#!/usr/bin/perl # dnswl.org - Protect against false positives # # Sample configuration file for dnswl.org client scripts # All scripts may use this common configuration file, but # you are free to create different configurations for each # script. # # Copyright dnswl.org, Originally written by Matthias Leisi # Licensed under the GPL v2. # # $Id: dnswl.conf,v 1.4 2006/11/26 21:24:16 mleisi Exp $ # ######### # # General Settings # ######### # Set to 1 to enable debug output on called commands # Set to 0 for more quiet operation $debug = 1; # Full path to rsync $rsync = '/usr/bin/rsync'; # Full path to wget $wget = '/usr/bin/wget'; # The base URL for rsync (without the actual filenames). # Use one of the mirrors if possible. $rsync_url = 'rsync1.dnswl.org::dnswl'; # # What address should rsync and rbldnsd bind to? # Use '0.0.0.0' to bind to whatever local address. $bind_address='0.0.0.0'; # # It is probably a good idea to use a directory # where only the user running these scripts has # access to. This will avoid potential security # issues where a malicious local user may do harm. # The files in this directory should remain # in there between subsequent calls of the scripts # in order to profit from rsync's bandwidth-saving # incremental transfer. However it's no disaster if # the files get deleted. #$tmpdir = "$ENV{'HOME'}/tmp/"; $tmpdir = "/var/cache/dnswl/"; # Verify authenticity of downloaded / rsynced # files? 0 - no, 1 - yes $pgp_verify = 1; # URL for the public key. PGP verify code will attempt to # download this key if it is not found. Note that this is # only a very crude import and not a full key management. # You can (and probably should) download and verify this # key manually and then import it into the keyring of the # user(s) the scripts will run under. $pgp_keyurl = 'http://www.dnswl.org/pubkey.asc'; # Fingerprint and key Id of the PGP public key. Always # required for PGP verification. $pgp_fingerprint = '66A3 897E 0897 344C 2793 AE83 F62F 25DD 1B4A 29A2'; $pgp_keyid = '1B4A29A2'; # Full path to the GnuPG binary $pgp = '/usr/bin/gpg'; ######### # # rbldnsd Settings # ######### # # The base directory for all rbldnsd-related things. $rbldnsd_base = '/var/lib/rbldnsd/'; $rbldnsd_datadir = $rbldnsd_base . '/dnswl/'; $rbldnsd_filename = 'rbldnsd-dnswl'; ######### # # Postfix Settings # ######### # # The base directory for Postfix configuration $postfix_dir = '/etc/postfix'; # REQUIRED: What to download. 0 or 1. $postfix_getheader = 1; $postfix_getpermit = 1; # The name of the header file. Should not change. $headerfile = 'postfix-dnswl-header'; # The name of the permit file. Should not change. $permitfile = 'postfix-dnswl-permit'; # REQUIRED: How do you want to call the Whitelisting Header? # Use something like 'X-WL-YourName', obviously replacing # YourName with your name :) $whitelistheader = 'X-I_Did_Not_Change_It'; # OPTIONAL: Action other than 'permit_auth_destination' # Make sure to not bypass virus scanning! # Leave empty ('') for no replacement. #$permitaction = 'FILTER local:$myhostname'; $permitaction = ''; # RECOMMENDED: Regex of which lines to use for the # permit action. Based on *original* # line, ie before $permitaction is # substituted. Use '.' as a regex to # include *all* lines. #$permitregex = 'permit_auth_destination (med|hi)'; $permitregex = '.'; # To make require happy: 1; # EOF