List of protocols to load, one per line:
protocols=<<EOT Postfix Bizanga EOT
List of modules to load, one per line:
modules=<<EOT Core AccessControl Accounting Amavis CheckHelo CheckSPF Greylisting Quotas EOT
User to become after starting up:
user=root
Group to become after starting up:
group=admins
Filename to store pid of parent process:
#pid_file=/var/run/policyd/policyd.pid
Filename to store cache:
cache_file=/var/run/cbpolicyd/cache
Prevent cbpolicyd from going into the background:
background=no
One may want to use the following as a rough guidelineā¦
min_servers=4 min_spare_servers=4 max_spare_servers=12 max_servers=25 max_requests=1000
Specify the level of logging to use when policyd is running:
log_level=2
Logging levels:
File to log to instead of STDOUT:
log_file=/var/log/cbpolicyd.log
Log destination for mail logs:
log_mail=facility@method,args
Valid methods for syslog:
Example: unix native
log_mail=mail@syslog:native
Example: unix socket
log_mail=mail@syslog:unix
Example: udp
log_mail=mail@syslog:udp,127.0.0.1
Example: Solaris
log_mail=local0@syslog:stream,/dev/log
Default:
log_mail=maillog
Things to log in extreme detail:
There is no default for this configuration option. Options can be separated by commas:
log_detail=modules,tracking,policies,protocols
Protocol to use "tcp" or "unix", defaults to "tcp":
proto=tcp
IP to listen on, * for all. Blank for unix sockets. Defaults to *:
host=*
Port to run on, in the case of a unix socket it would be the path. Defaults to 10031:
port=10031 port=/var/run/cbpolicyd/policyd.sock
Time out in communication with clients:
timeout_idle=1015
timeout_busy=115
Comma, whitespace or semi-colon separated. Contains a CIDR block to compare the clients IP to. If cidr_allow or cidr_deny options are given, the incoming client must match a cidr_allow and not match a cidr_deny otherwise the client connection will be closed.
cidr_allow=0.0.0.0/0 cidr_deny=
Database access details:
#DSN=DBI:SQLite:dbname=policyd.sqlite DSN=DBI:mysql:database=policyd;host=localhost #Username=root #Password=
What to do when there is a database connection problem:
# tempfail - Return temporary failure # pass - Return success bypass_mode=tempfail
How many seconds before retrying a DB connection:
bypass_timeout=30
Table prefix to use, be sure to generate the schema with the table prefix aswell!
#table_prefix=example
The defaults are listed below.
Access Control module:
[AccessControl] enable=1
Accounting module:
[Accounting] enable=1
Amavis module:
[Amavis] enable=0 # Disabled by default
CheckHelo module:
[CheckHelo] enable=1
CheckSPF module:
[CheckSPF] enable=1
Greylisting module:
[Greylisting] enable=1 #training_mode=1 #defer_message=Greylisting in effect, please come back later #blacklist_message=Greylisting in effect, sending server blacklisted
Quotas module:
[Quotas] enable=1