policy.siv

Displays the new actions added in policy.siv

require "PureMessage";

# Mark the subject (for both incoming and outgoing messages)
pmx_mark "s" "%%SUBJECT:h_utf8%%";
# attr NAME=Mail from internal hosts
if pmx_relay :memberof "internal-hosts" {
  if not pmx_delayed_mail {
    # The 'pmx-mlog-watch' depends on this to know which messages
    # are outgoing and which are not.
    pmx_mark1 "i";
    # attr NAME=Check for mail containing viruses
    if pmx_virus {
      # attr LICENSE=PureMessage::Policy::Virus
      # attr NAME=Allow unscannable messages to pass through
      if pmx_virus_cantscan {
          pmx_replace_header :index 0 "X-PMX-Virus" "Unscannable";
          pmx_replace_header :index 0 "Subject" "[POTENTIAL VIRUS] %%SUBJECT%%";
          pmx_mark "pmx_reason" "Unscannable";
      }
      # attr NAME=Reject mail containing viruses
      else {
          pmx_mark "pmx_reason" "Virus";
          reject "Virus(es) (%%VIRUS_IDS%%) were detected in the message.";
          stop;
      }
    }
  }
}
# attr NAME=Mail from external hosts
else {
  if not pmx_delayed_mail {
    pmx_add_header "X-PMX-Version" "%%PMX_VERSION%%";
    pmx_mark "Size" "%%MESSAGE_SIZE%%";
    # attr NAME=Quarantine blocked IP addresses (Sophos Blocklist)
    if pmx_blocklist {
      pmx_mark "pmx_reason" "Block List";
      pmx_quarantine "Blocked";
      stop;
    }
    # attr NAME=Check for mail containing viruses
    if pmx_virus {
      # attr LICENSE=PureMessage::Policy::Virus
      # attr NAME=Allow unscannable messages to pass through
      if pmx_virus_cantscan {
        pmx_replace_header :index 0 "X-PMX-Virus" "Unscannable";
        pmx_replace_header :index 0 "Subject" "[POTENTIAL VIRUS] %%SUBJECT%%";
        pmx_mark "pmx_reason" "Unscannable";
      }
      # attr NAME=Quarantine mail containing viruses
      else {
        pmx_mark "pmx_reason" "Virus";
        pmx_quarantine "Virus";
        stop;
      }
    }
    # attr NAME=Quarantine mail containing suspicious attachments
    if pmx_suspect_attachment :tft {
      pmx_mark "pmx_reason" "Suspect";
      pmx_quarantine "Suspect";
      stop;
    }
    # attr NAME=Deliver mail from whitelisted hosts and senders
    if anyof(pmx_relay :memberof "whitelisted-hosts",
      address :all :memberof "From" "whitelisted-senders",
      envelope :memberof "From" "whitelisted-senders",
      address :all :memberof "From" "whitelisted-senders-per-user",
      envelope :memberof "From" "whitelisted-senders-per-user")
    {
      pmx_mark "pmx_reason" "Allow List";
      keep;
      stop;
    }
    # attr NAME=Deliver mail to anti-spam opt-outs
    if envelope :memberof "to" "anti-spam-optouts" {
      pmx_mark "pmx_reason" "Opt Out";
      keep;
      stop;
    }
    # attr NAME=Quarantine mail from blacklisted hosts and senders
    if anyof(pmx_relay :memberof "blacklisted-hosts",
      address :all :memberof "From" "blacklisted-senders",
      envelope :memberof "From" "blacklisted-senders",
      address :all :memberof "From" "blacklisted-senders-per-user",
      envelope :memberof "From" "blacklisted-senders-per-user")
    {
      pmx_mark "pmx_reason" "Block List";
      pmx_quarantine "Blacklisted";
      stop;
    }
  }
  # import levels here
  # attr NAME=Copy to quarantine and deliver if spam probability is 50% or more
  if not pmx_spam_prob :under 50 {
    pmx_replace_header :index 0 "X-PMX-Spam" "Probability=%%PROB%%";
    pmx_mark "pmx_reason" "Spam";
    pmx_file "Spam";
    pmx_replace_header :index 0 "Subject" "[SPAM:%%GAUGE%%] %%SUBJECT%%";
    stop;
  }
  # attr NAME=Add X-Header and deliver messages
  else {
    if pmx_spam_hit :comparator "i;ascii-casemap" :matches ["DQ_SUSP_?"] {
        pmx_suspect_delay;
        # stop; is implicit
    }
    pmx_mark "pmx_reason" "Legitimate";
    pmx_replace_header :index 0 "X-PMX-Spam" "Probability=%%PROB%%";
    stop;
  }
}