X-Git-Url: http://git.madism.org/?a=blobdiff_plain;f=example%2Fpostlicyd.conf;h=12d8ff5683a4dd2ba2880ab560c3c194ab66aa9a;hb=a66e19cd437595328f202cbde8d492d5f7e2205a;hp=d70a771566a0702ac42f08a55c41a9c19489824f;hpb=ddf3e587c41536baad71de4008eafd64b8c00d58;p=apps%2Fpfixtools.git

diff --git a/example/postlicyd.conf b/example/postlicyd.conf
index d70a771..12d8ff5 100644
--- a/example/postlicyd.conf
+++ b/example/postlicyd.conf
@@ -70,6 +70,8 @@
 #             declare a file to load. If lock is given, the klist is locked into the
 #             RAM. The weight is a number giving the weight of this blaclist file in the
 #             score of the IP
+#           - rbldns: (no)?lock:weight:filename
+#             this is an alias for file.
 #           - soft_threshold: score (default: 1)
 #             minimum score to match the soft_match return value
 #           - hard_threshold: score (default: 1)
@@ -101,15 +103,28 @@ spamhaus_and_abuseat {
 
 #     - strlist: match strings from the query against a list of list.
 #        Parameters:
-#           - file: (no)?lock:(pre|suf)fix:weight:filename
+#           - file: (no)?lock:(partial-)?(pre|suf)fix:weight:filename
 #             declare a file to load. If lock is given, the list is locked into the
 #             RAM. Prefix/Suffix is a parameter to tell the matcher which is the most
 #             efficient storage order. The strings are internally stored into a trie that
 #             allow high compression if a lot of prefix are shared by several strings. If
 #             you choose "prefix", string are stored in the natural order in memory and
 #             prefix compression is performed. If you choose "suffix", strings are stored
-#             in reverse order in memory and suffix compression is performed. The weight
-#             is a number giving the weight of this list in the string score.
+#             in reverse order in memory and suffix compression is performed. If you add "partial-"
+#             to the match order, the entry will match if the file contains a prefix (resp. suffix)
+#             of the string. The weight is a number giving the weight of this list in the string score.
+#               e.g.:
+#                * a file that contains ".polytechnique.org" in "partial-suffix" mode will match
+#                 all subdomains of "polytechnique.org".
+#                * a file that contains "postmaster@" in "partial-prefix" mode will match all
+#                 postmaster emails.
+#                * a file open without "partial-" modifier match exact strings.
+#           - rbldns: (no)?lock:weight:filename
+#             declare a rbldns zone file to load. This is exactly the same as file excepted that it wraps
+#             parsing of hostname to split them into 2 categories:
+#               * names beginning with '*' are sorted as 'domains' and are matched as suffix
+#               * names starting with an alphanumirical character are sorted as 'hostnames' and are
+#                process via exact matching.
 #           - soft_threshold: score (default: 1)
 #             minimum score to match the soft_match return value
 #           - hard_threshold: score (default: 1)
@@ -119,7 +134,8 @@ spamhaus_and_abuseat {
 #             currently only email OR hostname fields are supported. You MUST choose only
 #             one of these types per strlist, and be carefull that the field you requested
 #             are available in the protocol state you want to use this filter for.
-#              * hostname fields: helo_name, client_name, reverse_client_name
+#              * hostname fields: helo_name, client_name, reverse_client_name, sender_domain,
+#                         recipient_domain
 #              * email fields: sender, recipient
 #             No space is allowed in this parameter.
 #        Return value:
@@ -140,8 +156,9 @@ client_whitelist {
   type  = strlist;
 
   # configuration
-  file    = lock:1:/var/spool/postlicyd/client_whitelist;
-  fields  = client_name;
+  file    = lock:1:suffix:/var/spool/postlicyd/client_whitelist;
+  rbldns  = lock:1:/va/spool/postlicyd/abuse.rfc-ignorant.org;
+  fields  = client_name,sender_domain,helo_name;
 
   # hooks
   on_hard_match = postfix:OK;
@@ -164,6 +181,9 @@ client_whitelist {
 #           - client_awl: number (default: 5)
 #             number of successful greylisting before the client get whitelisted (0 means,
 #             no-auto-whitelist).
+#           - max_age: number (default: 30 * 3600)
+#             lifetime of a greylist/whitelist session: ie, if a client does ne reappear during
+#             max_age seconds, the entries associated to this client are invalidated.
 #         Return value:
 #           - if the client is whitelisted, returns whitelist
 #           - if the client is greylisted, returns greylist
@@ -197,6 +217,7 @@ greylist {
 #              emitted by postfix. This list with description of each
 #              field is available at:
 #               http://www.postfix.org/SMTPD_POLICY_README.html
+#              postlicyd also support fields sender_domain and recipient_domain
 #             * OP is an operator. Available operators are:
 #                == field_name is strictly equal to value
 #                =i field_name is case insensitively equal to value