NAME

pmg.conf - Proxmox Mail Gateway Main Configuration

SYNOPSIS

/etc/pmg/pmg.conf

DESCRIPTION

The file /etc/pmg/pmg.conf is the main configuration.

File Format

The file is divided into several section. Each section has the following format:

section: NAME
         OPTION value
         ...

Blank lines in the file separates sections, and lines starting with a # character are treated as comments and are also ignored.

Options

Section admin
advfilter: <boolean> (default = 1)

Use advanced filters for statistic.

avast: <boolean> (default = 0)

Use Avast Virus Scanner (/bin/scan). You need to buy and install Avast Core Security before you can enable this feature.

clamav: <boolean> (default = 1)

Use ClamAV Virus Scanner. This is the default virus scanner and is enabled by default.

dailyreport: <boolean> (default = 1)

Send daily reports.

demo: <boolean> (default = 0)

Demo mode - do not start SMTP filter.

email: <string> (default = admin@domain.tld)

Administrator E-Mail address.

http_proxy: http://.*

Specify external http proxy which is used for downloads (example: http://username:password@host:port/)

statlifetime: <integer> (1 - N) (default = 7)

User Statistics Lifetime (days)

Section clamav
archiveblockencrypted: <boolean> (default = 0)

Wether to block encrypted archives. Mark encrypted archives as viruses.

archivemaxfiles: <integer> (0 - N) (default = 1000)

Number of files to be scanned within an archive, a document, or any other kind of container. Warning: disabling this limit or setting it too high may result in severe damage to the system.

archivemaxrec: <integer> (1 - N) (default = 5)

Nested archives are scanned recursively, e.g. if a ZIP archive contains a TAR file, all files within it will also be scanned. This options specifies how deeply the process should be continued. Warning: setting this limit too high may result in severe damage to the system.

archivemaxsize: <integer> (1000000 - N) (default = 25000000)

Files larger than this limit won’t be scanned.

dbmirror: <string> (default = database.clamav.net)

ClamAV database mirror server.

maxcccount: <integer> (0 - N) (default = 0)

This option sets the lowest number of Credit Card or Social Security numbers found in a file to generate a detect.

maxscansize: <integer> (1000000 - N) (default = 100000000)

Sets the maximum amount of data to be scanned for each input file.

safebrowsing: <boolean> (default = 1)

Enables support for Google Safe Browsing.

Section mail
banner: <string> (default = ESMTP Proxmox)

ESMTP banner.

conn_count_limit: <integer> (0 - N) (default = 50)

How many simultaneous connections any client is allowed to make to this service. To disable this feature, specify a limit of 0.

conn_rate_limit: <integer> (0 - N) (default = 0)

The maximal number of connection attempts any client is allowed to make to this service per minute. To disable this feature, specify a limit of 0.

dnsbl_sites: <string>

Optional list of DNS white/blacklist domains (see postscreen_dnsbl_sites parameter).

dnsbl_threshold: <integer> (0 - N) (default = 1)

The inclusive lower bound for blocking a remote SMTP client, based on its combined DNSBL score (see postscreen_dnsbl_threshold parameter).

dwarning: <integer> (0 - N) (default = 4)

SMTP delay warning time (in hours).

ext_port: <integer> (1 - 65535) (default = 25)

SMTP port number for incoming mail (untrusted). This must be a different number than int_port.

greylist: <boolean> (default = 1)

Use Greylisting.

helotests: <boolean> (default = 0)

Use SMTP HELO tests.

hide_received: <boolean> (default = 0)

Hide received header in outgoing mails.

int_port: <integer> (1 - 65535) (default = 26)

SMTP port number for outgoing mail (trusted).

max_filters: <integer> (3 - 40) (default = 15)

Maximum number of pmg-smtp-filter processes.

max_policy: <integer> (2 - 10) (default = 5)

Maximum number of pmgpolicy processes.

max_smtpd_in: <integer> (3 - 100) (default = 99)

Maximum number of SMTP daemon processes (in).

max_smtpd_out: <integer> (3 - 100) (default = 99)

Maximum number of SMTP daemon processes (out).

maxsize: <integer> (1024 - N) (default = 10485760)

Maximum email size. Larger mails are rejected.

message_rate_limit: <integer> (0 - N) (default = 0)

The maximal number of message delivery requests that any client is allowed to make to this service per minute.To disable this feature, specify a limit of 0.

rejectunknown: <boolean> (default = 0)

Reject unknown clients.

rejectunknownsender: <boolean> (default = 0)

Reject unknown senders.

relay: <string>

The default mail delivery transport (incoming mails).

relaynomx: <boolean> (default = 0)

Disable MX lookups for default relay.

relayport: <integer> (1 - 65535) (default = 25)

SMTP port number for relay host.

smarthost: <string>

When set, all outgoing mails are deliverd to the specified smarthost.

smarthostport: <integer> (1 - 65535) (default = 25)

SMTP port number for smarthost.

spf: <boolean> (default = 1)

Use Sender Policy Framework.

tls: <boolean> (default = 0)

Enable TLS.

tlsheader: <boolean> (default = 0)

Add TLS received header.

tlslog: <boolean> (default = 0)

Enable TLS Logging.

verifyreceivers: <450 | 550>

Enable receiver verification. The value spefifies the numerical reply code when the Postfix SMTP server rejects a recipient address.

Section spam
bounce_score: <integer> (0 - 1000) (default = 0)

Additional score for bounce mails.

clamav_heuristic_score: <integer> (0 - 1000) (default = 3)

Score for ClamaAV heuristics (Google Safe Browsing database, PhishingScanURLs, …).

languages: (all|([a-z][a-z])+( ([a-z][a-z])+)*) (default = all)

This option is used to specify which languages are considered OK for incoming mail.

maxspamsize: <integer> (64 - N) (default = 262144)

Maximum size of spam messages in bytes.

rbl_checks: <boolean> (default = 1)

Enable real time blacklists (RBL) checks.

use_awl: <boolean> (default = 1)

Use the Auto-Whitelist plugin.

use_bayes: <boolean> (default = 1)

Whether to use the naive-Bayesian-style classifier.

use_razor: <boolean> (default = 1)

Whether to use Razor2, if it is available.

wl_bounce_relays: <string>

Whitelist legitimate bounce relays.

Section spamquar
allowhrefs: <boolean> (default = 1)

Allow to view hyperlinks.

authmode: <ldap | ldapticket | ticket> (default = ticket)

Authentication mode to access the quarantine interface. Mode ticket allows login using tickets sent with the daily spam report. Mode ldap requires to login using an LDAP account. Finally, mode ldapticket allows both ways.

hostname: <string>

Quarantine Host. Useful if you run a Cluster and want users to connect to a specific host.

lifetime: <integer> (1 - N) (default = 7)

Quarantine life time (days)

mailfrom: <string>

Text for From header in daily spam report mails.

port: <integer> (1 - 65535) (default = 8006)

Quarantine Port. Useful if you have a reverse proxy or port forwarding for the webinterface. Only used for the generated Spam report.

protocol: <http | https> (default = https)

Quarantine Webinterface Protocol. Useful if you have a reverse proxy for the webinterface. Only used for the generated Spam report.

reportstyle: <custom | none | short | verbose> (default = verbose)

Spam report style.

viewimages: <boolean> (default = 1)

Allow to view images.

Section virusquar
allowhrefs: <boolean> (default = 1)

Allow to view hyperlinks.

lifetime: <integer> (1 - N) (default = 7)

Quarantine life time (days)

viewimages: <boolean> (default = 1)

Allow to view images.

Copyright © 2007-2019 Proxmox Server Solutions GmbH

This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License along with this program. If not, see http://www.gnu.org/licenses/