This is the default policy enabled for PureMessage. To view the Sieve code, click see the source on the Policy tab of the PureMessage Manager. To edit the Sieve code directly, open the policy.siv file found in /opt/pmx/etc.
require "PureMessage"; # The 'pmx-test-mark' command is needed for the sample messages sent # by the pmx-test program to be recognized. For sites running with # high-mail volumes it might be a good idea to disable this action as # it prevents the relay tests from running as early as they otherwise # could. See 'perldoc pmx-policy' for details about this command. pmx_test_mark; # Mark the subject (for both incoming and outgoing messages) pmx_mark "S" "%%SUBJECT:h_utf8%%"; # attr NAME=Mail from internal hosts if pmx_relay :memberof "internal-hosts" { # The 'pmx-mlog-watch' depends on this to know which messages # are outgoing and which are not. pmx_mark1 "i"; # attr NAME=Check for mail containing viruses if pmx_virus { # attr LICENSE=PureMessage::Policy::Virus # attr NAME=Allow unscannable messages to pass through if pmx_virus_cantscan { pmx_replace_header :index 0 "X-PMX-Virus" "Unscannable"; pmx_replace_header :index 0 "Subject" "[POTENTIAL VIRUS] %%SUBJECT%%"; pmx_mark "pmx_reason" "Unscannable"; } # attr NAME=Reject mail containing viruses else { pmx_mark "pmx_reason" "Virus"; reject "One or more viruses (%%VIRUS_IDS%%) were detected in the message."; stop; } } } # attr NAME=Mail from external hosts else { pmx_add_header "X-PMX-Version" "%%PMX_VERSION%%"; pmx_mark "Size" "%%MESSAGE_SIZE%%"; # attr NAME=Quarantine blocked IP addresses (Sophos Blocklist) if pmx_blocklist { pmx_mark "pmx_reason" "Block List"; pmx_quarantine "Blocked"; stop; } # attr NAME=Check for mail containing viruses if pmx_virus { # attr LICENSE=PureMessage::Policy::Virus # attr NAME=Allow unscannable messages to pass through if pmx_virus_cantscan { pmx_replace_header :index 0 "X-PMX-Virus" "Unscannable"; pmx_replace_header :index 0 "Subject" "[POTENTIAL VIRUS] %%SUBJECT%%"; pmx_mark "pmx_reason" "Unscannable"; } # attr NAME=Quarantine mail containing viruses else { pmx_mark "pmx_reason" "Virus"; pmx_quarantine "Virus"; stop; } } # attr NAME=Quarantine mail containing suspicious attachments if pmx_suspect_attachment :tft { pmx_mark "pmx_reason" "Suspect"; pmx_quarantine "Suspect"; stop; } # attr NAME=Deliver mail from whitelisted hosts and senders if anyof(pmx_relay :memberof "whitelisted-hosts", address :all :memberof "From" "whitelisted-senders", envelope :memberof "From" "whitelisted-senders", address :all :memberof "From" "whitelisted-senders-per-user", envelope :memberof "From" "whitelisted-senders-per-user") { pmx_mark "pmx_reason" "Allow List"; keep; stop; } # attr NAME=Deliver mail to anti-spam opt-outs if envelope :memberof "to" "anti-spam-optouts" { pmx_mark "pmx_reason" "Opt Out"; keep; stop; } # attr NAME=Quarantine mail from blacklisted hosts and senders if anyof(pmx_relay :memberof "blacklisted-hosts", address :all :memberof "From" "blacklisted-senders", envelope :memberof "From" "blacklisted-senders", address :all :memberof "From" "blacklisted-senders-per-user", envelope :memberof "From" "blacklisted-senders-per-user") { pmx_mark "pmx_reason" "Block List"; pmx_quarantine "Blacklisted"; stop; } # import levels here # attr NAME=Copy to quarantine and deliver if spam probability is 50% or more if not pmx_spam_prob :under 50 { pmx_replace_header :index 0 "X-PMX-Spam" "Gauge=%%SGAUGE%%%%IGAUGE%%, Probability=%%PROB%%, Report='%%HITS%%'"; pmx_mark "pmx_reason" "Spam"; pmx_file "Spam"; pmx_replace_header :index 0 "Subject" "[SPAM:%%GAUGE%%] %%SUBJECT%%"; stop; } # attr NAME=Add X-Header and deliver messages else { pmx_mark "pmx_reason" "Legitimate"; pmx_replace_header :index 0 "X-PMX-Spam" "Gauge=%%SGAUGE%%%%IGAUGE%%, Probability=%%PROB%%, Report='%%HITS%%'"; stop; } }