Global settings spam & hacker related

  1. Home
  2. Knowledge Base
  3. Settings
  4. Global settings spam & hacker related


\

g_black_above – Level for spam detection for g_black_count

Level for spam detection for blacklisting IP number e.g. 7. 

Syntax: g_black_above int

g_black_count – Blacklist sender IP based on spam sent

Number of spam in a row before IP blacklisted for 30 minutes eg: 30 (default = disabled)

Syntax: g_black_count int

g_black_isspam – Blacklist ip address for any spam training event

This setting has no further documentation currently available

Syntax: g_black_isspam bool

g_black_nbad – Blacklist ip address if this many bad recipients in a row (e.g. 8)

There is no default. The ip is blacklisted for the time specified by G_MAX_BAD_IP_TIME or one day. Whitelist with G_BLACK_WHITE for ip address or from matches. This limit is related to a single connection, not all errors from an ip over time.

Syntax: g_black_nbad int

g_black_to – Blacklist sender IP based on catch addresses

Blacklist senders IP address for 30 minutes if they deliver to these spam catch email addresses.

eg. g_black_to “smith@mydomain.com,catcher@myotherdomain.com”

Syntax: g_black_to string

g_black_white – Whitelist to prevent blacklisting, e.g. 1.2.3.*,mail*.aol.com

This setting has no further documentation currently available

Syntax: g_black_white string

g_block_files – Block certain attachments

Allow you to block any mail with certain files attached. 

g_block_files “*.exe,*.cmd,*.com”

Syntax: g_block_files string

g_block_longok – If true allow long file names (more than 180 char)

By default files names over this length are ALWAYS blocked if g_block_files is used, in rare situations these are not just viruses attempting to get around the filter.

Syntax: g_block_longok bool

g_block_skip – From or To address to bypass g_block_files

Some users will need to send various attachments, these users are excempt to the g_block_files rule

Syntax: g_block_skip string

g_block_wild – Block wildcards in usernames

Block the ‘*’ wildcard character in usernames.

Syntax: g_block_wild bool





g_breakin_enable – Stop multiple ip logins for one account in a few seconds

When a hacker guesses a password on your system they will often send outgoing spam to your server from multiple ip addresses, Surgemail detects this and emails the administrator when it occurs, use g_breakin_white to enable specific users who need to do this (this is very unusual though)

Syntax: g_breakin_enable bool

g_breakin_n – Number of different ip’s that trigger a lockout, default is 8

Only lower numbers are valid.

Syntax: g_breakin_n int

g_breakin_white – Email addresses that can send concurrently from mulltiple ips (use * to allow everyone)

When a hacker guesses a password on your system they will often send outgoing spam to your server from multiple ip addresses, Surgemail detects this and emails the administrator when it occurs, use this setting to enable specific users who need to do this (this is very unusual though), it also accepts wild cards, e.g. * if you wish to disable teh feature. A list is given as “user@domin,user2@domain2”

Syntax: g_breakin_white string

g_breakin_window – Window in seconds, default is 300

The window in which the multiple logins are counted

Syntax: g_breakin_window string



Was this article helpful?

Related Articles