.
Whitespace in the files is not significant, but please note that starting a
line with whitespace is deprecated, as we reserve its use for multi-line rule
definitions, at some point in the future.
Currently, each rule or configuration setting must fit on one-line; multi-line
settings are not supported yet.
Paths can use C<~> to refer to the user's home directory.
Where appropriate, default values are listed in parentheses.
=head1 TAGS
The following C<tags> can be used as placeholders in certain options
specified below. They will be replaced by the corresponding value when
they are used.
Some tags can take an argument (in parentheses). The argument is
optional, and the default is shown below.
_YESNOCAPS_ "YES"/"NO" for is/isn't spam
_YESNO_ "Yes"/"No" for is/isn't spam
_HITS_ message score
_REQD_ message threshold
_VERSION_ version (eg. 2.55)
_SUBVERSION_ sub-version (eg. 1.187-2003-05-15-exp)
_HOSTNAME_ hostname
_BAYES_ bayes score
_AWL_ AWL modifier
_DATE_ rfc-2822 date of scan
_STARS(*)_ one * (use any character) for each score point (note: this
is limited to 50 'stars' to stay on the right side of the RFCs)
_RELAYSTRUSTED_ relays used and deemed to be trusted
_RELAYSUNTRUSTED_ relays used that can not be trusted
_AUTOLEARN_ autolearn status ("ham", "no", "spam")
_TESTS(,)_ tests hit separated by , (or other separator)
_TESTSSCORES(,)_ as above, except with scores appended (eg. AWL=-3.0,...)
_DCCB_ DCC's "Brand"
_DCCR_ DCC's results
_PYZOR_ Pyzor results
_RBL_ full results for positive RBL queries in DNS URI format
_LANGUAGES_ possible languages of mail
_PREVIEW_ content preview
_REPORT_ terse report of tests hits (for header reports)
_SUMMARY_ summary of tests hit for standard report (for body reports)
_CONTACTADDRESS_ contents of the 'report_contact' setting
=head1 USER PREFERENCES
The following options can be used in both site-wide (C<local.cf>) and
user-specific (C<user_prefs>) configuration files to customize how
SpamAssassin handles incoming email messages.
=cut
package Mail::SpamAssassin::Conf;
use Mail::SpamAssassin::Util;
use Mail::SpamAssassin::NetSet;
use strict;
use bytes;
use vars qw{
@ISA $VERSION
};
@ISA = qw();
# odd => eval test
use constant TYPE_HEAD_TESTS => 0x0008;
use constant TYPE_HEAD_EVALS => 0x0009;
use constant TYPE_BODY_TESTS => 0x000a;
use constant TYPE_BODY_EVALS => 0x000b;
use constant TYPE_FULL_TESTS => 0x000c;
use constant TYPE_FULL_EVALS => 0x000d;
use constant TYPE_RAWBODY_TESTS => 0x000e;
use constant TYPE_RAWBODY_EVALS => 0x000f;
use constant TYPE_URI_TESTS => 0x0010;
use constant TYPE_URI_EVALS => 0x0011;
use constant TYPE_META_TESTS => 0x0012;
use constant TYPE_RBL_EVALS => 0x0013;
$VERSION = 'bogus'; # avoid CPAN.pm picking up version strings later
###########################################################################
sub new {
my $class = shift;
$class = ref($class) || $class;
my $self = { }; bless ($self, $class);
$self->{errors} = 0;
$self->{tests} = { };
$self->{descriptions} = { };
$self->{test_types} = { };
$self->{scoreset} = [ {}, {}, {}, {} ];
$self->{scoreset_current} = 0;
$self->set_score_set (0);
$self->{tflags} = { };
$self->{source_file} = { };
# after parsing, tests are refiled into these hashes for each test type.
# this allows e.g. a full-text test to be rewritten as a body test in
# the user's ~/.spamassassin.cf file.
$self->{body_tests} = { };
$self->{uri_tests} = { };
$self->{uri_evals} = { }; # not used/implemented yet
$self->{head_tests} = { };
$self->{head_evals} = { };
$self->{body_evals} = { };
$self->{full_tests} = { };
lib/Mail/SpamAssassin/Conf.pm view on Meta::CPAN
=cut
if(/^version_tag\s+(.*)$/) {
my $tag = lc($1);
$tag =~ tr/a-z0-9./_/c;
foreach (@Mail::SpamAssassin::EXTRA_VERSION) {
if($_ eq $tag) {
$tag = undef;
last;
}
}
push(@Mail::SpamAssassin::EXTRA_VERSION, $tag) if($tag);
next;
}
=back
=head2 WHITELIST AND BLACKLIST OPTIONS
=over 4
=item whitelist_from add@ress.com
Used to specify addresses which send mail that is often tagged (incorrectly) as
spam; it also helps if they are addresses of big companies with lots of
lawyers. This way, if spammers impersonate them, they'll get into big trouble,
so it doesn't provide a shortcut around SpamAssassin.
Whitelist and blacklist addresses are now file-glob-style patterns, so
C<friend@somewhere.com>, C<*@isp.com>, or C<*.domain.net> will all work.
Specifically, C<*> and C<?> are allowed, but all other metacharacters are not.
Regular expressions are not used for security reasons.
Multiple addresses per line, separated by spaces, is OK. Multiple
C<whitelist_from> lines is also OK.
The headers checked for whitelist addresses are as follows: if C<Resent-From>
is set, use that; otherwise check all addresses taken from the following
set of headers:
Envelope-Sender
Resent-Sender
X-Envelope-From
From
e.g.
whitelist_from joe@example.com fred@example.com
whitelist_from *@example.com
=cut
if (/^whitelist_from\s+(.+)$/) {
$self->add_to_addrlist ('whitelist_from', split (' ', $1)); next;
}
=item unwhitelist_from add@ress.com
Used to override a default whitelist_from entry, so for example a distribution
whitelist_from can be overridden in a local.cf file, or an individual user can
override a whitelist_from entry in their own C<user_prefs> file.
The specified email address has to match exactly the address previously
used in a whitelist_from line.
e.g.
unwhitelist_from joe@example.com fred@example.com
unwhitelist_from *@example.com
=cut
if (/^unwhitelist_from\s+(.+)$/) {
$self->remove_from_addrlist ('whitelist_from', split (' ', $1)); next;
}
=item whitelist_from_rcvd addr@lists.sourceforge.net sourceforge.net
Use this to supplement the whitelist_from addresses with a check against the
Received headers. The first parameter is the address to whitelist, and the
second is a string to match the relay's rDNS.
This string is matched against the reverse DNS lookup used during the handover
from the untrusted internet to your trusted network's mail exchangers. It can
either be the full hostname, or the domain component of that hostname. In
other words, if the host that connected to your MX had an IP address that
mapped to 'sendinghost.spamassassin.org', you should specify
C<sendinghost.spamassassin.org> or just C<spamassassin.org> here.
Note that this requires that C<trusted_networks> be correct. For simple cases,
it will be, but for a complex network, or if you're running with DNS checks off
or with C<-L>, you may get better results by setting that parameter.
e.g.
whitelist_from_rcvd joe@example.com example.com
whitelist_from_rcvd *@axkit.org sergeant.org
=item def_whitelist_from_rcvd addr@lists.sourceforge.net sourceforge.net
Same as C<whitelist_from_rcvd>, but used for the default whitelist entries
in the SpamAssassin distribution. The whitelist score is lower, because
these are often targets for spammer spoofing.
=cut
if (/^whitelist_from_rcvd\s+(\S+)\s+(\S+)$/) {
$self->add_to_addrlist_rcvd ('whitelist_from_rcvd', $1, $2);
next;
}
if (/^def_whitelist_from_rcvd\s+(\S+)\s+(\S+)$/) {
$self->add_to_addrlist_rcvd ('def_whitelist_from_rcvd', $1, $2);
next;
}
=item unwhitelist_from_rcvd add@ress.com
Used to override a default whitelist_from_rcvd entry, so for example a
distribution whitelist_from_rcvd can be overridden in a local.cf file,
or an individual user can override a whitelist_from_rcvd entry in
their own C<user_prefs> file.
The specified email address has to match exactly the address previously
used in a whitelist_from_rcvd line.
e.g.
unwhitelist_from_rcvd joe@example.com fred@example.com
unwhitelist_from_rcvd *@axkit.org
=cut
if (/^unwhitelist_from_rcvd\s+(.+)$/) {
$self->remove_from_addrlist_rcvd('whitelist_from_rcvd', split (' ', $1));
$self->remove_from_addrlist_rcvd('def_whitelist_from_rcvd', split (' ', $1));
next;
}
=item blacklist_from add@ress.com
Used to specify addresses which send mail that is often tagged (incorrectly) as
non-spam, but which the user doesn't want. Same format as C<whitelist_from>.
=cut
if (/^blacklist_from\s+(.+)$/) {
$self->add_to_addrlist ('blacklist_from', split (' ', $1)); next;
}
=item unblacklist_from add@ress.com
Used to override a default blacklist_from entry, so for example a distribution blacklist_from
can be overridden in a local.cf file, or an individual user can override a blacklist_from entry
in their own C<user_prefs> file.
e.g.
unblacklist_from joe@example.com fred@example.com
unblacklist_from *@spammer.com
=cut
if (/^unblacklist_from\s+(.+)$/) {
$self->remove_from_addrlist ('blacklist_from', split (' ', $1)); next;
}
=item whitelist_to add@ress.com
If the given address appears as a recipient in the message headers
(Resent-To, To, Cc, obvious envelope recipient, etc.) the mail will
be whitelisted. Useful if you're deploying SpamAssassin system-wide,
and don't want some users to have their mail filtered. Same format
as C<whitelist_from>.
There are three levels of To-whitelisting, C<whitelist_to>, C<more_spam_to>
and C<all_spam_to>. Users in the first level may still get some spammish
mails blocked, but users in C<all_spam_to> should never get mail blocked.
=item more_spam_to add@ress.com
See above.
=item all_spam_to add@ress.com
See above.
=cut
if (/^whitelist_to\s+(.+)$/) {
$self->add_to_addrlist ('whitelist_to', split (' ', $1)); next;
}
if (/^more_spam_to\s+(.+)$/) {
$self->add_to_addrlist ('more_spam_to', split (' ', $1)); next;
}
if (/^all_spam_to\s+(.+)$/) {
$self->add_to_addrlist ('all_spam_to', split (' ', $1)); next;
}
=item blacklist_to add@ress.com
If the given address appears as a recipient in the message headers
(Resent-To, To, Cc, obvious envelope recipient, etc.) the mail will
be blacklisted. Same format as C<blacklist_from>.
=cut
if (/^blacklist_to\s+(.+)$/) {
$self->add_to_addrlist ('blacklist_to', split (' ', $1)); next;
}
=item whitelist_spamcop_uri *.good.com
Used to specify hosts of URIs that for some reason get mistakenly
lib/Mail/SpamAssassin/Conf.pm view on Meta::CPAN
This option is deprecated in version 2.60 and later. It will be removed
in a future version. Please use the C<trusted_networks> option instead
(it is a much better way to control DNSBL-checking behaviour).
=cut
if (/^num_check_received\s+(\d+)$/) {
$self->{num_check_received} = $1+0; next;
}
=item use_terse_report { 0 | 1 } (default: 1)
This option is deprecated and does nothing. It will be removed in a
future version.
=cut
if (/^use_terse_report\s+(\d+)$/) {
next;
}
=item terse_report ...some text for a report...
This option is deprecated and does nothing. It will be removed in a
future version.
=cut
if (/^terse_report\b\s*(.*?)$/) {
next;
}
=item clear_terse_report_template
This option is deprecated and does nothing. It will be removed in a
future version.
=cut
if (/^clear_terse_report_template$/) {
next;
}
###########################################################################
# SECURITY: no eval'd code should be loaded before this line.
#
if ($scoresonly && !$self->{allow_user_rules}) { goto failed_line; }
if ($scoresonly) { dbg("Checking privileged commands in user config"); }
=back
=head1 PRIVILEGED SETTINGS
These settings differ from the ones above, in that they are considered
'privileged'. Only users running C<spamassassin> from their procmailrc's or
forward files, or sysadmins editing a file in C</etc/mail/spamassassin>, can
use them. C<spamd> users cannot use them in their C<user_prefs> files, for
security and efficiency reasons, unless allow_user_rules is enabled (and
then, they may only add rules from below).
=over 4
=item allow_user_rules { 0 | 1 } (default: 0)
This setting allows users to create rules (and only rules) in their
C<user_prefs> files for use with C<spamd>. It defaults to off, because
this could be a severe security hole. It may be possible for users to
gain root level access if C<spamd> is run as root. It is NOT a good
idea, unless you have some other way of ensuring that users' tests are
safe. Don't use this unless you are certain you know what you are
doing. Furthermore, this option causes spamassassin to recompile all
the tests each time it processes a message for a user with a rule in
his/her C<user_prefs> file, which could have a significant effect on
server load. It is not recommended.
Note that it is not currently possible to use C<allow_user_rules> to modify an
existing system rule from a C<user_prefs> file with C<spamd>.
=cut
if (/^allow_user_rules\s+(\d+)$/) {
$self->{allow_user_rules} = $1+0;
dbg( ($self->{allow_user_rules} ? "Allowing":"Not allowing") . " user rules!"); next;
}
=item header SYMBOLIC_TEST_NAME header op /pattern/modifiers [if-unset: STRING]
Define a test. C<SYMBOLIC_TEST_NAME> is a symbolic test name, such as
'FROM_ENDS_IN_NUMS'. C<header> is the name of a mail header, such as
'Subject', 'To', etc.
'ALL' can be used to mean the text of all the message's headers. 'ToCc' can
be used to mean the contents of both the 'To' and 'Cc' headers.
'MESSAGEID' is a symbol meaning all Message-Id's found in the message; some
mailing list software moves the I<real> Message-Id to 'Resent-Message-Id' or
'X-Message-Id', then uses its own one in the 'Message-Id' header. The value
returned for this symbol is the text from all 3 headers, separated by newlines.
C<op> is either C<=~> (contains regular expression) or C<!~> (does not contain
regular expression), and C<pattern> is a valid Perl regular expression, with
C<modifiers> as regexp modifiers in the usual style. Note that multi-line
rules are not supported, even if you use C<x> as a modifier.
If the C<[if-unset: STRING]> tag is present, then C<STRING> will
be used if the header is not found in the mail message.
Test names should not start with a number, and must contain only alphanumerics
and underscores. It is suggested that lower-case characters not be used, as an
informal convention. Dashes are not allowed.
Note that test names which begin with '__' are reserved for meta-match
sub-rules, and are not scored or listed in the 'tests hit' reports.
Test names which begin with 'T_' are reserved for tests which are
undergoing QA, and these are given a very low score.
If you add or modify a test, please be sure to run a sanity check afterwards
by running C<spamassassin --lint>. This will avoid confusing error
messages, or other tests being skipped as a side-effect.
=item header SYMBOLIC_TEST_NAME exists:name_of_header
Define a header existence test. C<name_of_header> is the name of a
header to test for existence. This is just a very simple version of
the above header tests.
=item header SYMBOLIC_TEST_NAME eval:name_of_eval_method([arguments])
Define a header eval test. C<name_of_eval_method> is the name of
a method on the C<Mail::SpamAssassin::EvalTests> object. C<arguments>
are optional arguments to the function call.
=item header SYMBOLIC_TEST_NAME eval:check_rbl('set', 'zone')
Check a DNSBL (DNS blacklist), also known as RBLs (realtime blacklists). This
will retrieve Received headers from the mail, parse the IP addresses, select
which ones are 'untrusted' based on the C<trusted_networks> logic, and query
lib/Mail/SpamAssassin/Conf.pm view on Meta::CPAN
If you want to define a meta-rule, but do not want its individual sub-rules to
count towards the final score unless the entire meta-rule matches, give the
sub-rules names that start with '__' (two underscores). SpamAssassin will
ignore these for scoring.
=cut
if (/^meta\s+(\S+)\s+(.*)$/) {
$self->add_test ($1, $2, TYPE_META_TESTS);
next;
}
=item tflags SYMBOLIC_TEST_NAME [ { net | nice | learn | userconf } ... ]
Used to set flags on a test. These flags are used in the score-determination
back end system for details of the test's behaviour. The following flags can
be set:
=over 4
=item net
The test is a network test, and will not be run in the mass checking system
or if B<-L> is used, therefore its score should not be modified.
=item nice
The test is intended to compensate for common false positives, and should be
assigned a negative score.
=item userconf
The test requires user configuration before it can be used (like language-
specific tests).
=item learn
The test requires training before it can be used.
=back
=cut
if (/^tflags\s+(\S+)\s+(.+)$/) {
$self->{tflags}->{$1} = $2; next;
next; # ignored in SpamAssassin modules
}
###########################################################################
# SECURITY: allow_user_rules is only in affect until here.
#
if ($scoresonly) { goto failed_line; }
=back
=head1 ADMINISTRATOR SETTINGS
These settings differ from the ones above, in that they are considered 'more
privileged' -- even more than the ones in the SETTINGS section. No matter what
C<allow_user_rules> is set to, these can never be set from a user's
C<user_prefs> file.
=over 4
=item test SYMBOLIC_TEST_NAME (ok|fail) Some string to test against
Define a regression testing string. You can have more than one regression test
string per symbolic test name. Simply specify a string that you wish the test
to match.
These tests are only run as part of the test suite - they should not affect the
general running of SpamAssassin.
=cut
if (/^test\s+(\S+)\s+(ok|fail)\s+(.*)$/) {
$self->add_regression_test($1, $2, $3); next;
}
=item razor_config filename
Define the filename used to store Razor's configuration settings.
Currently this is left to Razor to decide.
=cut
if (/^razor_config\s+(.*)$/) {
$self->{razor_config} = $1; next;
}
=item pyzor_path STRING
This option tells SpamAssassin specifically where to find the C<pyzor> client
instead of relying on SpamAssassin to find it in the current PATH.
Note that if I<taint mode> is enabled in the Perl interpreter, you should
use this, as the current PATH will have been cleared.
=cut
if (/^pyzor_path\s+(.+)$/) {
$self->{pyzor_path} = $1; next;
}
=item dcc_home STRING
This option tells SpamAssassin specifically where to find the dcc homedir.
If C<dcc_path> is not specified, it will default to looking in C<dcc_home/bin>
for dcc client instead of relying on SpamAssassin to find it in the current PATH.
If it isn't found there, it will look in the current PATH. If a C<dccifd> socket
is found in C<dcc_home>, it will use that interface that instead of C<dccproc>.
=cut
if (/^dcc[-_]home\s+(.+)$/) {
$self->{dcc_home} = $1; next;
}
=item dcc_dccifd_path STRING
This option tells SpamAssassin specifically where to find the dccifd socket.
If C<dcc_dccifd_path> is not specified, it will default to looking in C<dcc_home>
( run in 2.526 seconds using v1.01-cache-2.11-cpan-0bb4e1dffa6 )