##
## RBL Spam Daemon configuration
## See README for more information or help
##

# server: Sets rblsd up to listen on a specified interface and port.  You can
# have rblsd listen to as many ports as you like, just add more server lines
# to do so.  If you specify more than one interface-port pair on a line, then
# rblsd will listen on the first one that it can from that line.  In order to
# specify all interfaces available, use an asterisk ('*').

# Note that if you restart rblsd, it will run on the same ports that it was
# originally started with, so in order to change what it listens to, you must
# kill rblsd and run it again.  Also note that using 127.0.0.1 is recommended
# since then, only clients from the local machine will be able to connect to
# it.

server 127.0.0.1, 784, 127.0.0.1, 7840		# Tries port 784.  If it can't
						# get it, tries port 7840.


# accept/deny: Sets up access rules to the daemon.  When a connection comes in,
# rblsd will find the first rule that matches the IP address, and either allow
# or close the connection based on these rules.  The default rule is to allow.
# Note that you can use as many accept/deny lines as you want, and you can
# specify multiple rules per line (eg: accept 127/8, 10/8)

accept 127/8
deny 0/0


# group/user: Sets the uid and gid that the daemon process is to run under.  You
# can use the name of the user or group (eg: "bin") or the pid or gid (eg: 10).
# If these are not present, or are set to null, then rblsd will run the daemon as
# the user who started it.

#Group = "bin"
#User = "bin"


# pidfile: Upon starting, rblsd will write the process ID number of the server
# to this file, if it is specified, and non-null.

#PidFile = "/var/run/rblsd.pid"


# runasdaemon: If set to true, rblsd will fork and run in the background;
# otherwise, it will run in the foreground (and won't do very much).

RunAsDaemon = true


# restartperiod: After running for this amount of time, rblsd will automatically
# restart itself.  See the README file for more information on what the restart
# entails, and how numeric values work (sections 7 and 5.2, respectively).  If
# you set this to zero or null, rblsd will not restart automatically.

RestartPeriod = 1 month


# resolvetimeout: The time to wait for a response to a DNS (RBL) query.

ResolveTimeout = 10 seconds


# requestsize: The maximum size that the spamc protocol request can be.

RequestSize = 2 kilobytes


# requestheadersize: The maximum size that mail message headers can be.

RequestHeaderSize = 8 kilobytes


# requestmessagesize: The maximum size that mail message bodies can be.

RequestMessageSize = 8 megabytes


# clienttimeout/clientextratime: ClientTimeout is the maximum time a client
# can be connected to the server, without completing a request.  As soon as
# this timeout expires, if the request is incomplete, the client is dropped.
# Once the client completes a request, the server has the amount of time
# specified by ClientExtraTime to respond.  If for some reason the server does
# not respond in that amount of time, the client is dropped.  This doesn't
# happen, but if things get crazy, it might.

ClientTimeout = 10 seconds
ClientExtraTime = 1 minute


# maxclients/maxlookups: MaxClients is the maximum number of clients that rblsd
# may serve at one time.  MaxLookups is the maximum number of concurrent DNS
# lookups at any one time.

MaxClients = 10
MaxLookups = 30


# entryttl: rblsd stores all of its results in its own cache.  While this cache
# is great for performance, it tends to accumulate a lot of entries, and take
# up a lot of space.  The value given by EntryTtl is the maximum amount of time
# that an entry may live in the cache before it is either removed (by periodic
# self-cleanups) or looked up again.  Setting this to zero or null means that
# the cache will never remove entries.

EntryTtl = 18 hours


# on: Custom IP rules.  See README, section 5.7 for more information.

on 127/8, omit
on 10/8, omit
on 172.16/12, omit
on 192.168/16, omit


# leveloftrust/omitlast/checkatleast: Specify the number of IPs to read from
# message headers.  This is a little too complicated to explain in the
# comments, so refer to README section 5.6 for more information.

LevelOfTrust = 4
OmitLast = 1
CheckAtLeast = 1


# protectwhitelists: If you use RBL whitelists, and you do not want any
# protection from header forgery, then change this to no.  With this set
# to yes, rblsd will not count rbl hits that are less than zero if they
# are found after IP addresses with rbl hits greater than zero.  This
# situation is a good indication of header forgery.

ProtectWhitelists = yes


# listfile: This will load email address black/whitelists from the specified
# file.  The file specifies black/whitelist masks in the same manner as
# SpamAssassin.  You can point this to your SpamAssassin config file (the one
# with all the blacklist_to/whitelist_from/etc lines) and all of your normal
# black and whitelists will be loaded.  For more information on the format of
# this file, see the file 'example.cf'.

#listfile 'example.cf'


# rbl: The RBL's to use.  The first argument is the name, and the second is
# the score added to the message if a message contains an IP address on that
# list.  Note that a message can have multiple hits, so the scores add up.

# rblsd owes all of its accuracy to the maintainers of the RBL's that it uses.
# Not only are you becoming a user of rblsd, but you are also becoming a user
# of whichever RBL's you choose (for a complete list, see rbls.org).  I feel
# that the RBL's listed here are the top RBL's to use.  Please take a few
# minutes to visit each one's website and learn more about each service before
# choosing the ones you wish to use.

# MAPS RBL - http://www.mail-abuse.com/services/mds_rbl.html
# The first RBL service - now commercial.  See the site for more information.

# SpamCop - http://www.spamcop.net/bl.shtml
#rbl "bl.spamcop.net", 1

# SpamHaus - http://www.spamhaus.org/sbl/index.lasso
#rbl "sbl.spamhaus.org", 1

# Not Just Another Bogus List - http://www.njabl.org/
#rbl "dnsbl.njabl.org", 1

# Blitzed.org Open Proxy Monitor - http://opm.blitzed.org/info
#rbl "opm.blitzed.org", 1

# SORBS - http://www.dnsbl.sorbs.net/
#rbl "dnsbl.sorbs.net", 1

# Distributed Server Boycott List - http://dsbl.org/main
#rbl "list.dsbl.org", 1


# spamthreshold: The main knob.  Any message with a score greater than or
# equal to this number will be treated as spam.  In my experience with
# rblsd, 1 seems to be the right number.  While this is surprisingly low,
# it is highly effective.  I have never gotten a false positive with this
# setting, and out of everyone on my mail server, one person has a contact
# that regularly gets blocked, but this has since been corrected with
# whitelisting.  If it is too sensitive, then try using whitelists,
# or changing RBL's before adjusting this, in order to get the most out of
# rblsd.

SpamThreshold = 1


# neutralizethreshold: When a message has a score greater than or equal to
# this number, its content-type will be changed to text/plain.  This will
# effectively neutralize the message, ie remove colored text, links, and
# pictures (beacons -- cause you receive more spam).  If this is set to
# null, this has no effect (0 sets the threshold to 0 -- bad).

NeutralizeThreshold = 1


# spamlinesthreshold: When a message has a score greater than or equal to
# this number, rblsd will insert lines at the beginning of the message (they
# start with "SPAM:") that give a more detailed account of why the message
# was blocked.  If this is set to null, it has no effect.  Note that when
# the SPAM: lines are used, the message is automatically neutralized.

SpamLinesThreshold = 2


# spamsubjectprefix/subjectthreshold: When a message has a score greater than
# or equal to SubjectThreshold, rblsd will prepend SpamSubjectPrefix (followed
# by a space) to the message subject.  If either of these two values are null
# then neither has any effect.

#SpamSubjectPrefix = "**SPAM**"
#SubjectThreshold = 1


# spamlevelstring/hitsperlevelstring: For every HitsPerLevelString in the
# message's score, the SpamLevelString will be added to the X-Spam-Level
# header.  In the default setup, for every one point in the message's score,
# there will be one more '#' in the header.  The two can be manipulated to
# increase fractionally if desired.  If SpamLevelString is null, then the
# X-Spam-Level header will be omitted entirely.

SpamLevelString = "#"
HitsPerLevelString = 1


# usespamheaders: Whether or not to use the X-Spam-Status header.

UseSpamHeaders = yes