phrase.conf - There are two configuration files named phrase.conf. Each is
described in its own section of this man page. The first of the two is for
setting the general scanning options for the pmx_phrase
policy test. This test
is available via the PureMessage Manager as ``Message contains word or phrase''.
The other phrase.conf is stored in the opt/pmx/etc/scanlimit.d directory
and is used to specify the actions that PureMessage should take whenever a
message attachment is deemed unscannable.
/opt/pmx/etc/phrase.conf
- per_attachment_byte_limit
-
The maximum number of bytes of text in any one attachment that PureMessage
will scan. The default is 64 KB.
- per_message_time_limit
-
The maximum of amount of time, in seconds, that PureMessage will continue to scan
an attachment. The default is 256 seconds.
/opt/pmx/etc/scanlimit.d/phrase.conf
- <scan_failed_action Action>
-
Specifies what action
pmx_cantscan
should take if pmx_phrase
fails to scan a message attachment. Failure codes are returned
whenever an attachment cannot be scanned. Some common failure
codes are:
- SOPHOS_SAVI_FILE_ENCRYPTED
-
The attachment was encrypted. Password-protected archives will trigger this
failure code.
- SOPHOS_SAVI_FILE_CORRUPT
-
The attachment was corrupted in some way.
- SOPHOS_SAVI_FILE_TIMEOUT
-
The attachment took too long to scan.
- SOPHOS_SAVI_NOT_SUPPORTED
-
The file format is unknown.
- SOPHOS_SAVI_MAX_BYTE_LIMIT_EXCEEDED
-
Scanning was aborted because the maximum bytes of text per attachment was
exceeded.
- SOPHOS_SAVI_RECURSION_LIMIT
-
The configured number of recursive scans to perform was exceeded while
searching a message attachment.
- SOPHOS_SAVI_SCAN_ABORTED
-
The file could not be scanned due an internal failsafe mechanism in the
scanning engine.
- SOPHOS_CC_NUMBER_LIMIT
-
The number of sections that could potentially contain a credit card number
has exceeded the value set in creditcard.conf.
A scan_failed_action
section contains the following:
- id = FAILURE_CODE
-
Each section can contain one
id
, specifying which failure condition to take
action upon. A definition of that identifier follows. A particular failure code
can only have one associated action.
- description = ``The description associated with this error''
-
Some text that describes the error. This text replaces occurrences of
%%DESC%% in the relevant template.
- action = (allow | deny)
-
The action can be either 'allow' or 'deny'.
-
What action should be taken for this failure code. The default is 'allow'. If
a message matches more than one failure code, a 'deny' action always overrides
any other actions. Also, if the message contains unscannable parts, the action
is always 'deny'.
- allow
-
This value tells
pmx_phrase
to ignore this failure code and allow the data
to pass through.
- deny
-
This value indicates that
pmx_phrase
should replace the message part with a
template.
-
It also causes pmx_phrase
to return false.
- template = scanlimit.d/cantscan.tmpl
-
The filename of the template to use with this action. The default
template is cantscan.tmpl for all actions except SOPHOS_CC_NUMBER_LIMIT, which
uses the creditcard.d/limit_exceeded.tmpl template. If a full path is not
specified, PureMessage searches the etc/scanlimit.d directory, then the
opt/pmx/etc/templates/<language>/scanlimit.d directory for the
cantscan.tmpl template. In the case of the limit_exceeded.tmpl template,
PureMessage searches the same locations, except in the creditcard.d
subdirectory. The language-specific path used in this search is taken from the
language
setting above.
- </scan_failed_action>
Copyright (C) 2000-2008 Sophos Group. All rights reserved. Sophos and
PureMessage are trademarks of Sophos Plc and Sophos Group.