spamassassin-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From par...@apache.org
Subject svn commit: r1138284 [9/15] - in /spamassassin/site/full/3.3.x: ./ doc/
Date Wed, 22 Jun 2011 02:39:35 GMT
Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_ASN.txt
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_ASN.txt?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_ASN.txt (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_ASN.txt Wed Jun 22 02:39:31 2011
@@ -0,0 +1,102 @@
+NAME
+    Mail::SpamAssassin::Plugin::ASN - SpamAssassin plugin to look up the
+    Autonomous System Number (ASN) of the connecting IP address.
+
+SYNOPSIS
+     loadplugin Mail::SpamAssassin::Plugin::ASN
+
+     asn_lookup asn.routeviews.org _ASN_ _ASNCIDR_
+
+     add_header all ASN _ASN_ _ASNCIDR_
+
+DESCRIPTION
+    This plugin uses DNS lookups to the services of an external DNS zone
+    such as at "http://www.routeviews.org/" to do the actual work. Please
+    make sure that your use of the plugin does not overload their
+    infrastructure - this generally means that you should not use this
+    plugin in a high-volume environment or that you should use a local
+    mirror of the zone (see "ftp://ftp.routeviews.org/dnszones/"). Other
+    similar zones may also be used.
+
+TEMPLATE TAGS
+    This plugin allows you to create template tags containing the connecting
+    IP's AS number and route info for that AS number.
+
+    The default config will add a header field that looks like this:
+
+     X-Spam-ASN: AS24940 213.239.192.0/18
+
+    where "24940" is the ASN and "213.239.192.0/18" is the route announced
+    by that ASN where the connecting IP address came from. If the AS
+    announces multiple networks (more/less specific), they will all be added
+    to the "_ASNCIDR_" tag, separated by spaces, eg:
+
+     X-Spam-ASN: AS1680 89.138.0.0/15 89.139.0.0/16
+
+    Note that the literal "AS" before the ASN in the _ASN_ tag is
+    configurable through the *asn_prefix* directive and may be set to an
+    empty string.
+
+CONFIGURATION
+    The standard ruleset contains a configuration that will add a header
+    field containing ASN data to scanned messages. The bayes tokenizer will
+    use the added header field for bayes calculations, and thus affect which
+    BAYES_* rule will trigger for a particular message.
+
+    Note that in most cases you should not score on the ASN data directly.
+    Bayes learning will probably trigger on the _ASNCIDR_ tag, but probably
+    not very well on the _ASN_ tag alone.
+
+SEE ALSO
+    http://www.routeviews.org/ - all data regarding routing, ASNs, etc....
+
+    http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4770 -
+    SpamAssassin Issue #4770 concerning this plugin
+
+STATUS
+    No in-depth analysis of the usefulness of bayes tokenization of ASN data
+    has been performed.
+
+ADMINISTRATOR SETTINGS
+    asn_lookup asn-zone.example.com [ _ASNTAG_ _ASNCIDRTAG_ ]
+        Use this to lookup the ASN info in the specified zone for the first
+        external IP address and add the AS number to the first specified tag
+        and routing info to the second specified tag.
+
+        If no tags are specified the AS number will be added to the _ASN_
+        tag and the routing info will be added to the _ASNCIDR_ tag. You
+        must specify either none or both of the tag names. Tag names must
+        start and end with an underscore.
+
+        If two or more *asn_lookup*s use the same set of template tags, the
+        results of their lookups will be appended to each other in the
+        template tag values in no particular order. Duplicate results will
+        be omitted when combining results. In a similar fashion, you can
+        also use the same template tag for both the AS number tag and the
+        routing info tag.
+
+        Examples:
+
+          asn_lookup asn.routeviews.org
+
+          asn_lookup asn.routeviews.org _ASN_ _ASNCIDR_
+          asn_lookup myview.example.com _MYASN_ _MYASNCIDR_
+
+          asn_lookup asn.routeviews.org _COMBINEDASN_ _COMBINEDASNCIDR_
+          asn_lookup myview.example.com _COMBINEDASN_ _COMBINEDASNCIDR_
+
+          asn_lookup in1tag.example.net _ASNDATA_ _ASNDATA_
+
+    clear_asn_lookups
+
+    Removes any previously declared *asn_lookup* entries from a list of
+    queries.
+
+    asn_prefix 'prefix_string' (default: 'AS')
+        The string specified in the argument is prepended to each ASN when
+        storing it as a tag. This prefix is rather redundant, but its
+        default value 'AS' is kept for backwards compatibility with versions
+        of SpamAssassin earlier than 3.4.0. A sensible setting is an empty
+        string. The argument may be (but need not be) enclosed in single or
+        double quotes for clarity.
+

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AWL.html
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AWL.html?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AWL.html (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AWL.html Wed Jun 22 02:39:31 2011
@@ -0,0 +1,234 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Mail::SpamAssassin::Plugin::AWL - Normalize scores via auto-whitelist</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:parker@minotaur.apache.org" />
+</head>
+
+<body style="background-color: white">
+
+
+<!-- INDEX BEGIN -->
+<div name="index">
+<p><a name="__index__"></a></p>
+
+<ul>
+
+	<li><a href="#name">NAME</a></li>
+	<li><a href="#synopsis">SYNOPSIS</a></li>
+	<li><a href="#description">DESCRIPTION</a></li>
+	<li><a href="#template_tags">TEMPLATE TAGS</a></li>
+	<li><a href="#user_preferences">USER PREFERENCES</a></li>
+	<li><a href="#administrator_settings">ADMINISTRATOR SETTINGS</a></li>
+</ul>
+
+<hr name="index" />
+</div>
+<!-- INDEX END -->
+
+<p>
+</p>
+<h1><a name="name">NAME</a></h1>
+<p>Mail::SpamAssassin::Plugin::AWL - Normalize scores via auto-whitelist</p>
+<p>
+</p>
+<hr />
+<h1><a name="synopsis">SYNOPSIS</a></h1>
+<p>To try this out, add this or uncomment this line in init.pre:</p>
+<pre>
+  loadplugin     Mail::SpamAssassin::Plugin::AWL</pre>
+<p>Use the supplied 60_awl.cf file (ie you don't have to do anything) or
+add these lines to a .cf file:</p>
+<pre>
+  header AWL             eval:check_from_in_auto_whitelist()
+  describe AWL           From: address is in the auto white-list
+  tflags AWL             userconf noautolearn
+  priority AWL           1000</pre>
+<p>
+</p>
+<hr />
+<h1><a name="description">DESCRIPTION</a></h1>
+<p>This plugin module provides support for the auto-whitelist.  It keeps
+track of the average SpamAssassin score for senders.  Senders are
+tracked using a combination of their From: address and their IP address.
+It then uses that average score to reduce the variability in scoring
+from message to message and modifies the final score by pushing the
+result towards the historical average.  This improves the accuracy of
+filtering for most email.</p>
+<p>
+</p>
+<hr />
+<h1><a name="template_tags">TEMPLATE TAGS</a></h1>
+<p>This plugin module adds the following <code>tags</code> that can be used as
+placeholders in certain options.  See <code>Mail::SpamAssassin::Conf</code>
+for more information on TEMPLATE TAGS.</p>
+<pre>
+ _AWL_             AWL modifier
+ _AWLMEAN_         Mean score on which AWL modification is based
+ _AWLCOUNT_        Number of messages on which AWL modification is based
+ _AWLPRESCORE_     Score before AWL</pre>
+<p>
+</p>
+<hr />
+<h1><a name="user_preferences">USER PREFERENCES</a></h1>
+<p>The following options can be used in both site-wide (<code>local.cf</code>) and
+user-specific (<code>user_prefs</code>) configuration files to customize how
+SpamAssassin handles incoming email messages.</p>
+<dl>
+<dt><strong><a name="use_auto_whitelist" class="item">use_auto_whitelist ( 0 | 1 )		(default: 1)</a></strong></dt>
+
+<dd>
+<p>Whether to use auto-whitelists.  Auto-whitelists track the long-term
+average score for each sender and then shift the score of new messages
+toward that long-term average.  This can increase or decrease the score
+for messages, depending on the long-term behavior of the particular
+correspondent.</p>
+<p>For more information about the auto-whitelist system, please look
+at the the <code>Automatic Whitelist System</code> section of the README file.
+The auto-whitelist is not intended as a general-purpose replacement
+for static whitelist entries added to your config files.</p>
+<p>Note that certain tests are ignored when determining the final
+message score:</p>
+<pre>
+ - rules with tflags set to 'noautolearn'</pre>
+</dd>
+<dt><strong><a name="n" class="item">auto_whitelist_factor n	(default: 0.5, range [0..1])</a></strong></dt>
+
+<dd>
+<p>How much towards the long-term mean for the sender to regress a message.
+Basically, the algorithm is to track the long-term mean score of messages for
+the sender (<code>mean</code>), and then once we have otherwise fully calculated the
+score for this message (<code>score</code>), we calculate the final score for the
+message as:</p>
+<p><code>finalscore</code> = <code>score</code> +  (<code>mean</code> - <code>score</code>) * <code>factor</code></p>
+<p>So if <code>factor</code> = 0.5, then we'll move to half way between the calculated
+score and the mean.  If <code>factor</code> = 0.3, then we'll move about 1/3 of the way
+from the score toward the mean.  <code>factor</code> = 1 means just use the long-term
+mean; <code>factor</code> = 0 mean just use the calculated score.</p>
+</dd>
+<dt><strong>auto_whitelist_ipv4_mask_len n	(default: 16, range [0..32])</strong></dt>
+
+<dd>
+<p>The AWL database keeps only the specified number of most-significant bits
+of an IPv4 address in its fields, so that different individual IP addresses
+within a subnet belonging to the same owner are managed under a single
+database record. As we have no information available on the allocated
+address ranges of senders, this CIDR mask length is only an approximation.
+The default is 16 bits, corresponding to a former class B. Increase the
+number if a finer granularity is desired, e.g. to 24 (class C) or 32.
+A value 0 is allowed but is not particularly useful, as it would treat the
+whole internet as a single organization. The number need not be a multiple
+of 8, any split is allowed.</p>
+</dd>
+<dt><strong>auto_whitelist_ipv6_mask_len n	(default: 48, range [0..128])</strong></dt>
+
+<dd>
+<p>The AWL database keeps only the specified number of most-significant bits
+of an IPv6 address in its fields, so that different individual IP addresses
+within a subnet belonging to the same owner are managed under a single
+database record. As we have no information available on the allocated address
+ranges of senders, this CIDR mask length is only an approximation. The default
+is 48 bits, corresponding to an address range commonly allocated to individual
+(smaller) organizations. Increase the number for a finer granularity, e.g.
+to 64 or 96 or 128, or decrease for wider ranges, e.g. 32.  A value 0 is
+allowed but is not particularly useful, as it would treat the whole internet
+as a single organization. The number need not be a multiple of 4, any split
+is allowed.</p>
+</dd>
+<dt><strong><a name="user_awl_sql_override_username" class="item">user_awl_sql_override_username</a></strong></dt>
+
+<dd>
+<p>Used by the SQLBasedAddrList storage implementation.</p>
+<p>If this option is set the SQLBasedAddrList module will override the set
+username with the value given.  This can be useful for implementing global
+or group based auto-whitelist databases.</p>
+</dd>
+<dt><strong><a name="auto_whitelist_distinguish_signed" class="item">auto_whitelist_distinguish_signed</a></strong></dt>
+
+<dd>
+<p>Used by the SQLBasedAddrList storage implementation.</p>
+<p>If this option is set the SQLBasedAddrList module will keep separate
+database entries for DKIM-validated e-mail addresses and for non-validated
+ones. A pre-requisite when setting this option is that a field awl.signedby
+exists in a SQL table, otherwise SQL operations will fail (which is why we
+need this option at all - for compatibility with pre-3.3.0 database schema).
+A plugin DKIM should also be enabled, as otherwise there is no benefit from
+turning on this option.</p>
+</dd>
+</dl>
+<p>
+</p>
+<hr />
+<h1><a name="administrator_settings">ADMINISTRATOR SETTINGS</a></h1>
+<p>These settings differ from the ones above, in that they are considered 'more
+privileged' -- even more than the ones in the <strong>PRIVILEGED SETTINGS</strong> section.
+No matter what <code>allow_user_rules</code> is set to, these can never be set from a
+user's <code>user_prefs</code> file.</p>
+<dl>
+<dt><strong><a name="module" class="item">auto_whitelist_factory module (default: Mail::SpamAssassin::DBBasedAddrList)</a></strong></dt>
+
+<dd>
+<p>Select alternative whitelist factory module.</p>
+</dd>
+<dt><strong><a name="filename" class="item">auto_whitelist_path /path/filename (default: ~/.spamassassin/auto-whitelist)</a></strong></dt>
+
+<dd>
+<p>This is the automatic-whitelist directory and filename.  By default, each user
+has their own whitelist database in their <code>~/.spamassassin</code> directory with
+mode 0700.  For system-wide SpamAssassin use, you may want to share this
+across all users, although that is not recommended.</p>
+</dd>
+<dt><strong><a name="auto_whitelist_db_modules_module_default_see_below" class="item">auto_whitelist_db_modules Module ...	(default: see below)</a></strong></dt>
+
+<dd>
+<p>What database modules should be used for the auto-whitelist storage database
+file.   The first named module that can be loaded from the perl include path
+will be used.  The format is:</p>
+<pre>
+  PreferredModuleName SecondBest ThirdBest ...</pre>
+<p>ie. a space-separated list of perl module names.  The default is:</p>
+<pre>
+  DB_File GDBM_File SDBM_File</pre>
+<p>NDBM_File is no longer supported, since it appears to have bugs that
+preclude its use for the AWL (see SpamAssassin bug 4353).</p>
+</dd>
+<dt><strong><a name="auto_whitelist_file_mode" class="item">auto_whitelist_file_mode		(default: 0700)</a></strong></dt>
+
+<dd>
+<p>The file mode bits used for the automatic-whitelist directory or file.</p>
+<p>Make sure you specify this using the 'x' mode bits set, as it may also be used
+to create directories.  However, if a file is created, the resulting file will
+not have any execute bits set (the umask is set to 111).</p>
+</dd>
+<dt><strong><a name="user_awl_dsn_dbi_databasetype_databasename_hostname_port" class="item">user_awl_dsn DBI:databasetype:databasename:hostname:port</a></strong></dt>
+
+<dd>
+<p>Used by the SQLBasedAddrList storage implementation.</p>
+<p>This will set the DSN used to connect.  Example:
+<code>DBI:mysql:spamassassin:localhost</code></p>
+</dd>
+<dt><strong><a name="user_awl_sql_username_username" class="item">user_awl_sql_username username</a></strong></dt>
+
+<dd>
+<p>Used by the SQLBasedAddrList storage implementation.</p>
+<p>The authorized username to connect to the above DSN.</p>
+</dd>
+<dt><strong><a name="user_awl_sql_password_password" class="item">user_awl_sql_password password</a></strong></dt>
+
+<dd>
+<p>Used by the SQLBasedAddrList storage implementation.</p>
+<p>The password for the database username, for the above DSN.</p>
+</dd>
+<dt><strong><a name="user_awl_sql_table_tablename" class="item">user_awl_sql_table tablename</a></strong></dt>
+
+<dd>
+<p>Used by the SQLBasedAddrList storage implementation.</p>
+<p>The table user auto-whitelists are stored in, for the above DSN.</p>
+</dd>
+</dl>
+
+</body>
+
+</html>

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AWL.txt
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AWL.txt?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AWL.txt (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AWL.txt Wed Jun 22 02:39:31 2011
@@ -0,0 +1,180 @@
+NAME
+    Mail::SpamAssassin::Plugin::AWL - Normalize scores via auto-whitelist
+
+SYNOPSIS
+    To try this out, add this or uncomment this line in init.pre:
+
+      loadplugin     Mail::SpamAssassin::Plugin::AWL
+
+    Use the supplied 60_awl.cf file (ie you don't have to do anything) or
+    add these lines to a .cf file:
+
+      header AWL             eval:check_from_in_auto_whitelist()
+      describe AWL           From: address is in the auto white-list
+      tflags AWL             userconf noautolearn
+      priority AWL           1000
+
+DESCRIPTION
+    This plugin module provides support for the auto-whitelist. It keeps
+    track of the average SpamAssassin score for senders. Senders are tracked
+    using a combination of their From: address and their IP address. It then
+    uses that average score to reduce the variability in scoring from
+    message to message and modifies the final score by pushing the result
+    towards the historical average. This improves the accuracy of filtering
+    for most email.
+
+TEMPLATE TAGS
+    This plugin module adds the following "tags" that can be used as
+    placeholders in certain options. See "Mail::SpamAssassin::Conf" for more
+    information on TEMPLATE TAGS.
+
+     _AWL_             AWL modifier
+     _AWLMEAN_         Mean score on which AWL modification is based
+     _AWLCOUNT_        Number of messages on which AWL modification is based
+     _AWLPRESCORE_     Score before AWL
+
+USER PREFERENCES
+    The following options can be used in both site-wide ("local.cf") and
+    user-specific ("user_prefs") configuration files to customize how
+    SpamAssassin handles incoming email messages.
+
+    use_auto_whitelist ( 0 | 1 ) (default: 1)
+        Whether to use auto-whitelists. Auto-whitelists track the long-term
+        average score for each sender and then shift the score of new
+        messages toward that long-term average. This can increase or
+        decrease the score for messages, depending on the long-term behavior
+        of the particular correspondent.
+
+        For more information about the auto-whitelist system, please look at
+        the the "Automatic Whitelist System" section of the README file. The
+        auto-whitelist is not intended as a general-purpose replacement for
+        static whitelist entries added to your config files.
+
+        Note that certain tests are ignored when determining the final
+        message score:
+
+         - rules with tflags set to 'noautolearn'
+
+    auto_whitelist_factor n (default: 0.5, range [0..1])
+        How much towards the long-term mean for the sender to regress a
+        message. Basically, the algorithm is to track the long-term mean
+        score of messages for the sender ("mean"), and then once we have
+        otherwise fully calculated the score for this message ("score"), we
+        calculate the final score for the message as:
+
+        "finalscore" = "score" + ("mean" - "score") * "factor"
+
+        So if "factor" = 0.5, then we'll move to half way between the
+        calculated score and the mean. If "factor" = 0.3, then we'll move
+        about 1/3 of the way from the score toward the mean. "factor" = 1
+        means just use the long-term mean; "factor" = 0 mean just use the
+        calculated score.
+
+    auto_whitelist_ipv4_mask_len n (default: 16, range [0..32])
+        The AWL database keeps only the specified number of most-significant
+        bits of an IPv4 address in its fields, so that different individual
+        IP addresses within a subnet belonging to the same owner are managed
+        under a single database record. As we have no information available
+        on the allocated address ranges of senders, this CIDR mask length is
+        only an approximation. The default is 16 bits, corresponding to a
+        former class B. Increase the number if a finer granularity is
+        desired, e.g. to 24 (class C) or 32. A value 0 is allowed but is not
+        particularly useful, as it would treat the whole internet as a
+        single organization. The number need not be a multiple of 8, any
+        split is allowed.
+
+    auto_whitelist_ipv6_mask_len n (default: 48, range [0..128])
+        The AWL database keeps only the specified number of most-significant
+        bits of an IPv6 address in its fields, so that different individual
+        IP addresses within a subnet belonging to the same owner are managed
+        under a single database record. As we have no information available
+        on the allocated address ranges of senders, this CIDR mask length is
+        only an approximation. The default is 48 bits, corresponding to an
+        address range commonly allocated to individual (smaller)
+        organizations. Increase the number for a finer granularity, e.g. to
+        64 or 96 or 128, or decrease for wider ranges, e.g. 32. A value 0 is
+        allowed but is not particularly useful, as it would treat the whole
+        internet as a single organization. The number need not be a multiple
+        of 4, any split is allowed.
+
+    user_awl_sql_override_username
+        Used by the SQLBasedAddrList storage implementation.
+
+        If this option is set the SQLBasedAddrList module will override the
+        set username with the value given. This can be useful for
+        implementing global or group based auto-whitelist databases.
+
+    auto_whitelist_distinguish_signed
+        Used by the SQLBasedAddrList storage implementation.
+
+        If this option is set the SQLBasedAddrList module will keep separate
+        database entries for DKIM-validated e-mail addresses and for
+        non-validated ones. A pre-requisite when setting this option is that
+        a field awl.signedby exists in a SQL table, otherwise SQL operations
+        will fail (which is why we need this option at all - for
+        compatibility with pre-3.3.0 database schema). A plugin DKIM should
+        also be enabled, as otherwise there is no benefit from turning on
+        this option.
+
+ADMINISTRATOR SETTINGS
+    These settings differ from the ones above, in that they are considered
+    'more privileged' -- even more than the ones in the PRIVILEGED SETTINGS
+    section. No matter what "allow_user_rules" is set to, these can never be
+    set from a user's "user_prefs" file.
+
+    auto_whitelist_factory module (default:
+    Mail::SpamAssassin::DBBasedAddrList)
+        Select alternative whitelist factory module.
+
+    auto_whitelist_path /path/filename (default:
+    ~/.spamassassin/auto-whitelist)
+        This is the automatic-whitelist directory and filename. By default,
+        each user has their own whitelist database in their
+        "~/.spamassassin" directory with mode 0700. For system-wide
+        SpamAssassin use, you may want to share this across all users,
+        although that is not recommended.
+
+    auto_whitelist_db_modules Module ... (default: see below)
+        What database modules should be used for the auto-whitelist storage
+        database file. The first named module that can be loaded from the
+        perl include path will be used. The format is:
+
+          PreferredModuleName SecondBest ThirdBest ...
+
+        ie. a space-separated list of perl module names. The default is:
+
+          DB_File GDBM_File SDBM_File
+
+        NDBM_File is no longer supported, since it appears to have bugs that
+        preclude its use for the AWL (see SpamAssassin bug 4353).
+
+    auto_whitelist_file_mode (default: 0700)
+        The file mode bits used for the automatic-whitelist directory or
+        file.
+
+        Make sure you specify this using the 'x' mode bits set, as it may
+        also be used to create directories. However, if a file is created,
+        the resulting file will not have any execute bits set (the umask is
+        set to 111).
+
+    user_awl_dsn DBI:databasetype:databasename:hostname:port
+        Used by the SQLBasedAddrList storage implementation.
+
+        This will set the DSN used to connect. Example:
+        "DBI:mysql:spamassassin:localhost"
+
+    user_awl_sql_username username
+        Used by the SQLBasedAddrList storage implementation.
+
+        The authorized username to connect to the above DSN.
+
+    user_awl_sql_password password
+        Used by the SQLBasedAddrList storage implementation.
+
+        The password for the database username, for the above DSN.
+
+    user_awl_sql_table tablename
+        Used by the SQLBasedAddrList storage implementation.
+
+        The table user auto-whitelists are stored in, for the above DSN.
+

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AccessDB.html
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AccessDB.html?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AccessDB.html (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AccessDB.html Wed Jun 22 02:39:31 2011
@@ -0,0 +1,63 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Mail::SpamAssassin::Plugin::AccessDB - check message against Access Database</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:parker@minotaur.apache.org" />
+</head>
+
+<body style="background-color: white">
+
+
+<!-- INDEX BEGIN -->
+<div name="index">
+<p><a name="__index__"></a></p>
+
+<ul>
+
+	<li><a href="#name">NAME</a></li>
+	<li><a href="#synopsis">SYNOPSIS</a></li>
+	<li><a href="#description">DESCRIPTION</a></li>
+</ul>
+
+<hr name="index" />
+</div>
+<!-- INDEX END -->
+
+<p>
+</p>
+<h1><a name="name">NAME</a></h1>
+<p>Mail::SpamAssassin::Plugin::AccessDB - check message against Access Database</p>
+<p>
+</p>
+<hr />
+<h1><a name="synopsis">SYNOPSIS</a></h1>
+<pre>
+  loadplugin     Mail::SpamAssassin::Plugin::AccessDB</pre>
+<pre>
+  header   ACCESSDB  eval:check_access_database('/etc/mail/access.db')
+  describe ACCESSDB  Message would have been caught by accessdb
+  tflags   ACCESSDB  userconf
+  score    ACCESSDB  2</pre>
+<p>
+</p>
+<hr />
+<h1><a name="description">DESCRIPTION</a></h1>
+<p>Many MTAs support access databases, such as Sendmail, Postfix, etc.
+This plugin does similar checks to see whether a message would have
+been flagged.</p>
+<p>The rule returns false if an entry isn't found, or the entry has a RHS of
+<em>OK</em> or <em>SKIP</em>.</p>
+<p>The rule returns true if an entry exists and has a RHS of <em>REJECT</em>, <em>ERROR</em>,
+or <em>DISCARD</em>.</p>
+<p>Note: only the first word (split on non-word characters) of the RHS
+is checked, so <code>error:5.7.1:...</code> means <code>ERROR</code>.</p>
+<p><strong>AccessDB Pointers:</strong></p>
+<pre>
+  <a href="http://www.faqs.org/docs/securing/chap22sec178.html">http://www.faqs.org/docs/securing/chap22sec178.html</a>
+  <a href="http://www.postfix.org/access.5.html">http://www.postfix.org/access.5.html</a></pre>
+
+</body>
+
+</html>

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AccessDB.txt
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AccessDB.txt?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AccessDB.txt (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AccessDB.txt Wed Jun 22 02:39:31 2011
@@ -0,0 +1,31 @@
+NAME
+    Mail::SpamAssassin::Plugin::AccessDB - check message against Access
+    Database
+
+SYNOPSIS
+      loadplugin     Mail::SpamAssassin::Plugin::AccessDB
+
+      header   ACCESSDB  eval:check_access_database('/etc/mail/access.db')
+      describe ACCESSDB  Message would have been caught by accessdb
+      tflags   ACCESSDB  userconf
+      score    ACCESSDB  2
+
+DESCRIPTION
+    Many MTAs support access databases, such as Sendmail, Postfix, etc. This
+    plugin does similar checks to see whether a message would have been
+    flagged.
+
+    The rule returns false if an entry isn't found, or the entry has a RHS
+    of *OK* or *SKIP*.
+
+    The rule returns true if an entry exists and has a RHS of *REJECT*,
+    *ERROR*, or *DISCARD*.
+
+    Note: only the first word (split on non-word characters) of the RHS is
+    checked, so "error:5.7.1:..." means "ERROR".
+
+    AccessDB Pointers:
+
+      http://www.faqs.org/docs/securing/chap22sec178.html
+      http://www.postfix.org/access.5.html
+

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AntiVirus.html
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AntiVirus.html?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AntiVirus.html (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AntiVirus.html Wed Jun 22 02:39:31 2011
@@ -0,0 +1,58 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>AntiVirus - simple anti-virus tests</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:parker@minotaur.apache.org" />
+</head>
+
+<body style="background-color: white">
+
+
+<!-- INDEX BEGIN -->
+<div name="index">
+<p><a name="__index__"></a></p>
+
+<ul>
+
+	<li><a href="#name">NAME</a></li>
+	<li><a href="#synopsis">SYNOPSIS</a></li>
+	<li><a href="#description">DESCRIPTION</a></li>
+</ul>
+
+<hr name="index" />
+</div>
+<!-- INDEX END -->
+
+<p>
+</p>
+<h1><a name="name">NAME</a></h1>
+<p>AntiVirus - simple anti-virus tests</p>
+<p>
+</p>
+<hr />
+<h1><a name="synopsis">SYNOPSIS</a></h1>
+<pre>
+  loadplugin     Mail::SpamAssassin::Plugin::AntiVirus</pre>
+<pre>
+  body MICROSOFT_EXECUTABLE eval:check_microsoft_executable()
+  body MIME_SUSPECT_NAME    eval:check_suspect_name()</pre>
+<p>
+</p>
+<hr />
+<h1><a name="description">DESCRIPTION</a></h1>
+<p>The MICROSOFT_EXECUTABLE rule works by checking for 3 possibilities in
+the message in any application/* or text/* part in the message:</p>
+<dl>
+<dt><strong><a name="in_text_parts_look_for_a_uuencoded_executable_start_string" class="item">- in text parts, look for a uuencoded executable start string</a></strong></dt>
+
+<dt><strong><a name="in_application_parts_look_for_filenames_ending_in_an_executable_extension" class="item">- in application parts, look for filenames ending in an executable extension</a></strong></dt>
+
+<dt><strong><a name="in_application_parts_look_for_a_base64_encoded_executable_start_string" class="item">- in application parts, look for a base64 encoded executable start string</a></strong></dt>
+
+</dl>
+
+</body>
+
+</html>

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AntiVirus.txt
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AntiVirus.txt?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AntiVirus.txt (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AntiVirus.txt Wed Jun 22 02:39:31 2011
@@ -0,0 +1,19 @@
+NAME
+    AntiVirus - simple anti-virus tests
+
+SYNOPSIS
+      loadplugin     Mail::SpamAssassin::Plugin::AntiVirus
+
+      body MICROSOFT_EXECUTABLE eval:check_microsoft_executable()
+      body MIME_SUSPECT_NAME    eval:check_suspect_name()
+
+DESCRIPTION
+    The MICROSOFT_EXECUTABLE rule works by checking for 3 possibilities in
+    the message in any application/* or text/* part in the message:
+
+    - in text parts, look for a uuencoded executable start string
+    - in application parts, look for filenames ending in an executable
+    extension
+    - in application parts, look for a base64 encoded executable start
+    string
+

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AskDNS.html
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AskDNS.html?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AskDNS.html (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AskDNS.html Wed Jun 22 02:39:31 2011
@@ -0,0 +1,182 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>AskDNS - form a DNS query using tag values, and look up the DNSxL lists</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:parker@minotaur.apache.org" />
+</head>
+
+<body style="background-color: white">
+
+
+<!-- INDEX BEGIN -->
+<div name="index">
+<p><a name="__index__"></a></p>
+
+<ul>
+
+	<li><a href="#name">NAME</a></li>
+	<li><a href="#synopsis">SYNOPSIS</a></li>
+	<li><a href="#description">DESCRIPTION</a></li>
+	<li><a href="#user_settings">USER SETTINGS</a></li>
+	<li><a href="#rule_definitions">RULE DEFINITIONS</a></li>
+</ul>
+
+<hr name="index" />
+</div>
+<!-- INDEX END -->
+
+<p>
+</p>
+<h1><a name="name">NAME</a></h1>
+<p>AskDNS - form a DNS query using tag values, and look up the DNSxL lists</p>
+<p>
+</p>
+<hr />
+<h1><a name="synopsis">SYNOPSIS</a></h1>
+<pre>
+  loadplugin  Mail::SpamAssassin::Plugin::AskDNS
+  askdns D_IN_DWL _DKIMDOMAIN_._vouch.dwl.spamhaus.org TXT /\b(transaction|list|all)\b/</pre>
+<p>
+</p>
+<hr />
+<h1><a name="description">DESCRIPTION</a></h1>
+<p>Using a DNS query template as specified in a parameter of a askdns rule,
+the plugin replaces tag names as found in the template with their values
+and launches DNS queries as soon as tag values become available. When DNS
+responses trickle in, filters them according to the requested DNS resource
+record type and optional subrule filtering expression, yielding a rule hit
+if a response meets filtering conditions.</p>
+<p>
+</p>
+<hr />
+<h1><a name="user_settings">USER SETTINGS</a></h1>
+<dl>
+<dt><strong><a name="rbl_timeout_t_t_min_zone_default_15_32" class="item">rbl_timeout t [t_min] [zone]		(default: 15 3)</a></strong></dt>
+
+<dd>
+<p>The rbl_timeout setting is common to all DNS querying rules (as implemented
+by other plugins). It can specify a DNS query timeout globally, or individually
+for each zone. When the zone parameter is specified, the settings affects DNS
+queries when their query domain equals the specified zone, or is its subdomain.
+See the <code>Mail::SpamAssassin::Conf</code> POD for details on <code>rbl_timeout</code>.</p>
+</dd>
+</dl>
+<p>
+</p>
+<hr />
+<h1><a name="rule_definitions">RULE DEFINITIONS</a></h1>
+<dl>
+<dt><strong><a name="askdns_name_of_rule_query_template_rr_type_subqueryfilter" class="item">askdns NAME_OF_RULE query_template [rr_type [subqueryfilter]]</a></strong></dt>
+
+<dd>
+<p>A query template is a string which will be expanded to produce a domain name
+to be used in a DNS query. The template may include SpamAssassin tag names,
+which will be replaced by their values to form a final query domain.
+The final query domain must adhere to rules governing DNS domains, i.e.
+must consist of fields each up to 63 characters long, delimited by dots.
+There may be a trailing dot at the end, but it is redundant / carries
+no semantics, because SpamAssassin uses a Net::DSN::Resolver::send method
+for querying DNS, which ignores any 'search' or 'domain' DNS resolver options.
+Domain names in DNS queries are case-insensitive.</p>
+<p>A tag name is a string of capital letters, preceded and followed by an
+underscore character. This syntax mirrors the add_header setting, except that
+tags cannot have parameters in parenthesis when used in askdns templates.
+Tag names may appear anywhere in the template - each queried DNS zone
+prescribes how a query should be formed.</p>
+<p>A query template may contain any number of tag names including none,
+although in the most common anticipated scenario exactly one tag name would
+appear in each askdns rule. Specified tag names are considered dependencies.
+Askdns rules with dependencies on the same set of tags are grouped, and all
+queries in a group are launched as soon as all their dependencies are met,
+i.e. when the last of the awaited tag values becomes available by a call
+to <code>set_tag()</code> from some other plugin or elsewhere in the SpamAssassin code.</p>
+<p>Launched queries from all askdns rules are grouped too according to a pair
+of: query type and an expanded query domain name. Even if there are multiple
+rules producing the same type/domain pair, only one DNS query is launched,
+and a reply to such query contributes to all the constituent rules.</p>
+<p>A tag may produce none, one or multiple values. Askdns rules awaiting for
+a tag which never receives its value never result in a DNS query. Tags which
+produce multiple values will result in multiple queries launched, each with
+an expanded template using one of the tag values. An example is a DKIMDOMAIN
+tag which yields a list of signing domains, one for each valid signature in
+a signed message.</p>
+<p>When more than one distinct tag name appears in a template, each potentially
+resulting in multiple values, a Cartesian product is formed, and each tuple
+results in a launch of one DNS query (duplicates excluded). For example,
+a query template _A_._B_.example._A_.com where tag A is a list (11,22)
+and B is (xx,yy,zz), will result in queries: 11.xx.example.11.com,
+22.xx.example.22.com, 11.yy.example.11.com, 22.yy.example.22.com,
+11.zz.example.11.com, 22.zz.example.22.com .</p>
+<p>A parameter rr_type following the query template is a comma-separated list
+of expected DNS resource record (RR) types. Missing rr_type parameter implies
+an 'A'. A DNS result may bring resource records of multiple types, but only
+resource records of a type found in the rr_type parameter list are considered,
+other resource records found in the answer section of a DNS reply are ignored
+for this rule. A value ANY in the rr_type parameter list matches any resource
+record type. An empty DNS answer section does not match ANY.</p>
+<p>The rr_type parameter not only provides a filter for RR types found in
+the DNS answer, but also determines the DNS query type. If only a single
+RR type is specified in the parameter (e.g. TXT), than this is also the RR
+type of a query. When more than one RR type is specified (e.g. A,AAAA,TXT)
+or if ANY is specified, then the DNS query type will be ANY and the rr_type
+parameter will only act as a filter on a result.</p>
+<p>Currently allowed RR types in the rr_type parameter are: ANY, A, AAAA, MX,
+TXT, PTR, NS, SOA, CNAME, HINFO, MINFO, WKS, SRV, SPF.</p>
+<p>The last optional parameter of a rule is a filtering expression, a.k.a. a
+subrule. Its function is much like the subrule in URIDNSBL plugin rules,
+or in the check_rbl eval rules. The main difference is that with askdns
+rules there is no need to manually group rules according to their queried
+zone, as the grouping is automatic and duplicate queries are implicitly
+eliminated.</p>
+<p>The subrule filtering parameter can be: a plain string, a regular expression,
+a single numerical value or a pair of numerical values, or a list of rcodes
+(DNS status codes of a response). Absence of the filtering parameter implies
+no filtering, i.e. any positive DNS response (rcode=NOERROR) of the requested
+RR type will result in a rule hit, regardless of the RR value returned with
+the response.</p>
+<p>When a plain string is used as a filter, it must be enclosed in single or
+double quotes. For the rule to hit, the response must match the filtering
+string exactly, and a RR type of a response must match the query type.
+Typical use is an exact text string for TXT queries, or an exact quad-dotted
+IPv4 address. In case of a TXT or SPF resource record which can return
+multiple character-strings (as defined in Section 3.3 of [<a href="http://www.ietf.org/rfc/rfc1035.txt" class="rfc">RFC1035</a>]), these
+strings are concatenated with no delimiters before comparing the result
+to the filtering string. This follows requirements of several documents,
+such as <a href="http://www.ietf.org/rfc/rfc5518.txt" class="rfc">RFC 5518</a>, <a href="http://www.ietf.org/rfc/rfc4408.txt" class="rfc">RFC 4408</a>, <a href="http://www.ietf.org/rfc/rfc4871.txt" class="rfc">RFC 4871</a>, <a href="http://www.ietf.org/rfc/rfc5617.txt" class="rfc">RFC 5617</a>.  Examples of a plain text
+filtering parameter: &quot;127.0.0.1&quot;, &quot;transaction&quot;, 'list' .</p>
+<p>A regular expression follows a familiar perl syntax like /.../ or m{...}
+optionally followed by regexp flags (such as 'i' for case-insensitivity).
+If a DNS response matches the requested RR type and the regular expression,
+the rule hits. Examples: /^127\.0\.0\.\d+$/, m{\bdial up\b}i .</p>
+<p>A single numerical value can be a decimal number, or a hexadecimal number
+prefixed by 0x. Such numeric filtering expression is typically used with
+RR type-A DNS queries. The returned value (an IPv4 address) is masked with
+a specified filtering value, and the rule hits if the result is nonzero:
+(r &amp; n) != 0 .  An example: 0x10 .</p>
+<p>A pair of numerical values (each a decimal, hexadecimal or quad-dotted)
+delimited by a '-' specifies an IPv4 address range, and a pair of values
+delimited by a '/' specifies an IPv4 address followed by a bitmask. Again,
+this type of filtering expression is primarily intended with RR type-A
+DNS queries. The rule hits if the RR type matches, and the returned IP
+address falls within the specified range: (r &gt;= n1 &amp;&amp; r &lt;= n2), or
+masked with a bitmask matches the specified value: (r &amp; m) == (n &amp; m) .</p>
+<p>As a shorthand notation, a single quad-dotted value is equivalent to
+a n-n form, i.e. it must match the returned value exactly with all its bits.</p>
+<p>Some typical examples of a numeric filtering parameter are: 127.0.1.2,
+127.0.1.20-127.0.1.39, 127.0.1.0/255.255.255.0, 0.0.0.16/0.0.0.16,
+0x10/0x10, 16, 0x10 .</p>
+<p>Lastly, the filtering parameter can be a comma-separated list of DNS status
+codes (rcode), enclosed in square brackets. Rcodes can be represented either
+by their numeric decimal values (0=NOERROR, 3=NXDOMAIN, ...), or their names.
+See <a href="http://www.iana.org/assignments/dns-parameters">http://www.iana.org/assignments/dns-parameters</a> for the list of names. When
+testing for a rcode where rcode is nonzero, a RR type parameter is ignored
+as a filter, as there is typically no answer section in a DNS reply when
+rcode indicates an error.  Example: [NXDOMAIN], or [FormErr,ServFail,4,5] .</p>
+</dd>
+</dl>
+
+</body>
+
+</html>

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AskDNS.txt
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AskDNS.txt?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AskDNS.txt (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AskDNS.txt Wed Jun 22 02:39:31 2011
@@ -0,0 +1,162 @@
+NAME
+    AskDNS - form a DNS query using tag values, and look up the DNSxL lists
+
+SYNOPSIS
+      loadplugin  Mail::SpamAssassin::Plugin::AskDNS
+      askdns D_IN_DWL _DKIMDOMAIN_._vouch.dwl.spamhaus.org TXT /\b(transaction|list|all)\b/
+
+DESCRIPTION
+    Using a DNS query template as specified in a parameter of a askdns rule,
+    the plugin replaces tag names as found in the template with their values
+    and launches DNS queries as soon as tag values become available. When
+    DNS responses trickle in, filters them according to the requested DNS
+    resource record type and optional subrule filtering expression, yielding
+    a rule hit if a response meets filtering conditions.
+
+USER SETTINGS
+    rbl_timeout t [t_min] [zone] (default: 15 3)
+        The rbl_timeout setting is common to all DNS querying rules (as
+        implemented by other plugins). It can specify a DNS query timeout
+        globally, or individually for each zone. When the zone parameter is
+        specified, the settings affects DNS queries when their query domain
+        equals the specified zone, or is its subdomain. See the
+        "Mail::SpamAssassin::Conf" POD for details on "rbl_timeout".
+
+RULE DEFINITIONS
+    askdns NAME_OF_RULE query_template [rr_type [subqueryfilter]]
+        A query template is a string which will be expanded to produce a
+        domain name to be used in a DNS query. The template may include
+        SpamAssassin tag names, which will be replaced by their values to
+        form a final query domain. The final query domain must adhere to
+        rules governing DNS domains, i.e. must consist of fields each up to
+        63 characters long, delimited by dots. There may be a trailing dot
+        at the end, but it is redundant / carries no semantics, because
+        SpamAssassin uses a Net::DSN::Resolver::send method for querying
+        DNS, which ignores any 'search' or 'domain' DNS resolver options.
+        Domain names in DNS queries are case-insensitive.
+
+        A tag name is a string of capital letters, preceded and followed by
+        an underscore character. This syntax mirrors the add_header setting,
+        except that tags cannot have parameters in parenthesis when used in
+        askdns templates. Tag names may appear anywhere in the template -
+        each queried DNS zone prescribes how a query should be formed.
+
+        A query template may contain any number of tag names including none,
+        although in the most common anticipated scenario exactly one tag
+        name would appear in each askdns rule. Specified tag names are
+        considered dependencies. Askdns rules with dependencies on the same
+        set of tags are grouped, and all queries in a group are launched as
+        soon as all their dependencies are met, i.e. when the last of the
+        awaited tag values becomes available by a call to set_tag() from
+        some other plugin or elsewhere in the SpamAssassin code.
+
+        Launched queries from all askdns rules are grouped too according to
+        a pair of: query type and an expanded query domain name. Even if
+        there are multiple rules producing the same type/domain pair, only
+        one DNS query is launched, and a reply to such query contributes to
+        all the constituent rules.
+
+        A tag may produce none, one or multiple values. Askdns rules
+        awaiting for a tag which never receives its value never result in a
+        DNS query. Tags which produce multiple values will result in
+        multiple queries launched, each with an expanded template using one
+        of the tag values. An example is a DKIMDOMAIN tag which yields a
+        list of signing domains, one for each valid signature in a signed
+        message.
+
+        When more than one distinct tag name appears in a template, each
+        potentially resulting in multiple values, a Cartesian product is
+        formed, and each tuple results in a launch of one DNS query
+        (duplicates excluded). For example, a query template
+        _A_._B_.example._A_.com where tag A is a list (11,22) and B is
+        (xx,yy,zz), will result in queries: 11.xx.example.11.com,
+        22.xx.example.22.com, 11.yy.example.11.com, 22.yy.example.22.com,
+        11.zz.example.11.com, 22.zz.example.22.com .
+
+        A parameter rr_type following the query template is a
+        comma-separated list of expected DNS resource record (RR) types.
+        Missing rr_type parameter implies an 'A'. A DNS result may bring
+        resource records of multiple types, but only resource records of a
+        type found in the rr_type parameter list are considered, other
+        resource records found in the answer section of a DNS reply are
+        ignored for this rule. A value ANY in the rr_type parameter list
+        matches any resource record type. An empty DNS answer section does
+        not match ANY.
+
+        The rr_type parameter not only provides a filter for RR types found
+        in the DNS answer, but also determines the DNS query type. If only a
+        single RR type is specified in the parameter (e.g. TXT), than this
+        is also the RR type of a query. When more than one RR type is
+        specified (e.g. A,AAAA,TXT) or if ANY is specified, then the DNS
+        query type will be ANY and the rr_type parameter will only act as a
+        filter on a result.
+
+        Currently allowed RR types in the rr_type parameter are: ANY, A,
+        AAAA, MX, TXT, PTR, NS, SOA, CNAME, HINFO, MINFO, WKS, SRV, SPF.
+
+        The last optional parameter of a rule is a filtering expression,
+        a.k.a. a subrule. Its function is much like the subrule in URIDNSBL
+        plugin rules, or in the check_rbl eval rules. The main difference is
+        that with askdns rules there is no need to manually group rules
+        according to their queried zone, as the grouping is automatic and
+        duplicate queries are implicitly eliminated.
+
+        The subrule filtering parameter can be: a plain string, a regular
+        expression, a single numerical value or a pair of numerical values,
+        or a list of rcodes (DNS status codes of a response). Absence of the
+        filtering parameter implies no filtering, i.e. any positive DNS
+        response (rcode=NOERROR) of the requested RR type will result in a
+        rule hit, regardless of the RR value returned with the response.
+
+        When a plain string is used as a filter, it must be enclosed in
+        single or double quotes. For the rule to hit, the response must
+        match the filtering string exactly, and a RR type of a response must
+        match the query type. Typical use is an exact text string for TXT
+        queries, or an exact quad-dotted IPv4 address. In case of a TXT or
+        SPF resource record which can return multiple character-strings (as
+        defined in Section 3.3 of [RFC1035]), these strings are concatenated
+        with no delimiters before comparing the result to the filtering
+        string. This follows requirements of several documents, such as RFC
+        5518, RFC 4408, RFC 4871, RFC 5617. Examples of a plain text
+        filtering parameter: "127.0.0.1", "transaction", 'list' .
+
+        A regular expression follows a familiar perl syntax like /.../ or
+        m{...} optionally followed by regexp flags (such as 'i' for
+        case-insensitivity). If a DNS response matches the requested RR type
+        and the regular expression, the rule hits. Examples:
+        /^127\.0\.0\.\d+$/, m{\bdial up\b}i .
+
+        A single numerical value can be a decimal number, or a hexadecimal
+        number prefixed by 0x. Such numeric filtering expression is
+        typically used with RR type-A DNS queries. The returned value (an
+        IPv4 address) is masked with a specified filtering value, and the
+        rule hits if the result is nonzero: (r & n) != 0 . An example: 0x10
+        .
+
+        A pair of numerical values (each a decimal, hexadecimal or
+        quad-dotted) delimited by a '-' specifies an IPv4 address range, and
+        a pair of values delimited by a '/' specifies an IPv4 address
+        followed by a bitmask. Again, this type of filtering expression is
+        primarily intended with RR type-A DNS queries. The rule hits if the
+        RR type matches, and the returned IP address falls within the
+        specified range: (r >= n1 && r <= n2), or masked with a bitmask
+        matches the specified value: (r & m) == (n & m) .
+
+        As a shorthand notation, a single quad-dotted value is equivalent to
+        a n-n form, i.e. it must match the returned value exactly with all
+        its bits.
+
+        Some typical examples of a numeric filtering parameter are:
+        127.0.1.2, 127.0.1.20-127.0.1.39, 127.0.1.0/255.255.255.0,
+        0.0.0.16/0.0.0.16, 0x10/0x10, 16, 0x10 .
+
+        Lastly, the filtering parameter can be a comma-separated list of DNS
+        status codes (rcode), enclosed in square brackets. Rcodes can be
+        represented either by their numeric decimal values (0=NOERROR,
+        3=NXDOMAIN, ...), or their names. See
+        http://www.iana.org/assignments/dns-parameters for the list of
+        names. When testing for a rcode where rcode is nonzero, a RR type
+        parameter is ignored as a filter, as there is typically no answer
+        section in a DNS reply when rcode indicates an error. Example:
+        [NXDOMAIN], or [FormErr,ServFail,4,5] .
+

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AutoLearnThreshold.html
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AutoLearnThreshold.html?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AutoLearnThreshold.html (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AutoLearnThreshold.html Wed Jun 22 02:39:31 2011
@@ -0,0 +1,103 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Mail::SpamAssassin::Plugin::AutoLearnThreshold - threshold-based discriminator for Bayes auto-learning</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:parker@minotaur.apache.org" />
+</head>
+
+<body style="background-color: white">
+
+
+<!-- INDEX BEGIN -->
+<div name="index">
+<p><a name="__index__"></a></p>
+
+<ul>
+
+	<li><a href="#name">NAME</a></li>
+	<li><a href="#synopsis">SYNOPSIS</a></li>
+	<li><a href="#description">DESCRIPTION</a></li>
+	<li><a href="#user_options">USER OPTIONS</a></li>
+</ul>
+
+<hr name="index" />
+</div>
+<!-- INDEX END -->
+
+<p>
+</p>
+<h1><a name="name">NAME</a></h1>
+<p>Mail::SpamAssassin::Plugin::AutoLearnThreshold - threshold-based discriminator for Bayes auto-learning</p>
+<p>
+</p>
+<hr />
+<h1><a name="synopsis">SYNOPSIS</a></h1>
+<pre>
+  loadplugin     Mail::SpamAssassin::Plugin::AutoLearnThreshold</pre>
+<p>
+</p>
+<hr />
+<h1><a name="description">DESCRIPTION</a></h1>
+<p>This plugin implements the threshold-based auto-learning discriminator
+for SpamAssassin's Bayes subsystem.  Auto-learning is a mechanism
+whereby high-scoring mails (or low-scoring mails, for non-spam) are fed
+into its learning systems without user intervention, during scanning.</p>
+<p>Note that certain tests are ignored when determining whether a message
+should be trained upon:</p>
+<ul>
+<li><strong><a name="rules_with_tflags_set_to_learn_the_bayesian_rules" class="item">rules with tflags set to 'learn' (the Bayesian rules)</a></strong>
+
+</li>
+<li><strong><a name="rules_with_tflags_set_to_userconf_user_configuration" class="item">rules with tflags set to 'userconf' (user configuration)</a></strong>
+
+</li>
+<li><strong><a name="rules_with_tflags_set_to_noautolearn" class="item">rules with tflags set to 'noautolearn'</a></strong>
+
+</li>
+</ul>
+<p>Also note that auto-learning occurs using scores from either scoreset 0
+or 1, depending on what scoreset is used during message check.  It is
+likely that the message check and auto-learn scores will be different.</p>
+<p>
+</p>
+<hr />
+<h1><a name="user_options">USER OPTIONS</a></h1>
+<p>The following configuration settings are used to control auto-learning:</p>
+<dl>
+<dt><strong><a name="nn" class="item">bayes_auto_learn_threshold_nonspam n.nn   (default: 0.1)</a></strong></dt>
+
+<dd>
+<p>The score threshold below which a mail has to score, to be fed into
+SpamAssassin's learning systems automatically as a non-spam message.</p>
+</dd>
+<dt><strong>bayes_auto_learn_threshold_spam n.nn      (default: 12.0)</strong></dt>
+
+<dd>
+<p>The score threshold above which a mail has to score, to be fed into
+SpamAssassin's learning systems automatically as a spam message.</p>
+<p>Note: SpamAssassin requires at least 3 points from the header, and 3
+points from the body to auto-learn as spam.  Therefore, the minimum
+working value for this option is 6.</p>
+</dd>
+<dt><strong><a name="bayes_auto_learn_on_error" class="item">bayes_auto_learn_on_error (0 | 1)        (default: 0)</a></strong></dt>
+
+<dd>
+<p>With <a href="#bayes_auto_learn_on_error"><code>bayes_auto_learn_on_error</code></a> off, autolearning will be performed
+even if bayes classifier already agrees with the new classification (i.e.
+yielded BAYES_00 for what we are now trying to teach it as ham, or yielded
+BAYES_99 for spam). This is a traditional setting, the default was chosen
+to retain backwards compatibility.</p>
+<p>With <a href="#bayes_auto_learn_on_error"><code>bayes_auto_learn_on_error</code></a> turned on, autolearning will be performed
+only when a bayes classifier had a different opinion from what the autolearner
+is now trying to teach it (i.e. it made an error in judgement). This strategy
+may or may not produce better future classifications, but usually works
+very well, while also preventing unnecessary overlearning and slows down
+database growth.</p>
+</dd>
+</dl>
+
+</body>
+
+</html>

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AutoLearnThreshold.txt
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AutoLearnThreshold.txt?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AutoLearnThreshold.txt (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AutoLearnThreshold.txt Wed Jun 22 02:39:31 2011
@@ -0,0 +1,55 @@
+NAME
+    Mail::SpamAssassin::Plugin::AutoLearnThreshold - threshold-based
+    discriminator for Bayes auto-learning
+
+SYNOPSIS
+      loadplugin     Mail::SpamAssassin::Plugin::AutoLearnThreshold
+
+DESCRIPTION
+    This plugin implements the threshold-based auto-learning discriminator
+    for SpamAssassin's Bayes subsystem. Auto-learning is a mechanism whereby
+    high-scoring mails (or low-scoring mails, for non-spam) are fed into its
+    learning systems without user intervention, during scanning.
+
+    Note that certain tests are ignored when determining whether a message
+    should be trained upon:
+
+    *   rules with tflags set to 'learn' (the Bayesian rules)
+
+    *   rules with tflags set to 'userconf' (user configuration)
+
+    *   rules with tflags set to 'noautolearn'
+
+    Also note that auto-learning occurs using scores from either scoreset 0
+    or 1, depending on what scoreset is used during message check. It is
+    likely that the message check and auto-learn scores will be different.
+
+USER OPTIONS
+    The following configuration settings are used to control auto-learning:
+
+    bayes_auto_learn_threshold_nonspam n.nn (default: 0.1)
+        The score threshold below which a mail has to score, to be fed into
+        SpamAssassin's learning systems automatically as a non-spam message.
+
+    bayes_auto_learn_threshold_spam n.nn (default: 12.0)
+        The score threshold above which a mail has to score, to be fed into
+        SpamAssassin's learning systems automatically as a spam message.
+
+        Note: SpamAssassin requires at least 3 points from the header, and 3
+        points from the body to auto-learn as spam. Therefore, the minimum
+        working value for this option is 6.
+
+    bayes_auto_learn_on_error (0 | 1) (default: 0)
+        With "bayes_auto_learn_on_error" off, autolearning will be performed
+        even if bayes classifier already agrees with the new classification
+        (i.e. yielded BAYES_00 for what we are now trying to teach it as
+        ham, or yielded BAYES_99 for spam). This is a traditional setting,
+        the default was chosen to retain backwards compatibility.
+
+        With "bayes_auto_learn_on_error" turned on, autolearning will be
+        performed only when a bayes classifier had a different opinion from
+        what the autolearner is now trying to teach it (i.e. it made an
+        error in judgement). This strategy may or may not produce better
+        future classifications, but usually works very well, while also
+        preventing unnecessary overlearning and slows down database growth.
+

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Bayes.html
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Bayes.html?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Bayes.html (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Bayes.html Wed Jun 22 02:39:31 2011
@@ -0,0 +1,55 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Mail::SpamAssassin::Plugin::Bayes - determine spammishness using a Bayesian classifier</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:parker@minotaur.apache.org" />
+</head>
+
+<body style="background-color: white">
+
+
+<!-- INDEX BEGIN -->
+<div name="index">
+<p><a name="__index__"></a></p>
+
+<ul>
+
+	<li><a href="#name">NAME</a></li>
+	<li><a href="#description">DESCRIPTION</a></li>
+	<li><a href="#methods">METHODS</a></li>
+</ul>
+
+<hr name="index" />
+</div>
+<!-- INDEX END -->
+
+<p>
+</p>
+<h1><a name="name">NAME</a></h1>
+<p>Mail::SpamAssassin::Plugin::Bayes - determine spammishness using a Bayesian classifier</p>
+<p>
+</p>
+<hr />
+<h1><a name="description">DESCRIPTION</a></h1>
+<p>This is a Bayesian-style probabilistic classifier, using an algorithm based on
+the one detailed in Paul Graham's <em>A Plan For Spam</em> paper at:</p>
+<pre>
+  <a href="http://www.paulgraham.com/spam.html">http://www.paulgraham.com/spam.html</a></pre>
+<p>It also incorporates some other aspects taken from Graham Robinson's webpage
+on the subject at:</p>
+<pre>
+  <a href="http://radio.weblogs.com/0101454/stories/2002/09/16/spamDetection.html">http://radio.weblogs.com/0101454/stories/2002/09/16/spamDetection.html</a></pre>
+<p>And the chi-square probability combiner as described here:</p>
+<pre>
+  <a href="http://www.linuxjournal.com/print.php?sid=6467">http://www.linuxjournal.com/print.php?sid=6467</a></pre>
+<p>The results are incorporated into SpamAssassin as the BAYES_* rules.</p>
+<p>
+</p>
+<hr />
+<h1><a name="methods">METHODS</a></h1>
+
+</body>
+
+</html>

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Bayes.txt
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Bayes.txt?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Bayes.txt (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Bayes.txt Wed Jun 22 02:39:31 2011
@@ -0,0 +1,22 @@
+NAME
+    Mail::SpamAssassin::Plugin::Bayes - determine spammishness using a
+    Bayesian classifier
+
+DESCRIPTION
+    This is a Bayesian-style probabilistic classifier, using an algorithm
+    based on the one detailed in Paul Graham's *A Plan For Spam* paper at:
+
+      http://www.paulgraham.com/spam.html
+
+    It also incorporates some other aspects taken from Graham Robinson's
+    webpage on the subject at:
+
+      http://radio.weblogs.com/0101454/stories/2002/09/16/spamDetection.html
+
+    And the chi-square probability combiner as described here:
+
+      http://www.linuxjournal.com/print.php?sid=6467
+
+    The results are incorporated into SpamAssassin as the BAYES_* rules.
+
+METHODS

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_BodyRuleBaseExtractor.html
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_BodyRuleBaseExtractor.html?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_BodyRuleBaseExtractor.html (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_BodyRuleBaseExtractor.html Wed Jun 22 02:39:31 2011
@@ -0,0 +1,48 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Mail::SpamAssassin::Plugin::BodyRuleBaseExtractor - extract &quot;bases&quot; from body ruleset</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:parker@minotaur.apache.org" />
+</head>
+
+<body style="background-color: white">
+
+
+<!-- INDEX BEGIN -->
+<div name="index">
+<p><a name="__index__"></a></p>
+
+<ul>
+
+	<li><a href="#name">NAME</a></li>
+	<li><a href="#synopsis">SYNOPSIS</a></li>
+</ul>
+
+<hr name="index" />
+</div>
+<!-- INDEX END -->
+
+<p>
+</p>
+<h1><a name="name">NAME</a></h1>
+<p>Mail::SpamAssassin::Plugin::BodyRuleBaseExtractor - extract &quot;bases&quot; from body ruleset</p>
+<p>
+</p>
+<hr />
+<h1><a name="synopsis">SYNOPSIS</a></h1>
+<p>This is a plugin to extract &quot;base&quot; strings from SpamAssassin 'body' rules,
+suitable for use in Rule2XSBody rules or other parallel matching algorithms.</p>
+<dl>
+<dt><strong><a name="my" class="item">my ($cleanregexp) = <code>fixup_re($regexp)</code>;</a></strong></dt>
+
+<dd>
+<p>Converts encoded characters in a regular expression pattern into their
+equivalent characters</p>
+</dd>
+</dl>
+
+</body>
+
+</html>

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_BodyRuleBaseExtractor.txt
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_BodyRuleBaseExtractor.txt?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_BodyRuleBaseExtractor.txt (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_BodyRuleBaseExtractor.txt Wed Jun 22 02:39:31 2011
@@ -0,0 +1,13 @@
+NAME
+    Mail::SpamAssassin::Plugin::BodyRuleBaseExtractor - extract "bases" from
+    body ruleset
+
+SYNOPSIS
+    This is a plugin to extract "base" strings from SpamAssassin 'body'
+    rules, suitable for use in Rule2XSBody rules or other parallel matching
+    algorithms.
+
+    my ($cleanregexp) = fixup_re($regexp);
+        Converts encoded characters in a regular expression pattern into
+        their equivalent characters
+

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Check.html
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Check.html?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Check.html (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Check.html Wed Jun 22 02:39:31 2011
@@ -0,0 +1,45 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Mail::SpamAssassin::Plugin::Check - primary message check functionality</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:parker@minotaur.apache.org" />
+</head>
+
+<body style="background-color: white">
+
+
+<!-- INDEX BEGIN -->
+<div name="index">
+<p><a name="__index__"></a></p>
+
+<ul>
+
+	<li><a href="#name">NAME</a></li>
+	<li><a href="#synopsis">SYNOPSIS</a></li>
+	<li><a href="#description">DESCRIPTION</a></li>
+</ul>
+
+<hr name="index" />
+</div>
+<!-- INDEX END -->
+
+<p>
+</p>
+<h1><a name="name">NAME</a></h1>
+<p>Mail::SpamAssassin::Plugin::Check - primary message check functionality</p>
+<p>
+</p>
+<hr />
+<h1><a name="synopsis">SYNOPSIS</a></h1>
+<p>loadplugin Mail::SpamAssassin::Plugin::Check</p>
+<p>
+</p>
+<hr />
+<h1><a name="description">DESCRIPTION</a></h1>
+<p>This plugin provides the primary message check functionality.</p>
+
+</body>
+
+</html>

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Check.txt
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Check.txt?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Check.txt (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_Check.txt Wed Jun 22 02:39:31 2011
@@ -0,0 +1,9 @@
+NAME
+    Mail::SpamAssassin::Plugin::Check - primary message check functionality
+
+SYNOPSIS
+    loadplugin Mail::SpamAssassin::Plugin::Check
+
+DESCRIPTION
+    This plugin provides the primary message check functionality.
+

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_DCC.html
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_DCC.html?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_DCC.html (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_DCC.html Wed Jun 22 02:39:31 2011
@@ -0,0 +1,164 @@
+<?xml version="1.0" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Mail::SpamAssassin::Plugin::DCC - perform DCC check of messages</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<link rev="made" href="mailto:parker@minotaur.apache.org" />
+</head>
+
+<body style="background-color: white">
+
+
+<!-- INDEX BEGIN -->
+<div name="index">
+<p><a name="__index__"></a></p>
+
+<ul>
+
+	<li><a href="#name">NAME</a></li>
+	<li><a href="#synopsis">SYNOPSIS</a></li>
+	<li><a href="#description">DESCRIPTION</a></li>
+	<li><a href="#tags">TAGS</a></li>
+	<li><a href="#user_options">USER OPTIONS</a></li>
+	<li><a href="#administrator_options">ADMINISTRATOR OPTIONS</a></li>
+</ul>
+
+<hr name="index" />
+</div>
+<!-- INDEX END -->
+
+<p>
+</p>
+<h1><a name="name">NAME</a></h1>
+<p>Mail::SpamAssassin::Plugin::DCC - perform DCC check of messages</p>
+<p>
+</p>
+<hr />
+<h1><a name="synopsis">SYNOPSIS</a></h1>
+<pre>
+  loadplugin     Mail::SpamAssassin::Plugin::DCC</pre>
+<pre>
+  full DCC_CHECK        eval:check_dcc()
+  full DCC_CHECK_50_79  eval:check_dcc_reputation_range('50','79')</pre>
+<p>
+</p>
+<hr />
+<h1><a name="description">DESCRIPTION</a></h1>
+<p>The DCC or Distributed Checksum Clearinghouse is a system of servers
+collecting and counting checksums of millions of mail messages.
+TheSpamAssassin.pm counts can be used by SpamAssassin to detect and
+reject or filter spam.</p>
+<p>Because simplistic checksums of spam can be easily defeated, the main
+DCC checksums are fuzzy and ignore aspects of messages.  The fuzzy
+checksums are changed as spam evolves.</p>
+<p>Note that DCC is disabled by default in <code>init.pre</code> because it is not
+open source.  See the DCC license for more details.</p>
+<p>See <a href="http://www.rhyolite.com/anti-spam/dcc/">http://www.rhyolite.com/anti-spam/dcc/</a> for more information about
+DCC.</p>
+<p>
+</p>
+<hr />
+<h1><a name="tags">TAGS</a></h1>
+<p>The following tags are added to the set, available for use in reports,
+header fields, other plugins, etc.:</p>
+<pre>
+  _DCCB_    DCC server ID in a response
+  _DCCR_    response from DCC - header field body in X-DCC-*-Metrics
+  _DCCREP_  response from DCC - DCC reputation in percents (0..100)</pre>
+<p>Tag _DCCREP_ provides a nonempty value only with commercial DCC systems.
+This is the percentage of spam vs. ham sent from the first untrusted relay.</p>
+<p>
+</p>
+<hr />
+<h1><a name="user_options">USER OPTIONS</a></h1>
+<dl>
+<dt><strong><a name="use_dcc" class="item">use_dcc (0|1)		(default: 1)</a></strong></dt>
+
+<dd>
+<p>Whether to use DCC, if it is available.</p>
+</dd>
+<dt><strong><a name="dcc_body_max" class="item">dcc_body_max NUMBER</a></strong></dt>
+
+<dt><strong><a name="dcc_fuz1_max" class="item">dcc_fuz1_max NUMBER</a></strong></dt>
+
+<dt><strong><a name="dcc_fuz2_max" class="item">dcc_fuz2_max NUMBER</a></strong></dt>
+
+<dd>
+<p>This option sets how often a message's body/fuz1/fuz2 checksum must have been
+reported to the DCC server before SpamAssassin will consider the DCC check as
+matched.</p>
+<p>As nearly all DCC clients are auto-reporting these checksums, you should set
+this to a relatively high value, e.g. <code>999999</code> (this is DCC's MANY count).</p>
+<p>The default is <code>999999</code> for all these options.</p>
+</dd>
+<dt><strong><a name="dcc_rep_percent" class="item">dcc_rep_percent NUMBER</a></strong></dt>
+
+<dd>
+<p>Only commercial DCC systems provide DCC reputation information. This is the
+percentage of spam vs. ham sent from the first untrusted relay.  It will hit
+on new spam from spam sources.  Default is <code>90</code>.</p>
+</dd>
+</dl>
+<p>
+</p>
+<hr />
+<h1><a name="administrator_options">ADMINISTRATOR OPTIONS</a></h1>
+<dl>
+<dt><strong><a name="n" class="item">dcc_timeout n		(default: 8)</a></strong></dt>
+
+<dd>
+<p>How many seconds you wait for DCC to complete, before scanning continues
+without the DCC results.</p>
+</dd>
+<dt><strong><a name="dcc_home" class="item">dcc_home STRING</a></strong></dt>
+
+<dd>
+<p>This option tells SpamAssassin where to find the dcc homedir.
+If not given, it will try to get dcc to specify one, and if that fails it
+will try dcc's own default homedir of '/var/dcc'.
+If <a href="#dcc_path"><code>dcc_path</code></a> is not specified, it will default to looking in
+<code>dcc_home/bin</code> for dcc client instead of relying on SpamAssassin to find it
+in the current PATH.  If it isn't found there, it will look in the current
+PATH. If a <code>dccifd</code> socket is found in <a href="#dcc_home"><code>dcc_home</code></a> or specified explicitly,
+it will use that interface instead of <code>dccproc</code>.</p>
+</dd>
+<dt><strong><a name="dcc_dccifd_path" class="item">dcc_dccifd_path STRING</a></strong></dt>
+
+<dd>
+<p>This option tells SpamAssassin where to find the dccifd socket. If
+<a href="#dcc_dccifd_path"><code>dcc_dccifd_path</code></a> is not specified, it will default to looking for a socket
+named <code>dccifd</code> in a directory <a href="#dcc_home"><code>dcc_home</code></a>.  The <a href="#dcc_dccifd_path"><code>dcc_dccifd_path</code></a> can be
+a Unix socket name (absolute path), or an INET socket specification in a form
+<code>[host]:port</code> or <code>host:port</code>, where a host can be an IPv4 or IPv6 address
+or a host name, and port is a TCP port number. In case of an IPv6 address the
+brackets are required syntax. If a <code>dccifd</code> socket is found, the plugin will
+use it instead of <code>dccproc</code>.</p>
+</dd>
+<dt><strong><a name="dcc_path" class="item">dcc_path STRING</a></strong></dt>
+
+<dd>
+<p>This option tells SpamAssassin specifically where to find the <code>dccproc</code>
+client instead of relying on SpamAssassin to find it in the current PATH.
+Note that if <em>taint mode</em> is enabled in the Perl interpreter, you should
+use this, as the current PATH will have been cleared.</p>
+</dd>
+<dt><strong><a name="dcc_options_options" class="item">dcc_options options</a></strong></dt>
+
+<dd>
+<p>Specify additional options to the <code>dccproc(8)</code> command. Please note that only
+characters in the range [0-9A-Za-z ,._/-] are allowed for security reasons.</p>
+<p>The default is <code>undef</code>.</p>
+</dd>
+<dt><strong><a name="dccifd_options_options" class="item">dccifd_options options</a></strong></dt>
+
+<dd>
+<p>Specify additional options to send to the <code>dccifd(8)</code> daemon. Please note that only
+characters in the range [0-9A-Za-z ,._/-] are allowed for security reasons.</p>
+<p>The default is <code>undef</code>.</p>
+</dd>
+</dl>
+
+</body>
+
+</html>

Added: spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_DCC.txt
URL: http://svn.apache.org/viewvc/spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_DCC.txt?rev=1138284&view=auto
==============================================================================
--- spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_DCC.txt (added)
+++ spamassassin/site/full/3.3.x/doc/Mail_SpamAssassin_Plugin_DCC.txt Wed Jun 22 02:39:31 2011
@@ -0,0 +1,106 @@
+NAME
+    Mail::SpamAssassin::Plugin::DCC - perform DCC check of messages
+
+SYNOPSIS
+      loadplugin     Mail::SpamAssassin::Plugin::DCC
+
+      full DCC_CHECK        eval:check_dcc()
+      full DCC_CHECK_50_79  eval:check_dcc_reputation_range('50','79')
+
+DESCRIPTION
+    The DCC or Distributed Checksum Clearinghouse is a system of servers
+    collecting and counting checksums of millions of mail messages.
+    TheSpamAssassin.pm counts can be used by SpamAssassin to detect and
+    reject or filter spam.
+
+    Because simplistic checksums of spam can be easily defeated, the main
+    DCC checksums are fuzzy and ignore aspects of messages. The fuzzy
+    checksums are changed as spam evolves.
+
+    Note that DCC is disabled by default in "init.pre" because it is not
+    open source. See the DCC license for more details.
+
+    See http://www.rhyolite.com/anti-spam/dcc/ for more information about
+    DCC.
+
+TAGS
+    The following tags are added to the set, available for use in reports,
+    header fields, other plugins, etc.:
+
+      _DCCB_    DCC server ID in a response
+      _DCCR_    response from DCC - header field body in X-DCC-*-Metrics
+      _DCCREP_  response from DCC - DCC reputation in percents (0..100)
+
+    Tag _DCCREP_ provides a nonempty value only with commercial DCC systems.
+    This is the percentage of spam vs. ham sent from the first untrusted
+    relay.
+
+USER OPTIONS
+    use_dcc (0|1) (default: 1)
+        Whether to use DCC, if it is available.
+
+    dcc_body_max NUMBER
+    dcc_fuz1_max NUMBER
+    dcc_fuz2_max NUMBER
+        This option sets how often a message's body/fuz1/fuz2 checksum must
+        have been reported to the DCC server before SpamAssassin will
+        consider the DCC check as matched.
+
+        As nearly all DCC clients are auto-reporting these checksums, you
+        should set this to a relatively high value, e.g. 999999 (this is
+        DCC's MANY count).
+
+        The default is 999999 for all these options.
+
+    dcc_rep_percent NUMBER
+        Only commercial DCC systems provide DCC reputation information. This
+        is the percentage of spam vs. ham sent from the first untrusted
+        relay. It will hit on new spam from spam sources. Default is 90.
+
+ADMINISTRATOR OPTIONS
+    dcc_timeout n (default: 8)
+        How many seconds you wait for DCC to complete, before scanning
+        continues without the DCC results.
+
+    dcc_home STRING
+        This option tells SpamAssassin where to find the dcc homedir. If not
+        given, it will try to get dcc to specify one, and if that fails it
+        will try dcc's own default homedir of '/var/dcc'. If "dcc_path" is
+        not specified, it will default to looking in "dcc_home/bin" for dcc
+        client instead of relying on SpamAssassin to find it in the current
+        PATH. If it isn't found there, it will look in the current PATH. If
+        a "dccifd" socket is found in "dcc_home" or specified explicitly, it
+        will use that interface instead of "dccproc".
+
+    dcc_dccifd_path STRING
+        This option tells SpamAssassin where to find the dccifd socket. If
+        "dcc_dccifd_path" is not specified, it will default to looking for a
+        socket named "dccifd" in a directory "dcc_home". The
+        "dcc_dccifd_path" can be a Unix socket name (absolute path), or an
+        INET socket specification in a form "[host]:port" or "host:port",
+        where a host can be an IPv4 or IPv6 address or a host name, and port
+        is a TCP port number. In case of an IPv6 address the brackets are
+        required syntax. If a "dccifd" socket is found, the plugin will use
+        it instead of "dccproc".
+
+    dcc_path STRING
+        This option tells SpamAssassin specifically where to find the
+        "dccproc" client instead of relying on SpamAssassin to find it in
+        the current PATH. Note that if *taint mode* is enabled in the Perl
+        interpreter, you should use this, as the current PATH will have been
+        cleared.
+
+    dcc_options options
+        Specify additional options to the dccproc(8) command. Please note
+        that only characters in the range [0-9A-Za-z ,._/-] are allowed for
+        security reasons.
+
+        The default is "undef".
+
+    dccifd_options options
+        Specify additional options to send to the dccifd(8) daemon. Please
+        note that only characters in the range [0-9A-Za-z ,._/-] are allowed
+        for security reasons.
+
+        The default is "undef".
+



Mime
View raw message