1# SB4.RC 2# 3# Called by sb3.rc if Virus checks/Dangerous checks don't 4# designate something as too dangerous to risk. This script 5# level contains the built-in and user-configurable whitelists 6# and the user-configurable ALWAYSBLOCK blocklist. 7# 8# Last Updated: 3/20/2017 9 10# CHECK FOR LEGITIMATE MAILING LISTS 11 12LOCALTAG=no 13 14# Filter out user's opt-in mailing lists 15 16:0 17* ? ${TEST} -f ${LEGITLISTS} 18{ 19 :0 20 * ? ${FORMAIL} -zxCc: \ 21 -zxDelivered-To: \ 22 -zxFrom: \ 23 -zxList-ID: \ 24 -zxList-Post: \ 25 -zxList-Unsubscribe: \ 26 -zxMailing-List: \ 27 -zxResent-By: \ 28 -zxResent-From: \ 29 -zxResent-Sender: \ 30 -zxResent-To: \ 31 -zxReply-To: \ 32 -zxSender: \ 33 -zxTo: \ 34 -zxX-Apparently-To: \ 35 -zxX-BeenThere: \ 36 -zxX-List: \ 37 -zxX-Mailing-List: \ 38 | ${GREP} -i -f ${LEGITLISTS} 39 { 40 BULKTAG=yes 41 LOCALTAG=yes 42 SBLOGFLAGS="ALWAYS 1 PASS" 43 SBLOG="Legitimate Mailing List" 44 INCLUDERC=${SBDIR}/functions/loglevel.rc 45 46 :0 47 * SBCONFIG ?? ^Debug$ 48 { LOCALTAG=no } 49 } 50} 51 52# Start of "else" wrapper so Legitimate Mailing List matches 53# skip everything else. 54# 55:0 56* LOCALTAG ?? ^no$ 57{ 58 59# THE NOBOUNCE FILE 60 61# This is a whitelist of email addresses that you want to receive 62# email from. 63 64LOCALTAG=no 65 66:0 67* ? ${TEST} -f ${NOBOUNCE} 68{ 69 :0 70 * ! FROMEMAIL ?? ^noemail@example.com$ 71 * ? ${GREP} -i -x "${FROMEMAIL}" ${NOBOUNCE} 72 { LOCALTAG=yes } 73 74 :0 75 * ! LOCALTAG ?? yes 76 * ! REPLYTOEMAIL ?? ^noemail@example.com$ 77 * $ ! REPLYTOEMAIL ?? ^${FROMEMAIL}$ 78 * ? ${GREP} -i -x "${REPLYTOEMAIL}" ${NOBOUNCE} 79 { LOCALTAG=yes } 80 81 :0 82 * ! LOCALTAG ?? yes 83 * ! FROMDOMAIN ?? ^example.com$ 84 * ? ${GREP} -i -x "${FROMDOMAIN}" ${NOBOUNCE} 85 { LOCALTAG=yes } 86 87 :0 88 * ! LOCALTAG ?? yes 89 * ! FROMDOMAIN ?? ^example.com$ 90 * $ ! REPLYTODOMAIN ?? ^${FROMDOMAIN}$ 91 * ? ${GREP} -i -x "${REPLYTODOMAIN}" ${NOBOUNCE} 92 { LOCALTAG=yes } 93 94 :0 95 * ! LOCALTAG ?? yes 96 * ! FROMHOST ?? ^host.example.com$ 97 * $ ! FROMHOST ?? ^${FROMDOMAIN}$ 98 * ? ${GREP} -i -x "${FROMHOST}" ${NOBOUNCE} 99 { LOCALTAG=yes } 100 101 :0 102 * ! LOCALTAG ?? yes 103 * ! REPLYTOHOST ?? ^host.example.com$ 104 * $ ! REPLYTOHOST ?? ^${REPLYTODOMAIN}$ 105 * $ ! REPLYTOHOST ?? ^${FROMHOST}$ 106 * $ ! REPLYTOHOST ?? ^${FROMDOMAIN}$ 107 * ? ${GREP} -i -x "${REPLYTOHOST}" ${NOBOUNCE} 108 { LOCALTAG=yes } 109 110 :0 111 * ! LOCALTAG ?? yes 112 * ! FROMLOGON ?? ^noemail$ 113 * ? ${GREP} -i -x "${FROMLOGON}" ${NOBOUNCE} 114 { LOCALTAG=yes } 115 116 :0 117 * ! LOCALTAG ?? yes 118 * ! REPLYTOLOGON ?? ^noemail$ 119 * $ ! REPLYTOLOGON ?? ^${FROMLOGON}$ 120 * ? ${GREP} -i -x "${REPLYTOLOGON}" ${NOBOUNCE} 121 { LOCALTAG=yes } 122 123 :0 124 * LOCALTAG ?? ^yes$ 125 { 126 SBLOGFLAGS="ALWAYS 1 PASS" 127 SBLOG="NoBounce" 128 INCLUDERC=${SBDIR}/functions/loglevel.rc 129 130 :0 131 * SBCONFIG ?? ^Debug$ 132 { LOCALTAG=no } 133 } 134} 135 136 137# Start of "else" wrapper so NoBounce matches skip everything else 138:0 139* LOCALTAG ?? ^no$ 140{ 141 142# GLOBALNOBOUNCE system nobounce file processing 143 144# This is identical to the other NOBOUNCE file, except that a 145# system administrator maintains it for all users on the 146# system. 147 148LOCALTAG=no 149 150:0 151* ? ${TEST} -f ${GLOBALNOBOUNCE} 152{ 153 :0 154 * ! FROMEMAIL ?? ^noemail@example\.com$ 155 * ? ${GREP} -i -x "${FROMEMAIL}" ${GLOBALNOBOUNCE} 156 { LOCALTAG=yes } 157 158 :0 159 * ! LOCALTAG ?? ^yes$ 160 * ! REPLYTOEMAIL ?? ^noemail@example\.com$ 161 * $ ! REPLYTOEMAIL ?? ^${FROMEMAIL}$ 162 * ? ${GREP} -i -x "${REPLYTOEMAIL}" ${GLOBALNOBOUNCE} 163 { LOCALTAG=yes } 164 165 :0 166 * ! LOCALTAG ?? ^yes$ 167 * ! FROMDOMAIN ?? ^example.com$ 168 * ? ${GREP} -i -x "${FROMDOMAIN}" ${GLOBALNOBOUNCE} 169 { LOCALTAG=yes } 170 171 :0 172 * ! LOCALTAG ?? ^yes$ 173 * ! REPLYTODOMAIN ?? ^example.com$ 174 * $ ! REPLYTODOMAIN ?? ^${FROMDOMAIN}$ 175 * ? ${GREP} -i -x "${REPLYTODOMAIN}" ${GLOBALNOBOUNCE} 176 { LOCALTAG=yes } 177 178 :0 179 * ! LOCALTAG ?? ^yes$ 180 * ! FROMHOST ?? ^host.example.com$ 181 * $ ! FROMHOST ?? ^${FROMDOMAIN}$ 182 * ? ${GREP} -i -x "${FROMHOST}" ${GLOBALNOBOUNCE} 183 { LOCALTAG=yes } 184 185 :0 186 * ! LOCALTAG ?? ^yes$ 187 * ! REPLYTOHOST ?? ^host.example.com$ 188 * $ ! REPLYTOHOST ?? ^${REPLYTODOMAIN}$ 189 * $ ! REPLYTOHOST ?? ^${FROMHOST}$ 190 * $ ! REPLYTOHOST ?? ^${FROMDOMAIN}$ 191 * ? ${GREP} -i -x "${REPLYTOHOST}" ${GLOBALNOBOUNCE} 192 { LOCALTAG=yes } 193 194 :0 195 * ! LOCALTAG ?? ^yes$ 196 * ! FROMLOGON ?? ^noemail$ 197 * ? ${GREP} -i -x "${FROMLOGON}" ${GLOBALNOBOUNCE} 198 { LOCALTAG=yes } 199 200 :0 201 * ! LOCALTAG ?? ^yes$ 202 * ! REPLYTOLOGON ?? ^noemail$ 203 * $ ! REPLYTOLOGON ?? ^${FROMLOGON}$ 204 * ? ${GREP} -i -x "${REPLYTOLOGON}" ${GLOBALNOBOUNCE} 205 { LOCALTAG=yes } 206 207 :0 208 * LOCALTAG ?? ^yes$ 209 { 210 SBLOGFLAGS="ALWAYS 1 PASS" 211 SBLOG="GlobalNoBounce" 212 INCLUDERC=${SBDIR}/functions/loglevel.rc 213 214 :0 215 * SBCONFIG ?? ^Debug$ 216 { LOCALTAG=no } 217 } 218} 219 220# Start of "else" wrapper so GlobalNoBounce matches skip everything else 221:0 222* LOCALTAG ?? ^no$ 223{ 224 225# ALWAYSBLOCK private block list file processing 226 227# This is the opposite of your NOBOUNCE file -- email from any 228# email address or domain that appears in this file will always 229# be put in your BLOCKFOLDER. Since these senders are presumably 230# known spammers or people you don't want to interact with, however, 231# no notices are sent for this blocked email. 232# 233# Email blocked by this file is not processed further by the 234# SpamBouncer, as well. No other filtering is done on it. 235# 236# This is a DANGEROUS capability, and I am offering it with some 237# hesitation. Please be careful -- if you put a partial string 238# or domain in this file, you could block a lot of legitimate 239# email. 240 241LOCALTAG=no 242 243:0 244* ? ${TEST} -f ${ALWAYSBLOCK} 245{ 246 :0 247 * ! FROMEMAIL ?? ^noemail@example.com$ 248 * ? ${GREP} -i -x "${FROMEMAIL}" ${ALWAYSBLOCK} 249 { LOCALTAG=yes } 250 251 :0 252 * ! LOCALTAG ?? ^yes$ 253 * ! REPLYTOEMAIL ?? ^noemail@example.com$ 254 * $ ! REPLYTOEMAIL ?? ^${FROMEMAIL}$ 255 * ? ${GREP} -i -x "${REPLYTOEMAIL}" ${ALWAYSBLOCK} 256 { LOCALTAG=yes } 257 258 :0 259 * ! LOCALTAG ?? ^yes$ 260 * ! FROMDOMAIN ?? ^example.com$ 261 * ? ${GREP} -i -x "${FROMDOMAIN}" ${ALWAYSBLOCK} 262 { LOCALTAG=yes } 263 264 :0 265 * ! LOCALTAG ?? ^yes$ 266 * ! REPLYTODOMAIN ?? ^example.com$ 267 * $ ! REPLYTODOMAIN ?? ^${FROMDOMAIN}$ 268 * ? ${GREP} -i -x "${REPLYTODOMAIN}" ${ALWAYSBLOCK} 269 { LOCALTAG=yes } 270 271 :0 272 * ! LOCALTAG ?? ^yes$ 273 * ! FROMHOST ?? ^host.example.com$ 274 * $ ! FROMHOST ?? ^${FROMDOMAIN}$ 275 * ? ${GREP} -i -x "${FROMHOST}" ${ALWAYSBLOCK} 276 { LOCALTAG=yes } 277 278 :0 279 * ! LOCALTAG ?? ^yes$ 280 * ! REPLYTOHOST ?? ^host.example.com$ 281 * $ ! REPLYTOHOST ?? ^${REPLYTODOMAIN}$ 282 * $ ! REPLYTOHOST ?? ^${FROMHOST}$ 283 * $ ! REPLYTOHOST ?? ^${FROMDOMAIN}$ 284 * ? ${GREP} -i -x "${REPLYTOHOST}" ${ALWAYSBLOCK} 285 { LOCALTAG=yes } 286 287 :0 288 * ! LOCALTAG ?? ^yes$ 289 * ! FROMLOGON ?? ^noemail$ 290 * ? ${GREP} -i -x "${FROMLOGON}" ${ALWAYSBLOCK} 291 { LOCALTAG=yes } 292 293 :0 294 * ! LOCALTAG ?? ^yes$ 295 * ! REPLYTOLOGON ?? ^noemail$ 296 * $ ! REPLYTOLOGON ?? ^${FROMLOGON}$ 297 * ? ${GREP} -i -x "${REPLYTOLOGON}" ${ALWAYSBLOCK} 298 { LOCALTAG=yes } 299 300 :0 301 * LOCALTAG ?? ^yes$ 302 { 303 BLOCKTAG=yes 304 BLOCKREPLY=SILENT 305 306 SBLOGFLAGS="ALWAYS 1 STOP" 307 SBLOG="AlwaysBlock" 308 INCLUDERC=${SBDIR}/functions/loglevel.rc 309 310 :0 311 * SBCONFIG ?? ^(Analyze|Debug)$ 312 { LOCALTAG=no } 313 } 314} 315 316# Start of "else" wrapper so ALWAYSBLOCK matches skip everything else 317:0 318* LOCALTAG ?? ^no$ 319{ 320 321 322# WHITELISTS 323# 324# This section contains the whitelists the SpamBouncer supports. Whitelisted 325# email is not filtered further. 326# 327WHITELIST=no 328 329INCLUDERC=${SBDIR}/sb-whitelists.rc 330 331:0 332* SBCONFIG ?? ^(Analyze|Debug)$ 333{ WHITELIST=no } 334 335 336# Start of "else" wrapper so that WHITELIST matches skip everything else 337:0 338* WHITELIST ?? ^no$ 339{ 340 INCLUDERC=${SBDIR}/sb5.rc 341} 342# End of :0 E wrapper around WHITELIST 343 344} 345# End of :0 E wrapper around ALWAYSBLOCK 346 347} 348# End of :0 E wrapper around GLOBALNOBOUNCE 349 350} 351# End of :0 E wrapper around NOBOUNCE 352 353} 354# End of :0 E wrapper around LEGITLISTS 355