Provided by: messagewall_1.0.8-3_i386 bug

NAME

       messagewall_profiles - messagewall user profile configuration

DESCRIPTION

       Any   regular   files  in  the  directory  defined  as  profile_dir  in
       messagewall.conf (5) are read as profiles that can be  referenced  from
       default_profile, relay_profile or the special_users file.  Each profile
       must contain at least one key/value pair.

       Regular variables are in the format::
       variable_name="value"
       variable_name2="value2"

       Scored variables are in the format:
       variable_name="score,value"
       If the score is omitted, it defaults to 1.  If  the  value  contains  a
       comma, score is required.

       Regular Variables:
              reject
              Default: 0
              Setting  this  variable to ’1’ indicates that any messages using
              this profile should be denied.  This is used for testing and for
              preventing addresses under attack from clogging the backend MTA.

              reject_score
              Default: 1
              This is the score at which MessageWall will reject the  message.
              Any  message  acheiving  a  score  below  this  will simply have
              warnings added to its headers indicating which tests it  failed.

              mime_strip
              Example:
              mime_strip=text/html
              The  value  of  a  mime_strip line is case-insensitively matched
              against MIME types of each part of the message.  If a  match  is
              found,  that MIME section is stripped from the message, and will
              not reach the  recipient.   There  can  be  multiple  mime_strip
              lines.   If, after processing all mime_strip lines, there are no
              useful (non-multipart) sections of the message left, the message
              is  refused.   Stripping text/html sections from messages can be
              extremely effective against viruses  that  self-run  attachments
              using  bugs  in  Microsoft  Outlook’s  & Outlook Express’s HTML-
              handling code, as well as against HTML-only spam.

              mime_allow
              Example:
              mime_allow=text/plain
              mime_allow is a stricter version of  mime_strip.   It  acts  the
              same  way  except  that only parts with MIME types specificially
              listed are allowed through.  There can  be  multiple  mime_allow
              lines.   Presence  of a mime_allow line nullifies any mime_strip
              lines in the profile.

       Scored Variables:
              to_cc_check
              Default: 0
              Setting this variable to ’1’ causes MessageWall  to  check  that
              the  envelope  destination  address  is in either the To: or CC:
              fields in the message header.  This check  stops  a  significant
              amount  of UBE.  However, it also breaks most legitimate mailing
              lists.  Do not use this check in the relay_profile, as there may
              be   multiple   destination   addresses   and  it  will  provide
              inconsistent results.

              from_check
              Default: 0
              Setting this variable to ’1’ causes MessageWall  to  check  that
              the envelope source address is in the From: field of the message
              header.  The realistic impact of using this check is unknown.

              realname_check
              Default: 0
              Setting this variable to ’1’ causes MessageWall to check for the
              presence  of  a  real  name before the <> address section of the
              From: field of the message  header.   The  realistic  impact  of
              using this check is unknown.

              rdns_required
              Default: 0
              Setting  this  variable  to  ’1’  causes  MessageWall  to reject
              messages from IP address that lack reverse DNS.   The  realistic
              impact of using this check is unknown.

              rmx_required
              Default: 0
              Setting  this  variable  to  ’1’  causes  MessageWall  to reject
              messages with return path domains without an  MX  or  A  record.
              This  means  that  domains  in  the  reverse  path that would be
              undeliverable for return mail cause the message to be  rejected.
              This should be safe to use in almost all cases.

              header_reject
              Example:
              header_reject=1,Precedence:bulk
              The  value  of  a  header_reject  line  should  contain  a colon
              seperated  string  of  Header:Key.   The  "Key"  will  be  case-
              sensitively searched for in the value of the header.  If a match
              is found,  the  message  is  refused.   There  can  be  multiple
              header_reject lines.

              header_rejecti
              Example:
              header_rejecti=1,X-Mailer:gold
              The  value  of  a  header_rejecti  line  should  contain a colon
              seperated  string  of  Header:Key.   The  "Key"  will  be  case-
              insensitively  searched  for  in  the value of the header.  If a
              match is found, the message is refused.  There can  be  multiple
              header_reject lines.

              body_reject
              Example:
              body_reject=1,FREE
              The value of a body_reject line is case-sensitively searched for
              in the decoded body of each MIME part.  If a match is found, the
              message is refused.  There can be multiple body_reject lines.

              body_rejecti
              Example:
              body_rejecti=1,viagra
              The  value of a body_rejecti line is case-insensitively searched
              for in the decoded body of each MIME part.  If a match is found,
              the  message  is  refused.   There  can be multiple body_rejecti
              lines.

              filename_reject
              Example:
              filename_reject=1,.pif
              The  value  of  a  filename_reject  line  is  case-insensitively
              searched for in any filenames of attachments to the message.  If
              a match is found, the message is refused.  There can be multiple
              filename_reject  lines.   filename_reject  is  the most powerful
              MessageWall tool to stop virus propagation.

              mime_reject
              mime_reject=1,application/x-wav
              The value of a mime_reject line  is  case-insensitively  matched
              against  content-types  in all parts of the message.  If a match
              is found,  the  message  is  refused.   There  can  be  multiple
              mime_reject  lines.  mime_reject is provided as a counterpart to
              filename_reject for platforms that determine execution based  on
              MIME type instead of filename extension.

              dnsbl
              Examples:
              dnsbl=2,list.dsbl.org/127.0.0.2
              dnsbl=1,multihop.dsbl.org
              dnsbl=1,bl.spamcop.net
              Each dnsbl line causes queries for connecting IP addresses to be
              sent to the list in question.  If a  connecting  IP  address  is
              present  on  one of the lists (and the result IP matches the one
              provided, if  any),  the  message  is  refused  with  a  message
              pointing  to  http://openrbl.org/.   To  speed  up transactions,
              requests for all lists from all profiles  are  sent  on  initial
              connection; later, when we determine what profile applies to the
              message, responses from the lists are checked,  and  waited  for
              (up  to  dnsbl_timeout) if necessary.  The effectiveness of this
              feature is based strictly on which lists are used.

              dnsbl_domain
              Examples:
              dnsbl_domain=1,dsn.rfc-ignorant.org/127.0.0.2
              dnsbl_domain=2,postmaster.rfc-ignorant.org
              dnsbl_domain=1,abuse.rfc-ignorant.org
              Each dnsbl_domain line causes queries for reverse  path  domains
              to  be sent to the list in question.  If a connecting IP address
              is present on one of the lists (and the result  IP  matches  the
              one  provided,  if  any),  the  message is refused.  To speed up
              transactions, requests for all lists from all profiles are  sent
              on  MAIL  FROM; later, when we determine what profile applies to
              the message, responses from the lists are  checked,  and  waited
              for    (up   to   dnsbl_domain_timeout)   if   necessary.    The
              effectiveness of this feature is based on the lists being  used,
              but  is  slightly  less  than IP-based blacklists, as it is more
              easily spoofable.

              dnsdcc
              Examples:
              dnsdcc=1,aa.dcc.dsbl.org
              dnsdcc=1,ba.dcc.dsbl.org
              Each dnsdcc line causes queries for each MIME part of a  message
              to  be  sent  to  the specified checksum servers.  The first two
              letters of the value specifies the checksum  to  be  calculated.
              If  a  match  is  found, the message is refused.  This system is
              very effective against common viruses and UBE, but  also  breaks
              legitimate mailing list messages.

              virus_scan
              Examples:
              virus_scan=1,virus.profiles
              Each   virus_scan   line  causes  MessageWall  to  scan  decoded
              attachments against  the  Open  AntiVirus  format  pattern  file
              specified.   If a match is found, the message is refused.  Virus
              pattern files are reloaded on messagewallctl reload-virus.

EXAMPLES

       See the profiles directory in the distribution for sample profiles.

AUTHOR

       Ian Gulliver <ian@penguinhosting.net>

SEE ALSO

       messagewall(1),
       messagewall.conf(5)

                                  2002-06-08           messagewall_profiles(5)