|
History
-
Disable history for inbound or outbound messages
KeepMessageFileInbound=False
KeepMessageFileOutbound=False
-
Copy only messages for for specific domains
KeepMessageFileInboundToAddress=@example1.com
KeepMessageFileInboundToAddress=@example.2com
KeepMessageFileOutboundFromAddress=@example1.com
KeepMessageFileOutboundFromAddress=@example2.com
White List
-
Exclude messages from being added to the white list
OutboundAddressWhiteListExclFromAddress=@example1.com
OutboundAddressWhiteListExclToAddress=@example.2com
OutboundAddressWhiteListExclSubject=SomeText
eFax
-
Convert an Exchange IMCEAFAX address to a eFax SMTP address
SMTPAddressFaxTranslation=True
SMTPAddressFaxTranslationDomain=efaxsend.com
In Exchange you need to add the FAX address space to the SMTP connector so that Exchange send FAX messages to XWall.
In Outlook you can select a FAX address from a Contact or you use the extended format:
“[fax:Donald Duck@+45 1020 3040]”
eFax is available from www.eFaxCorporate.com
Bandwidth Throttling
-
Limit the bandwidth to send or receive the data part of a message
InboundSMTPBandwidthThrottling=65536
OutboundSMTPBandwidthThrottling=65536
The bandwidth is in bytes per second.
Common values are:
|
64 |
kbit/s |
ISDN Single |
8192 |
bytes/sec |
|
128 |
kbit/s |
ISDN Dual |
16384 |
bytes/sec |
|
256 |
kbit/s |
ADSL Upload |
32768 |
bytes/sec |
|
512 |
kbit/s |
ADSL Upload |
65536 |
bytes/sec |
|
1 |
Mbit/s |
ADSL
Download |
131072 |
bytes/sec |
|
4 |
Mbit/s |
Line |
524288 |
bytes/sec |
Inbound
SMTP
-
SMTP banner
SMTPTextBanner=WhatEverYouWant
This changes the greeting line that XWall sends to the client after the SMTP connection is established.
-
General information for Greylisting, SLS and SPF
SMTPTextGrey=WhatEverYouWant
SMTPTextSLS=WhatEverYouWant
SMTPTextSPF=WhatEverYouWant
-
Inbound SMTP authentication using a custom application
InboundSMTPAuthApp=True
InboundSMTPAuthAppExe=sample.exe
InboundSMTPAuthAppArg=<USER> <PASSWORD>
InboundSMTPAuthAppExeVerbose=True
The application gets the user and password and must return an error level of zero.
-
Inbound SMTP authentication proxy against Exchange
InboundSMTPAuthProxy=True
After XWall got the user and password from the sender, it opens a new SMTP connection to Exchange and attempt to logon using the credentials. If Exchange accepts them, then XWall itself accepts them from the sender.
-
Inbound SMTP recipient verification against Exchange
ExchInboundEMailAddressQuery=True
ExchInboundEMailAddressQueryInternal=True
After the sending server issued the RCPT TO: with the recipients e-mail address, XWall opens a new SMTP connection to Exchange and send the RCPT TO: with the recipients e-mail address to Exchange. If Exchange accepts the recipient, then XWall knows that the recipient is valid and accepts the message from the sender.
-
Don't enforce a FQDN after the HELO / EHLO command
InboundESMTPEnforceFQDN=False
The RFC requires that the HELO / EHLO command is followed by a FQDN and XWall will not accept a HELO / EHLO without the FQDN. However, some mail clients are not sending a FQDN and so they are not able to send to XWall without disabling it.
-
Add a delay of 3 seconds after the MAIL FROM and RCPT TO command
InboundSMTPThrottling=3
Spammers are trying to send their spam as fast as possible and usually have a limit on how much time they want to spend to send an email. Inserting a delay between after the command makes the connection slower and so an impatient sender will simply give up.
-
Maximum message count in a single SMTP session
InboundSMTPMaxMsgCount=5000
By default XWall accepts 5000 messages in a single SMTP session.
-
Maximum recipient count in a single message
InboundSMTPMaxSendToMessage=5000
By default XWall accepts 5000 recipients in a single message.
-
Maximum bad recipient count in a single SMTP session
InboundSMTPMaxBadMailSession=50
XWall closes the connection after the sending MTA sent that many RCPT TO: with an bad e-mail address. By default XWall slows
down, but doesn't close the connection after 50 bad e-mail addresses.
Don't set this value to low, because else you might have a problem getting newsletters.
Outbound SMTP
-
Route outbound messages based on the MAIL FROM e-mail address
FromStaticRoute=newsletter@mydomain.com.au:smarthost.somewhere.com:0
Send all messages from an e-mail address to a specific smart host.
The double colon is the field delimiter, the first field is the from address, the second field is the smart host, the third
field is ignored.
-
Set how many outbound connections for each priority XWall should create
SMTPSubObjectMax=1
ExchSubObjectMax=1
By default XWall creates one connection to each host for each priory and all messages with the same priority are sent serial. This settings allows you to set how many connection for the same priority XWall creates.
Connection Statistic
-
Dumps the connection statistic to the logfile every x minute
( MBAdmin Signale->Dump Connection Statistic)
DumpConnectionStatisticLogEvery=5
This settings dumps the connection statistic to the logfile every 5 minute.
This is useful for collecting statistic data over along time period.
Bind to IP Address and/or Port
-
Bind XWall to IP address and/or port
SMTPIPAddress2=0.0.0.0:23
SMTPIPAddress2=10.1.176.22:23
This first sample binds XWall to port 23 on any
IP.
The second sample binds XWall to port 23 on IP
10.1.176.22
Note: Repeat the lines for additional
bindings
-
Bind to port 587 for Apple iPhone
SMTPIPAddress2=0.0.0.0:587
Apple iPhone supports
RFC
4409 - Message Submission for Mail and so it
expects to find the SMTP server at port 587 and
not at the default port 25
Note: You also need to enable inbound
authentication in
Options->General->Authentication
Backup MX
-
Backup MX
InboundDomainMX=192.116.177.10
This settings tells that a backup MX is running on 192.116.177.10. To
define a second backup MX, add a second line
with a different ip address.
By default XWall queries the name server for the
backup MX for the domain. XWall excludes the
backup MX from some spam checking, like
Greylisting. Also the IP of the backup MX is
ignored when XWall scans the Received: lines of
the message header for the IP address of the
sender.
Processing messages
-
Define a inbound size limit for an e-mail
address
InboundSizeLimitUser=user1@domain1.com:500000
InboundSizeLimitUser=user2@domain1.com:300000
This tells XWall that this e-mail addresses
have a special size limit and that this limit
overrules the global size limit. You can use
wildcards in the e-mail address and the first
one limit that matches will be used.
-
Define a inbound and outbound limit for message payload
InboundPayloadLimit=500000
OutboundPayloadLimit=500000
The message payload is calculated using the formula: message size in bytes x recipient count
If the payload is above the limit, then XWall rejects the message during the SMTP session.
-
Inbound and outbound reassemble message
InboundAssembleHdr=X-SomeHeader
InboundAssembleHdr=X-AnotherHeader
OutboundAssembleHdr=X-SampleHeader
OutboundAssembleHdr=X-AnotherSample
This setting tells XWall to adopt the header
lines in case they exist in the original
message.
BBy default XWall removes all
unknown or unsafe header lines lines when
reassembling a message. The reason is to
safeguard from attacks with spoofed or faked
headers lines.
-
Disable DSN to NEVER and/or MAIL FROM to a NULL-address for spam and OOF
InboundDSNNeverOnOFOAndSpam=False
OutboundDSNNeverOnOFO=False
By default XWall sets DSN to NEVER and/or MAIL FROM to a NULL-address for spam and out-of-office messages. This is to avoid automatic
answers and out-of-office messages as a reply to a spam message. This setting disables this and sends spam messages as normal
messages.
-
Add a header line to every message where the
action was triggered
InboundSpamHeader=X-SomeHeader: AnyData
By default XWall adds the X-XWall-Spam:
header line to every message where the action
was triggered. This setting let's you add your
own header line. This is useful if you want to
create some special rules in your e-mail client
or for e-mail clients that expect a fixed header
line like GroupWise.
-
Block outbound messages that are not from an internal domain
OutboundBlockAddressOnlyInternal=True
As spam typically originates from random sender addresses, this can be used to filter outgoing spam that are originated by a
user that uses XWall as a relay.
Note: This also blocks auto-forwarded mails. As a consequence, this is the end of auto-forwarder loops, too. Some users will be
disappointed that their forwarders to external web mailers are stopped, but administrators have one less issue to worry about.
-
Reject internal From: address during the
SMTP session
InboundBlockFromUsSMTPLevel=True
If
Check if the message has an internal From:
address is enabled, then this setting
rejects the message during the SMTP session.
Note: An exclusion for the
recipients address will not work, because the
message is rejected before the recipients
address is known.
Startup
- Send a message to postmaster after XWall is started
(start service or mbserver.exe)
SendStartup=True
XWall sends a message to postmaster after all configuration checking is done.
SendStartupTo=other@domain.com
By default the messages is sent to postmaster, but this is where you can define an alternate address.
- Send a message to postmaster after XWall is
restarted
(internal restart because the configuration has
changed )
SendStartupAlways=True
XWall sends a message to postmaster after all configuration checking is done.
SendStartupTo=other@domain.com
By default the messages is sent to postmaster, but this is where you can define an alternate address.
- Send a message to postmaster after XWall is started when there is a configuration error or warning
SendStartupWarn=True
XWall sends a message to postmaster after all configuration checking is done and there was a warning or error.
SendStartupToWarn=other@domain.com
By default the messages is sent to postmaster, but this is where you can define an alternate address.
- Add a delay at startup after a reboot
StartupDelayFresh=30
Since November 2008 the DNS server of Windows 2003 doesn't work immorality after a reboot. As a result the DNS checking of XWall may
fail. Adding a delay in XWall gives the DNS server enough time for housekeeping.
TLS
X-Message-Flag
Outlook displays the content
of the x-message-flag Internet header line in the left
upper part of the message dialog, right above the From:
field. So this can be uses to show some information to
the user.
XWall can show the following information:
- Show the SPF status of the message
InboundXMessageFlagSPF=True
- Show the DomainKey status of the message
InboundXMessageFlagDKIM=True
- Show the SMIME status of the message
InboundXMessageFlagSMIME=True
- Show the TLS status of the message
InboundXMessageFlagTLS=True
- Show the reason why the message was excluded
from spam checking
InboundXMessageFlagExcl=True
- Show the format that was removed from the
message
InboundXMessageFlagFormat=True
RAR
- Add support for RAR archive
UseUnRARDLL=True
Download the latest UnRAR dll from
http://www.rarlab.com/rar_add.htm
and copy it into the XWall directory. Thereafter XWall will use the dll to extract the files from a RAR
archive, the same way as it does for a zip archive.
Central Checksum Service (CCS)
The Central Checksum Service
(CCS) is designed to detect bulk e-mail on a worldwide
level,
a full description is
here.
Since v3.46 CCS also acts as a global heuristic spam
repository.
XWall queries the CCS for the IP address of
the sending MTA and gets back the threshold of heuristic
spam for that IP address.
Further it reports the IP
address of the sending MTA in the case a heuristic spam
is detected.
Blacklist
- Enable the Blacklist
InboundAddressBlackList=True
The Blacklist is similar to the White List, except that it blocks all messages that are sent by an e-mail addresses that is on the
list. This allows your users to add e-mail addresses to the Blacklist by simply sending a command message to the Blacklist.
The action that is triggered when the e-mail is the same as in Options->Blocking->Email
- Maintain a separate Blacklist for each user
InboundAddressBlackListUserBased=True
If enabled, XWall will create a separate Blacklist for each user, rather then one list for all users.
- Reject the message during the SMTP session
InboundAddressBlackListBlockSMTPLevel=True
If enabled, XWall will reject the message during the SMTP session and the message will not be accepted.
Note: This setting will not work when a separate list for each user is enabled. The reason is that at the time when the
sender is checked, the recipient is not available yet.
- Pack the Blacklist at midnight
InboundAddressBlackListASCII=True
If enabled, XWall will sync AdrIBL-A.dat with AdrIBL-B.dat. More technically speaking XWall will remove outdated and duplicated
entries from AdrIBL-A.dat
- Max addresses to gather
InboundAddressBlackListMaxSlots=100000
Defines how large the Blacklist should become
- Manage the Blacklist by sending a message with an e-mail
address in the subject to Add e-mail address or Delete e-mail address
InboundAddressBlackListFeedAdd=add@blacklist.xxx
InboundAddressBlackListFeedDel=del@blacklist.xxx
Defines an e-mail address that is NOT in your domain and that is used for manually adding or deleting of e-mail addresses.
If you are not sure what e-mail address you should use, then use add@blacklist.xxx and del@blacklist.xxx
To add an e-mail address, send a message to add@blacklist.xxx with the e-mail address that should be added in the subject. To delete
an e-mail address send a message to del@blacklist.xxx with the e-mail address that should be deleted in the subject.
|
