ScanMail Utilities Configuration File Information


This page provides information about how the ptsfilter.conf file functions, and how to use it to work on your system properly and effectively.

Mydomainname and mynodename are the principals in this file which determine how Ptsfilter will function. If the values of these two parameters are incorrect, Ptsfilter will try to retrieve this information from the UNIX system itself.

  • do_check_for_mailserver
  • Check ip address against blacklist database. Options are "1" or "2" Option "1" performs check at connect phase option "2" performs check at recipient list Default database is dul.dnsbl.sorbs.net.
  • check_local_user~ Checks the from address against the passwd, alias and virtusertable files on your Sendmail server.
  • connect_blacklist
  • Change blacklist database used for checking mailserver.
  • do_check_for_openrelay
  • Check for open relay or proxy. Options are "1" or "2" Option "1" performs check at connect phase option "2" performs check at recipient list Default database is list.dsbl.org.
  • connect_openrelay
  • Change blacklist database used for checking open relay.
  • connect_priority
  • scheduling priority for connect phase of message. 1 lowest 63 highest
  • discard_bad_addresses~ If the number of bad addresses is greater than the number specified, the messageis dropped. Used to prevent dictionary attacks.
  • discard_invalid_address~ If the format of the address is invalid,discard the message.
  • helo_priority
  • scheduling priority for helo phase of message. 1 lowest 63 highest
  • from_priority
  • scheduling priority for from phase of message. 1 lowest 63 highest
  • to_priority
  • scheduling priority for to phase of message. 1 lowest 63 highest
  • header_priority
  • scheduling priority for header phase of message. 1 lowest 63 highest
  • eoh_priority
  • scheduling priority for eoh phase of message. 1 lowest 63 highest
  • body_priority
  • scheduling priority for body phase of message. 1 lowest 63 highest
  • eom_priority
  • scheduling priority for end of message phase of message. 1 lowest 63 highest
  • abort_priority
  • scheduling priority for abort phase of message. 1 lowest 63 highest
  • close_priiority
  • scheduling priority for close phase of message. 1 lowest 63 highest
  • match_priority
  • scheduling priority for pattern matching tests. 1 lowest 63 highest
  • num_rejections~ Used with a numerical option when multiple messages are coming in over a single connection. When the number of message rejections exceeds the number specified, the entire connection is dropped.
  • ptsdomainlist
  • A list of domain blacklist from the ScanMail blacklist server.
  • ptsiplist
  • A list of ip blacklist from the ScanMail blacklist server.
  • spam_priority
  • scheduling priority for spam_test. 1 lowest 63 highest
  • write_stats_priority
  • scheduling priority for writing to stats file. 1 lowest 63 highest
  • write_to_database_priority
  • scheduling priority for writing to database. 1 lowest 63 highest
  • greylist_priority
  • scheduling priority for greylist test. 1 lowest 63 highest
  • query_users_priority
  • scheduling priority for query users test. 1 lowest 63 highest
  • query_ptsdatabase_priority
  • scheduling priority for query ptsdatabase test. 1 lowest 63 highest
  • query_blacklist_priority
  • scheduling priority for query blacklist test. 1 lowest 63 highest
  • query_emailalert_priority
  • ex: query_emailalert_priority~1~ sets the priority for email alert
  • query_exceptions_priority
  • scheduling priority for query exceptions test. 1 lowest 63 highest
  • rejects_time~ Used with a numerical option. Will clean out every file in the /usr/local/etc/ptsfilter/rejects directory that are older than the number of hours specified.
  • cleanup_priority
  • scheduling priority for cleanup routines. 1 lowest 63 highest
  • sendmail_binary
  • This should be the fully qualified pathname to sendmail. ex: sendmail_binary~/usr/sbin/sendmail~
    
    
  • sendmail_options
  • These are options to sendmail ex: sendmail_options~-bd -q30m~
  • sendmail_priority
  • ex: sendmail_priority~1~ 1 is lowest priority, 63 is highest
  • subprogram_priority
  • This allows you to set a priority the third party AND custom script tests. ex: subprogram_priority~1~
  • mydomainname
  • This should be your domain name. ex: mydomainname~mydomain.com~
  • discard_user_restriction
  • The option that rejects messages with no valid recipients.
  • do_early_test
  • The option that does blacklist checks at the connect phase.
  • do_from_address_check
  • The option that checks the from address against the from header to see if they are a match. If it's not a match the message is rejected. If this option is set to 0, exact match on whole address. If option is 1, exact match on domain name only. ex: do_from_address_check~1~
  • will_do_return_path_check
  • The option that checks the from address against the return path to see if they match. If it's not a match the message is rejected. If this option is set to 0, exact match on whole address. If option is 1, exact match on domain name only. ex: will_do_return_path_check~1~
  • will_do_reply_to_check
  • The option that checks the from address against the reply-to address to see if they match. If it's not a match the message is rejected. If this option is set to 0, exact match on whole address. If option is 1, exact match on domain name only. ex: will_do_return_path_check~1~
  • do_spf_exception
  • The option that exempts a selected domain from the spf test. ex: do_spf_exception~
  • do_mx_exception
  • The option that exempts a selected domain from the mx test. ex: do_mx_exception~
  • do_mx_check
  • The option that checks a selected domain in the from address for a valid mx record. ex: do_mx_check~
  • mynodename
  • This should be your system name of the unix system. ex: mynodename~mail~
  • will_do_external
  • This option should be your system name of the unix system. ex: mynodename~mail~
  • format_list
  • This is a comma separated list of fields allowing you to determine your own report stats. The first field is one through eleven, followed by a : and the number of characters. ex: format_list~4:15,2:40,3:40,8:30,1:70~
  • dnsbl_domain_list
  • Comma separated list of Domain Blacklist Database. Takes argument of 1 for Server only check ex: dnsbl_domain_list~bogusmc.rfc-ignorant.org,abuse.rfc-ignorant.org~1~
  • surbl_list
  • Comma separated list of Surbl Blacklist Database. Takes argument of 1 for Server only check or 2 which will also check against your dnsbl_domain_list and dnsbl_list ex: surbl_list~sc.surbl.org,ws.surbl.org~1~
  • dnsbl_list
  • Comma separated list of Blacklist Database. Takes argument of 1 for Server only check 2 for all IP addresses ex: dnsbl_list~list.dsbl.org,dnsbl.sorbs.net~1~
  • stats_file
  • Variable used to indicate stats file you want web configurator to look at. ex: stats_file~/usr/local/etc/ptsfilter/stats~
  • razor
  • fully qualified pathname to razor-check. You can now have the option of 1, 2, or 3. 1 only test message if it has not failed any other test, 2 test message even if it is an exception, and 3 test all messages both incoming and outgoing. ex: razor~/usr/local/bin/razor-check~1~
  • clamav
  • fully qualified pathname to clamscan, used by filter. You can now have the option of the 1, 2, or 3. 1 only test message if it has not failed any other test, 2 test message even if it is an exception, and 3 test all messages both incoming and outgoing. ex: clamav~/usr/local/bin/clamscan~3~
  • subject_spam_msg
  • message sent to sender due to subject spam rejection. (subject-list.conf)domain.
  • domain_reject_msg
  • message sent to sender is a message is sent to a restricted (to-restrict.conf)domain.
  • domain_reject_msg
  • message sent to sender is a message is sent to a restricted (to-restrict.conf)domain.
  • clamav_reject_msg
  • message sent to sender if clamav rejects message.
  • razor_reject_msg
  • message sent to sender if vipul's razor rejects message.
  • maxsubsize_reject_msg
  • message sent to sender if the message is rejected because the subject is larger than the maximum allowed subject size.
  • minsubsize_reject_msg
  • message sent to sender if the message is rejected because the subject is smaller than the minimum allowed subject size.
  • minmsgsize_reject_msg
  • message sent to sender if the message is rejected because it is smaller than the minimum allowed message size.
  • no_header_reject_msg
  • message sent to sender if message is rejected due to no header (do_header_check)
  • open_relay_msg
  • message sent to sender if message rejected due to open relay detection.
  • invalid_mailserver_msg
  • message sent to sender if sending mailserver is not valid
  • surbl_reject_msg
  • message sent to sender if surbl (Spam URI Realtime BlockList) rejects message.
  • external_reject_msg
  • message sent to sender if an external program rejects a message.
  • spf_reject_msg
  • message sent to sender if there is a SPF or DNS rejection
  • user_reject
  • message sent to sender if the user is not in (user-list.conf)
  • user_namereject
  • message sent to sender is there is a user name length restriction.
  • check_to_reject
  • message sent back to mail client if our domain does not appear in the to address
  • forged_reject
  • message sent back to mail client if address is possibly forged.
  • intranet_reject
  • message sent to sender due to intranet restriction.(intranet-list.conf)
  • msg_size_reject
  • message sent to sender if mail exceded (message_size-list.conf) message size limit.
  • domain_reject
  • message sent to sender because of domain ip (domain-ip-list.conf)restriction.
  • address_from_to_reject
  • message sent to sender if the "from" and "to" addresses match.
  • address_from_reject
  • message sent to sender mail if address length exceeds limit.
  • num_of_ip_reject
  • message sent to sender if the number of relays exceeds limit.
  • dns_reject
  • message sent to sender if dns lookup fails.
  • blacklist_reject
  • message sent to sender if mail is rejected by blacklist database.
  • quota_reject
  • message sent to sender if mailbox quota limit is (quota-list.conf) exceeded.
  • reject_spam
  • message sent to sender due to a spam rejection. (spam-list.conf)
  • ip_address_reject
  • message sent to sender if ip address has been (ip-list.conf) rejected.
  • address_reject
  • message sent to sender when from address has been rejected (address-list.conf) rejected.
  • virus_reject
  • message sent to sender if a sign of a virus in (string-list.conf) mail message has been detected.
  • local_virus
  • message sent to local user when the mail shows (string-list.conf) signs of a possible virus.
  • dcc
  • DCC is the Distributed Checksum Clearing House. The first field is the tag, the constant. The second field is the fully qualfied pathname to the exectuable you want to run. The third field is the option of how you want the check to be, will either be 1, 2, or 3. 1 only test message is it has not failed any other test, 2 test message even if it is an exception, and 3 test all messages both incoming and outgoing. ex: dcc~usr/local/bin/dccproc -QR -ccmn,10 >/dev/null 2>&1~1~
  • lhnmode
  • Checks local host names for outbound exemptions. This only takes one argument, which would be a fully qualified file name. lhnmode~/etc/mail/local-host-names~
  • will_do_external
  • Performs a user specified script. This takes a fully qualified pathname for the program to run. This also has the options of 1, 2, and 3. ex: will_do_external~/usr/local/bin/myscript~3~ option 1 performs the command on messages accepted option 2 performs the command on messages exempted or accepted option 3 performs the command on all messages
  • check_num_recipients
  • sets the number of recipients to allow before rejecting message*(takes a numerical argument)* ex: check_num_recipients~7~
  • will_do_dcc_exception
  • allows an exception for the dcc test. ex: will_do_dcc_exception~1~
  • check_num_recipients
  • sets the number of recipients to allow before rejecting message*(takes a numerical argument)* ex: check_num_recipients~7~
  • do_body_check
  • checks to see if message has no body ex: do_body_check~
  • do_header_check
  • checks to see if message has no headers ex: do_header_check~
  • do_dictionary
  • stops dictionary attacks ex: do_dictionary~
  • check_num_ips
  • sets the number of relays to allow before rejecting message*(takes a numerical argument)* ex: check_num_ip~7~
  • size_limit
  • This option allows for a certain number of bytes, chosen by the system administrator, to be scanned. Once the set number of bytes is scanned, the scanning stops.*(Takes a numerical argument)* ex: size_limit~25000~
  • noroot
  • Allows ptsfilter to run as users other than smmsp ex: noroot~nobody~
  • check_user_from_length
  • checks the length of the from address*(takes a numerical argument)* must be less than check_user_from_length ex: check_user_from_length~50~
  • check_from_length
  • checks the length of the from address*(takes a numerical argument)* must be greater than check_from_length ex: check_from_length~50~
  • forceviruscheck
  • This option forces attachment scanning on Exceptions. *(Takes a numerical argument 1 for incoming only. 2 for all messages)* ex: force_virus_check~1~
  • spfflag
  • Do SPF (Sender Policy Framework) Test. Takes a numerical argument. (1 only accept message on pass condition, 2 only fail message on fail condition) ex: spfflag~2~
  • do_bonded_sender
  • This option makes ptsfilter do an accreditation check with Bonded Sender
  • do_habeas_check
  • This option makes ptsfilter do an accreditation check with Habeas
  • spfmydomain
  • This option forces a SPF check on the system's domain
  • spfexception
  • This option forces a SPF exception on the system's domain
  • check_base64
  • Checks base64 encoded strings against the spamlist entries
  • noscanattachment
  • Make Ptsfilter not scan encoded attachments
  • check_to_domain
  • Ensures that messages with many different domainnames in the "to", "CC" and "BCC" fields are not accepted. Only messages containing one common domainname in the "to", "CC" and "BCC" fields are accepted.
  • trace
  • Adds trace statements to syslog showing routines message went through
  • check_if_forged
  • rejects forged ip addresses
  • discard_dsn
  • Discards unwanted DSN (Dellivery Status Notice) which contain spam.
  • discardmessage
  • Discards unwanted messages rather than sending reject reply back to the sender
  • logging
  • Create copies of offending messages
  • do_syslog
  • Do not send messages to the syslog
  • dnscheck
  • DNS lookups on all server addresses (IP ADDRESS must resolve) Takes an argument of 1 for server address only Takes an argument of 2 for all IP adresses. A 2 is very RESTRICTIVE.
  • use_mysql
  • Read/Write to ptsmail database requires mysql
  • blacklist_mysql
  • Write Blacklist entries to BlackList table
  • dcc_mysql
  • Write DCC entries to BlackList table
  • no_valid_recipients_mysql
  • Write IP address of of messages with no valid recipeints to BlackList table
  • surbl_mysql
  • Write Surbls Domain entries to BlackList Domain table
  • razor_mysql
  • Write Vipuls Razor entries to BlackList IP table
  • spf_mysql
  • Write SPF entries to BlackList IP table
  • check_from_to
  • Disallow from and to address that are the same
  • testmode
  • Puts Ptsfilter in testmode. Does all checks and reports but deliver's all mail.
  • scansubject
  • Scan subject only for spam
  • exemptoutspam
  • exempt all outgoing mail from spam check
  • exemptout
  • exempt all outgoing mail from all checks
  • intranetout
  • Restricts incoming mail for users on intranet restriction
  • multipletoaddresses
  • Checks multiple to addresses to ensure that if one address fails, all addresses fail.(turn exceptions off)
  • quarantine_time
  • time in hours to clean out quaratine directory.(used by smd). ex:quarantine_time ~24~
  • reject_time
  • time in hours to clean out rejects directory.(used by smd). ex: reject_time~24~
  • tmp_time
  • time in hours to clean out tmp directory.(used by smd). ex: tmp_time~24~
  • users_time
  • time in hours to clean out users directory.(used by smd). ex: users_time~24~
  • surbl_count
  • number of bytes in a message to check for surbl's ex: surbl_count~50000~
  • elapsedtime
  • time in minutes to refresh filter.(used by smd). ex: elapsedtime~360~
  • freshclam
  • command to run clamav database updates(used by smd). fqpn for freshclam. Will be run on filter refresh time. ex: freshclam~/usr/local/bin/freshclam 2>/dev/null 2>&1~
  • num_of_processes
  • number of threaded processes for ptsfilter (used by smd). normally 1. Older versions of Linux use 3. ex: num_of_processes~1~
  • BlackList
  • Clean tblBlackList table of entries past N days old Takes 1 argument of number of days
  • tblEmailFilter
  • Clean tblUserList table of entries past N days old Takes 1 argument of number of days
  • tblUserList
  • Clean tblUserList table of entries past N days old Takes 1 argument of number of days
  • DomainList
  • Clean DomainList table of entries past N days old Takes 1 argument of number of days
  • tblmessage
  • Clean tblmessage table of entries past N days old Takes 1 argument of number of days
  • rebuild_access
  • Add addresses from the Blacklisr mysql tables to sendmail access database. Takes 2 arguments action (DISCARD,REJECT) ip only (1), domain only (2) or both (3) ex: rebuild_access~DISCARD~1~ When the smd daemon elapsed time expires the access database will be rebuilt adding the entries to your access table.
  • users_mysql
  • Use the tblEmailAddress table to get a list of valid users
  • users_full_address
  • Do exact match on full address entries in tblEmailAddress needs users_exact_match.
  • users_exact_match
  • Do exact match on entries in tblEmailAddress
  • allow_deny_exact_match
  • Do exact match on entries in tblUserList
  • repair_table
  • Repair mysql tables as part of regulary scheduled maintenance
  • will_do_clamupdate
  • Automatically update clamav virus database
  • orderly_shutdown
  • Do orderly shutdown of milter. Needed most when using mysql
  • users_mysql
  • Use tblEmailAddress table for User Restriction Lookups
  • users_exact_match
  • Do exact match on user test against tblEmailAddress
  • insert_delayed
  • Use delayed inserts writing to mysql database
  • write_message_dir
  • Takes argument of fully qualified path name to write messages to The filename will be the queue_id. No limit on number of bytes.
  • write_message_record
  • Takes numerical argument of number of bytes of message to write to tblmessage table. Limit is 50000 bytes.
  • wiil_do_absolutly_from_restrict
  • will do from restrict test regardless of exemption.
  • spfauththenticate
  • bypasses spf test on your domain if spfmydomain is set and user authenticates through sendmail
  • temp_fail_on_database_error
  • temp fail message if mysql error
  • abort_by_sendmail
  • Adds entries to statistics file for connections aborted by sendmail
  • connect_timeout
  • Time in seconds to allow for MTA connect to ptsfilter.
  • listen_backlog
  • Listen queue backlog for ptsfilter from sendmail. This should set no higher than the system allowable backlog on a listening socket.
  • maxsubjectsize
  • Maximum allowable subject size
  • minsubjectsize
  • Minimum allowable subject size
  • minmessagesize
  • Minimum allowable message size
  • greylisttype
  • Turns on greylisting. Take 1 argument. 0 for ipaddress, from address and to address. 1 for to address and from address
  • greylist
  • Turns on greylisting. Take 2 arguments, time minutes for message temp fail and time in hours for record expiration if greylisttype is not set greylisttype is 0;
  • do_network_time_check
  • Gives time in milliseconds of certain network connections
  • do_x_header
  • Adds header to message with status.
  • bayesian
  • Checks email against ScanMail Utilities Bayesian filter.
  • do_mx_check
  • Checks to verify sending domain has valid mx record.
  • mailbox_location
  • Location of email boxes (usually /var/spool/email). Takes 1 argument, fully qualified pathname.
  • check_my_user
  • check local domain to check if sender is valid user Takes argument of ip address to check against
  • do_user_check
  • check sending domain to check if sender is valid user Takes argument of 1 just check user or 2 to also check if sever refuses connection. Argument of 3 gives temporary fail on error connection. Argument of 4 passes to next test on error connection.
  • user_delrcpt
  • Allows you to delete unknown recipients from the recipient list. Example File mydomainname~anydomain.com~ mynodename~mail~ exemptout~ bayesian~ use_mysql~ spfflag~2~ noscanattachment~ spfmydomain~ maillog~/var/log/maillog~ do_habeas_check~ do_bonded_sender~ lhnmode~/etc/mail/local-host-names~ clamav~/usr/local/bin/clamscan >/dev/null 2>&1~3~ razor~/usr/local/bin/razor-check >/dev/null 2>&1~1~ format_list~4:15,2:40,3:40,8:30,1:70~ dnsbl_list~dnsbl.sorbs.net,bl.spamcop.net,sbl.spamhaus.org~1~ stats_file~/usr/local/etc/ptsfilter/stats~ sendmail_binary~/usr/sbin/sendmail~ dcc~/usr/local/bin/dccproc -QR -ccmn,10 >/dev/null 2>&1~1~ freshclam~/usr/local/bin/freshclam >/dev/null 2>&1~ num_of_processes~1~ blacklist_mysql~ razor_mysql~ quarantine_time~240~

    Need to upgrade your license? Go to the upgrade area to upgrade your license the latest version of the ScanMail Utilties.

    Copyright © 2013 ScanMail. All rights reserved.
    last modified on: 02/05/09 11:20:42 AM
    ScanMail    
    Search    

    Features    
    Customer Feedback    
    Free Installation    
    Real time stats     
    Test ScanMail Utilities    
    Requirements    

    Free 15 Day Demo    
    Ordering    
    Upgrade Your License    
    Downloads    
    ScanMail Firewall Server    

    Support    
    FAQ    
    ScanMail Blog    
    ScanMail Forum