Installation manual

ManualsBrandsESET ManualsPrint & ScanMAIL SECURITY - FOR LINUX BSD AND SOLARIS

Table Of Contents

ignored_ip_list

List of ignored IP addresses. You can specify IPs that should be ignored during Real-time Blackhole List

(RBL) checks. You should include all internal IP addresses within the firewall not directly accessible

from the Internet. Doing so prevents unnecessary checks and helps identify actual connecting IP

addresses. Internal IP addresses are already skipped by the engine (192.168.x.y and 10.x).

rbl_list

List of Realtime Blackhole servers to be used when evaluating messages. The RBL request checks for

presence of a specific IP address on a given RBL server. Subject to these checks are IP addresses in the

Received: sections in the mail header.

The entry format is as follows:

rbl_list=server:response:offset,server2:response2:offset2,...

The meaning of the parameters are explained below:

server

RBL server name

response

RBL server response if the IP address was found (standard responses are 127.0.0.2, 127.0.0.3,

127.0.0.4., etc.). This parameter is optional, and if not set, all answers will be considered.

offset

Value from 0 to 100. Influences overall spam score. Standard value is 100, i.e. in case of a positive

check the message is assigned the spam score of 100 and is evaluated as spam. Negative values

lower the overall spam score of a message.

Example 1:

rbl_list=ent.adbl.org

RBL check is performed using the ent.adbl.org server. If the check is positive, the message will be

assigned a standard offset of 100 and marked as spam.

Example 2:

rbl_list=ent.adbl.org::60

RBL check is performed using the ent.adbl.org server. If the check is positive, the message will be

assigned an offset of 60 which increases its overall spam score.

Example 3:

rbl_list=bx9.dbl.com::85, list.dnb.org:127.0.0.4:35, req.gsender.org::-75

RBL check is performed using the defined servers (from left to right). In case of a positive check on

bx9.dbl.com the offset of 85 will be added. If the check on list.dnb.org will be positive giving a

response of 127.0.0.4 offset of 35 will be used. The offset will not be applied in cases of answers other

than 127.0.0.4. If a check is positive on req.gsender.org the spam score will be decreased by 75

point (negative value).

rbl_max_ips

Maximum IP addresses that can be sent to RBL server check. Total number of RBL requests is the total

amount of IP addresses in the Received: sections in the email header (up to the set limit in

‘rbl_maxcheck_ips’) multiplied by the number of RBL servers set in the ‘rbl_list’. The value of 0 means

there is no limit to the maximum number of IP addresses that can be checked.

This parameter is applied only if the ‘rbl_list’ option is enabled (i.e. contains a minimum of 1 server).

approved_domain_list

Is a list of domains and IP addresses in the email body, that are to be considered as allowed. Do not

use to whitelist emails by sender's domain!

blocked_domain_list

Is a list domains and IP addresses in the email body, that are to be considered as permanently

blocked. This is not a blacklist of sender's addresses!

ignored_domain_list

List of domains in the email body, that are to be permanently excluded from DNSBL checks and ignored.

dnsbl_list

List of DNSBL (DNS-based Blackhole List) servers to be used in checks of domains and IP addresses in

the email body.

Format of entry is as follows:

dnsbl_list=server:response:offset,server2:response2:offset2,...

Meaning parameters used:

server

DNSBL server name

response

DNSBL server response if IP address/domain was found (standard responses are 127.0.0.2,

127.0.0.3, 127.0.0.4., etc.). This parameter is optional, and if not set, all answers will be considered.

offset