g_vipre_enable - Enable vipre scanner on windows
Enable the vipre scanner module
Syntax: g_vipre_enable bool
g_virus_allow_unmonitorable - Allow unmonitorable content (avast antivirus)
By default messages that cannot be scanned (eg as they contain password protected archive files) are blocked by the avast virus scanner. This setting allows unmonitorable contect to be sent.
Syntax: g_virus_allow_unmonitorable bool
g_virus_avast_attachments - Only scan messages with suspect attachments (windows only currently)
This setting has no further documentation currently available
Syntax: g_virus_avast_attachments bool
Not recommended, now use the anti virus config page to configure surgemail to use your system scanner.
g_virus_avast - Set Avast update time
This is a string based setting that allows you to specify when Avast updates are attempted.
eg: to update at 12 midnight, 6am,12noon and 6 pm.
g_virus_avast_hour "0,6,12,18"
Syntax: g_virus_avast_hour int
g_virus_avast_old - Enable AVAST virus scanner integration, OBSOLETE, DO NOT USE
This setting has no further documentation currently available
Syntax: g_virus_avast_old bool
g_virus_cloud - Use cloud scanner, not recommended
Enables the cloud scanner for inbox delivered messages if clamav is in use, this does send samples to an external system for scanning so may not be appropriate in all situations. It should only be used on systems where 'clamav' is the primary scanner with less than 1000 users.
Syntax: g_virus_cloud bool
g_virus_cloud_wild - File types to cloud scan *.exe,*.com
Best left as default
Syntax: g_virus_cloud_wild string
g_virus_cmd - Command line virus checker to run on MIME parts
If defined the mail server will extract MIME parts in a multi part message and run the virus scanner over the extracted file. The command line can include $FILE$ which will be replaced with the actual file name of the extracted part. An intelligent cache is used so mailing lists, etc, will not require running the virus scanner on every message sent. If you set this to "do_not_run" then SurgeMail will extract the MIME parts but not actually run any program, some virus scanners scan all files on the system so the file is deleted magically and SurgeMail will notice and bounce the message. If your scanner supports the returning of return codes if a virus is found then you should use g_virus_cmd_codes with this setting as this is more reliable than having to detect if a file is deleted and also means also will work on viruses in archives which a lot of scanners won't delete.
Syntax: g_virus_cmd string
g_virus_cmd_body - Scan raw msg file too
This setting has no further documentation currently available
Syntax: g_virus_cmd_body bool
g_virus_cmd_codes - Return codes to bounce message
Accept return codes from virus scanner as a confirmation that the scanned file is infected, eg: 1,2,3,4,5.
Lets SurgeMail check the return code from g_virus_cmd and if the code matches
one in the above setting assumes its a virus and bounces it.
g_virus_cmd_codes "10,12"
This would assume its a virus if the scanner returns return code 10 or 12 and then will bounce the message.
Syntax: g_virus_cmd_codes string
g_virus_cmd_drop - Drop silently instead of reject at data stage - not recommended
This should only be used when your front end server is not scanning for viruses and your back end server then rejects the message generating back scatter on the front end server.
Syntax: g_virus_cmd_drop bool
g_virus_cmd_email - Set if scanner can understand email message files
If this is set then then the scanner is responsible for extracting the mime parts of a message and scanning them
Syntax: g_virus_cmd_email bool
g_virus_cmd_log - Log stdout of virus command line scanner to vcmd.log
This setting has no further documentation currently available
Syntax: g_virus_cmd_log bool
g_virus_cmd_max - Maximum number of concurrent threads to use for scanning
Syntax: g_virus_cmd_max "number of threads"
This sets the maximum number of threads that be used for running the virus scanner set by g_virus_cmd. Some scanners can take a while to scan a message and if the server is very busy this can tie up many channels and drain the cpu slowing down the entire mail server. When the maximum has been reached any messages coming in will be passed on without being run through the scanner - although this is not the best, it's better than the mail server grinding to a halt.
Syntax: g_virus_cmd_max int
g_virus_cmd_nodel - Do not delete scanned files
Disables cleanup of scanned files, so you can test manually. The files are extracted to the "toscan" directory inside the SurgeMail directory. You should never normally need this on unless for debugging purposes.
Syntax: g_virus_cmd_nodel bool
g_virus_cmd_size - Max size of messages to scan
Useful to stop scanning of huge files, e.g. 1mb or bigger
Syntax: g_virus_cmd_size int
g_virus_cmd_sleep - Wait after g_virus_cmd incase delete is not immediate
Milli seconds to wait after g_virus_cmd incase delete is not immediate, eg: 500 = half a second.
Syntax: g_virus_cmd_sleep int
g_virus_cmd_test - Continue after virus found to compare scanners
This setting has no further documentation currently available
Syntax: g_virus_cmd_test bool
g_virus_debug3 - Testing virus scanners do not use
Do not use
Syntax: g_virus_debug3 bool
g_virus_disable_local - Disable scanning for local trusted users
Skip virus scanner for authenticated users and 127.0.0.1
Syntax: g_virus_disable_local bool
g_virus_disable_remote - Disable virus scans for non-local addresses
By default SurgeMail scans incoming messages from non-local senders, this disables that behaviour so scans will only occur if any recipient has virus scan access. You will probably need g_user_virus_scan true as well.
Syntax: g_virus_disable_remote bool
g_virus_filter - Virus checker or filter that takes commands on stdin and response on stdout
Virus filters use the following protocol the process is run continuously and sent on STDIN a command of the form, "nnn CHECK fullfilename envelopefilename\r\n" and in response it must send back is "nnn OK|REJECT|ERROR reason text\r\n"
It can modify the file directly and then respond with 'ok', however if it does this it must maintain the crlf line terminated and dot stuffed nature of the file.
Here is an example test of a virus filter
c:\surgemail> vfilter.exe 1 check c:\surgemail\work\a.itm c:\surgemail\work\a.hdr 1 REJECT Found something bad in that file 2 check c:\surgemail\work\a.itm c:\surgemail\work\a.hdr 2 OK send message along
a.hdr would contain:
From: bob@domain.com To: xyz@thisdomain.com To: xyz3@thisdomain.com
Syntax: g_virus_filter cmd=string type=string
g_virus_filter_require - Require filter pipe
If any g_virus_filter pipe fails bounce messages rather than allow to continue.
Syntax: g_virus_filter_require bool
g_virus_fprot - Set F-PROT port for mail scanning
Typically set this to 11200
First install f-prot virus scanner, exact steps will vary depending on platform so follow your F-Prot install instructions, but as an example on Linux we did this:
cd /usr/local gunzip DISTRIBUTION.tar.gz tar -xvf DISTRIBUTION.tar cd f-prot ./install-f-prot.pl cd tools
# Now start mail scanner as user 'mail' su mail -c"/usr/local/f-prot/tools/scan-mail.pl -server -daemon"
Your will also need to start the scanner as above in your startup scripts (e.g. rc.local)
Then lastly in surgemail.ini set
g_virus_fprot 11200
When a message is scanned a header X-Fprot: ... is added giving some informational status.
Syntax: g_virus_fprot int
g_virus_late - Run virus scan after most spam filter processing
This can reduce load on virus scanner which is often a slow process
Syntax: g_virus_late bool
g_virus_localhost - Don't skip virus checks for 127.0.0.1 originating emails
This setting should not normally be used, it will make it scan locally generated emails, dlist messages etc...
Syntax: g_virus_localhost bool
g_virus_recent_skip - Skip recent virus cache
Skip virus recent cache which attempts to speed up virus scanners.
Syntax: g_virus_recent_skip bool
g_virus_rename - Rename attached executables to prevent autorun
If enabled SurgeMail will rename dangerous executable files by replacing the '.' with an '_'. This will stop many autorun viruses. This is name
Syntax: g_virus_rename bool
g_virus_rename_skip - Skip rename for these from/to addresses
This setting has no further documentation currently available
Syntax: g_virus_rename_skip string
g_virus_rename_skipauth - Skip rename if user sending is authenticated local user
This setting has no further documentation currently available
Syntax: g_virus_rename_skipauth bool
g_virus_report - Report detected viruses to someone
Sends an email report to the specified address when a virus comes in.
Syntax: g_virus_report string
g_virus_report_all - Report every virus using g_virus_report
This setting has no further documentation currently available
Syntax: g_virus_report_all bool
g_virus_report_user - Report virus to recipients
This setting has no further documentation currently available
Syntax: g_virus_report_user bool
g_virus_restart - Restart vpipe virus scanners
Restart vpipe virus scanners every this many items.
Syntax: g_virus_restart int
g_virus_scanner_list - List of files to be virus scanned *.exe,*.bat,etc...
Use this to over-ride the default
Syntax: g_virus_scanner_list string
g_virus_simple - Enable internal simple virus scanner
This scanner simply blocks dangerous attachments, it's fast, and effective.
Syntax: g_virus_simple bool
g_virus_simple_list - List of dangerous file extensions, *.exe,*.bat,etc...
Use this setting to replace the default list
Syntax: g_virus_simple_list string
g_virus_simple_skip - Skip simple check for from/to addresses
This setting has no further documentation currently available
Syntax: g_virus_simple_skip string
g_virus_simple_skipauth - Skip simple virus if user sending is authenticated local user
This setting has no further documentation currently available
Syntax: g_virus_simple_skipauth bool
g_virus_simple_test - Compare with avast results
This scanner simply blocks dangerous attachments, it's fast, and effective.
Syntax: g_virus_simple_test bool
g_virus_simple_zip - Check zip files for executables and block
This can be used to stop many types of viruses
Syntax: g_virus_simple_zip bool
g_virus_strangers - Use simple attachment filter for non friends
This setting can stop zero hour attacks as it blocks any attachment that might be a virus if it's not from a friend
Syntax: g_virus_strangers bool
g_vpipe_concurrent - Concurrent requests to vpipe process
Concurrent requests to vpipe process, default is 7, set to 1 to debug vpipe issues
Syntax: g_vpipe_concurrent int
g_vpipe_fail_crash - Crash if vpipe fails
Crash SurgeMail if vpipe fails. This is for debugging purposes only.
Syntax: g_vpipe_fail_crash bool
g_vpipe_notag - Disable vpipe result headers
Disable headers showing vpipe results in messages.
Syntax: g_vpipe_notag bool
g_vpipe_skip - Skip virus filter checks per IP address
Disable virus and crc checking for known safe bulk mailers that would otherwise overload the server. This setting affects the virus checker.
Example: g_vpipe_skip "20.0.0.2"
- g_virus_cmd
- virus filters (g_virus_filter)
- filter program (g_filter_pipe)
- F-Prot in daemon mode (g_virus_fprot)
Syntax: g_vpipe_skip string
g_vpipe_timeout - Timeout for firus filters (default 60s)
The timeout in second that SurgeMail will wait for a virus filter (defined by g_virus_filter) to complete. If after this time the virus filter has not responded the message will be let through and the following line logged in mail.log:
"Virus filter not responding, stuck on <msg file> allowing message through"
Syntax: g_vpipe_timeout int
Use the online HTML beautifier to maximize your web content composing efficiency.