#################################### # Mandatory options for MIMEDefang # #################################### # PID directory PIDDIR='/run/MIMEDefang' # spool directory SPOOLDIR='/var/spool/MIMEDefang' # The socket used by mimedefang to communicate with the sendmail binary. # You can leave this commented out. # SOCKET="${SPOOLDIR}/mimedefang.sock" # The socket used by the multiplexor. # You can leave this commented out. # MX_SOCKET="${SPOOLDIR}/mimedefang-multiplexor.sock" ######################################## # Additional options for MIMEDefang # # For a list of all of them: # # man mimedefang (MD_OPTS) # # man mimedefang-multiplexor (MX_OPTS) # ######################################## ############# # MD_MX_OPTS: common options to both processes. ############# # Run the multiplexor and filters as this user, not root (RECOMMENDED). MD_MX_OPTS+=' -U defang' # Syslog facility # MD_MX_OPTS+=' -S mail' ########## # MD_OPTS: mimdefang options. ########## # Number of workers reserved for connections from loopback. Use -1 # for default behaviour, 0 to allow loopback connections to queue, # or >0 to reserve workers for loopback connections MD_OPTS+=' -R -1' # If you want to keep spool directories around if the filter fails, # add the -k option. # MD_OPTS+=' -k' # Turns on the multiplexor relay checking function # MD_OPTS+=' -r' # Turns on the multiplexor HELO checking function # MD_OPTS+=' -H' # Turns on the multiplexor sender checking function # MD_OPTS+=' -s' # Turns on the multiplexor recipient checking function # MD_OPTS+=' -t' # Extra sendmail macros to pass. # MD_OPTS+=' -a auth_author' # Do not reveal info via X-Scanned-By header (recommended). MD_OPTS+=' -X' ########## # MX_OPTS: mimdefang-multiplexor options. ########## # multiplexor logs events to syslog MX_OPTS+=' -l' # Use an embedded Perl interpreter # MX_OPTS+=' -E' # Set to full path of socket for Sendmail's SOCKETMAP map, if you # want to use it with MIMEDefang # MX_OPTS+=("-N ${SPOOLDIR}/map.sock") # The multiplexor does not start all workers at the same time. Instead, # it starts one worker every X seconds when the system is idle. # If the system is busy, the multiplexor starts workers as incoming mail # requires attention. # MX_OPTS+=' -w 3' # The next setting is an absolute limit on worker activation. The multiplexor # will NEVER activate a worker within X seconds of another. # The default of zero means that the multiplexor will activate workers as # quickly as necessary to keep up with incoming mail. # MX_OPTS+=' -W 0' # The multiplexor can log stats to a file (eg. /var/log/mimedefang/stats). # The log directory must exist and be writable by the user you're running # MIMEDefang as. # MX_OPTS+=' -t /var/log/mimedefang/stats' # The stats file can be flushed after each entry. # MX_OPTS+=' -u' # The multiplexor can log stats to syslog. # MX_OPTS+=' -T' # Maximum # of requests a process handles. # MX_OPTS+=' -r 200' # Minimum number of processes to keep. The default of 0 is probably # too low; we suggest 2 instead. MX_OPTS+=' -m 2' # Maximum number of processes to run (mail received while this many # processes are running is rejected with a temporary failure, so be # wary of how many emails you receive at a time). This applies only # if you DO use the multiplexor. The default value of 2 is probably # too low; we suggest 10 instead. MX_OPTS+=' -x 10' # Uncomment to log worker status; it will be logged every X seconds. # MX_OPTS+=' -L 30' # Uncomment next line to have busy workers send status updates to the # multiplexor. NOTE: Consumes one extra file descriptor per worker, plus # a bit of CPU time. # MX_OPTS+=' -Z' # Limit worker processes' resident-set size to this many kilobytes. Default # is unlimited. # MX_OPTS+=' -R 10000' # Limit total size of worker processes' memory space to this many kilobytes. # Default is unlimited. # MX_OPTS+=' -M 30000' # If you want to use the "notification" facility, set the appropriate port. # See the mimedefang-notify man page for details. # MX_OPTS+=' -O inet:4567' # Number of seconds a process should be idle before checking for # minimum number and killed. # MX_OPTS+=' -i 300' # Number of seconds a process is allowed to scan an email before it is # considered dead. The default is 30 seconds; we suggest 600. MX_OPTS+=' -b 600' # Multiplexor queue size -- default is 0 (no queueing) # MX_OPTS+=' -q 10' # Multiplexor queue timeout -- default is 30 seconds # MX_OPTS+=' -Q 30' # SUBFILTER -F option specifies which filter rules file to use # MX_OPTS+=' -F /etc/mail/mimedefang-filter' ########################### # Upstream recommendation # ########################### # Locale should be set to "C" for generating valid date headers LC_ALL=C export LC_ALL