policy.siv

Displays the new actions added in policy.siv.

require "PureMessage";

# Mark the subject (for both incoming and outgoing messages)

pmx_mark "s" "%%SUBJECT:h_utf8%%";

# attr NAME=Mail from internal hosts

if pmx_relay :memberof "internal-hosts" {
  if not pmx_delayed_mail {

# The 'pmx-mlog-watch' depends on this to know which messages are outgoing and which are not.

pmx_mark1 "i";

# attr NAME=Check for mail containing viruses

if pmx_virus {

# attr LICENSE=PureMessage::Policy::Virus

# attr NAME=Allow unscannable messages to pass through

if pmx_virus_cantscan {
          pmx_replace_header :index 0 "X-PMX-Virus" "Unscannable";
          pmx_replace_header :index 0 "Subject" "[POTENTIAL VIRUS] %%SUBJECT%%";
          pmx_mark "pmx_reason" "Unscannable";
          }

# attr NAME=Reject mail containing viruses

else {
          pmx_mark "pmx_reason" "Virus";
          reject "Virus(es) (%%VIRUS_IDS%%) were detected in the message.";
          stop;
      }
    }
  }
}

# attr NAME=Mail from external hosts

else {
  if not pmx_delayed_mail {
    pmx_add_header "X-PMX-Version" "%%PMX_VERSION%%";
    pmx_mark "Size" "%%MESSAGE_SIZE%%";

# attr NAME=Quarantine blocked IP addresses (Sophos Blocklist)

if pmx_blocklist {
      pmx_mark "pmx_reason" "Block List";
      pmx_quarantine "Blocked";
      stop;
      }

# attr NAME=Check for mail containing viruses

if pmx_virus {

# attr LICENSE=PureMessage::Policy::Virus

# attr NAME=Allow unscannable messages to pass through

if pmx_virus_cantscan {
        pmx_replace_header :index 0 "X-PMX-Virus" "Unscannable";
        pmx_replace_header :index 0 "Subject" "[POTENTIAL VIRUS] %%SUBJECT%%";
        pmx_mark "pmx_reason" "Unscannable";
        }

# attr NAME=Quarantine mail containing viruses

else {
        pmx_mark "pmx_reason" "Virus";
        pmx_quarantine "Virus";
        stop;
      }
    }

# attr NAME=Quarantine mail containing suspicious attachments

if pmx_suspect_attachment :tft {
      pmx_mark "pmx_reason" "Suspect";
      pmx_quarantine "Suspect";
      stop;
    }

# attr NAME=Deliver mail from whitelisted hosts and senders

if anyof(pmx_relay :memberof "whitelisted-hosts",
      address :all :memberof "From" "whitelisted-senders",
      envelope :memberof "From" "whitelisted-senders",
      address :all :memberof "From" "whitelisted-senders-per-user",
      envelope :memberof "From" "whitelisted-senders-per-user")
    {
      pmx_mark "pmx_reason" "Allow List";
      keep;
      stop;
    }

# attr NAME=Deliver mail to anti-spam opt-outs

if envelope :memberof "to" "anti-spam-optouts" {
      pmx_mark "pmx_reason" "Opt Out";
      keep;
      stop;
    }

# attr NAME=Quarantine mail from blacklisted hosts and senders

if anyof(pmx_relay :memberof "blacklisted-hosts",
      address :all :memberof "From" "blacklisted-senders",
      envelope :memberof "From" "blacklisted-senders",
      address :all :memberof "From" "blacklisted-senders-per-user",
      envelope :memberof "From" "blacklisted-senders-per-user")
    {
      pmx_mark "pmx_reason" "Block List";
      pmx_quarantine "Blacklisted";
      stop;
    }
    }

# import levels here

# attr NAME=Copy to quarantine and deliver if spam probability is 50% or more

if not pmx_spam_prob :under 50 {
    pmx_replace_header :index 0 "X-PMX-Spam" "Probability=%%PROB%%";
    pmx_mark "pmx_reason" "Spam";
    pmx_file "Spam";
    pmx_replace_header :index 0 "Subject" "[SPAM:%%GAUGE%%] %%SUBJECT%%";
    stop;
    }

# attr NAME=Add X-Header and deliver messages

else {
    if pmx_spam_hit :comparator "i;ascii-casemap" :matches ["DQ_SUSP_?"] {
     pmx_suspect_delay;

# stop; is implicit

}
    pmx_mark "pmx_reason" "Legitimate";
    pmx_replace_header :index 0 "X-PMX-Spam" "Probability=%%PROB%%";
    stop;
  }
  }