antispam:network

Configure the spam filter network settings.

warden --task=antispam:network
Option
Value Default Description
--trusted_networks <string1,string2> What networks or hosts are "trusted" in your setup. Trusted in this case means that relay hosts on these networks are considered to not be potentially operated by spammers, open relays, or open proxies. A trusted host could conceivably relay spam, but will not originate it, and will not forge header data. DNS blacklist checks will never query for hosts on these networks.
--trusted_networks_add <string> Add a single entry to trusted_networks.
--trusted_networks_del <string1> Remove a single entry from trusted_networks.
--internal_networks <string1,string2> What networks or hosts are "internal" in your setup. Internal means that relay hosts on these networks are considered to be MXes for your domain(s), or internal relays. This uses the same syntax as trusted_networks, above - see there for details.
--internal_networks <string> Add a single entry to internal_networks.
--internal_networks <string1> Remove a single entry from internal_networks.
--originating_ip_headers <string1,string2> A list of header field names from which an originating IP address can be obtained. For example, webmail servers may record a client IP address in X-Originating-IP. These IP addresses are virtually appended into the Received: chain, so they are used in RBL checks where appropriate.
--originating_ip_headers_add <string> A list of header field names from which an originating IP address can be obtained. For example, webmail servers may record a client IP address in X-Originating-IP. These IP addresses are virtually appended into the Received: chain, so they are used in RBL checks where appropriate.
--originating_ip_headers_add <string> A list of header field names from which an originating IP address can be obtained. For example, webmail servers may record a client IP address in X-Originating-IP. These IP addresses are virtually appended into the Received: chain, so they are used in RBL checks where appropriate.
--dns_available <1|0> 1 Tells SpamAssassin whether DNS resolving is available or not. A value yes indicates DNS resolving is available, a value no indicates DNS resolving is not available - both of these values apply unconditionally and skip initial DNS tests, which can be slow or unreliable.
--dns_server <string1,string2> Specifies an IP address of a DNS server, and optionally its port number. The ip-addr-port port argument can either be an IPv4 or IPv6 address, optionally enclosed in brackets, and optionally followed by a colon and a port number. In absence of a port number a standard port number 53 is assumed. When an IPv6 address is specified along with a port number, the address must be enclosed in brackets to avoid parsing ambiguity regarding a colon separator.
--dns_server_add <string> Specifies an IP address of a DNS server, and optionally its port number. The ip-addr-port port argument can either be an IPv4 or IPv6 address, optionally enclosed in brackets, and optionally followed by a colon and a port number. In absence of a port number a standard port number 53 is assumed. When an IPv6 address is specified along with a port number, the address must be enclosed in brackets to avoid parsing ambiguity regarding a colon separator.
--dns_server_addr <string> Specifies an IP address of a DNS server, and optionally its port number. The ip-addr-port port argument can either be an IPv4 or IPv6 address, optionally enclosed in brackets, and optionally followed by a colon and a port number. In absence of a port number a standard port number 53 is assumed. When an IPv6 address is specified along with a port number, the address must be enclosed in brackets to avoid parsing ambiguity regarding a colon separator.
--skip_rbl_checks <1|0> 0 Turning on the skip_rbl_checks setting will disable the DNSEval plugin, which implements Real-time Block List (or: Blackhole List) (RBL) lookups. By default, SpamAssassin will run RBL checks. Individual blocklists may be disabled selectively by setting a score of a corresponding rule to 0.
--rbl_timeout <digit> 15 All DNS queries are made at the beginning of a check and we try to read the results at the end. This value specifies the maximum period of time (in seconds) to wait for a DNS query. If most of the DNS queries have succeeded for a particular message, then SpamAssassin will not wait for the full period to avoid wasting time on unresponsive server(s), but will shrink the timeout according to a percentage of queries already completed. As the number of queries remaining approaches 0, the timeout value will gradually approach a t_min value, which is an optional second parameter and defaults to 0.2 * t. If t is smaller than t_min, the initial timeout is set to t_min.
--default <yes> Reset all settings to their default values.
--default_option <option> Reset a specific setting to its default value.
--reload <yes> Reload the service after saving settings.

Examples

// set the rbl timeout
warden --task=antispam:network --rbl_timeout=5 --reload=yes

// reset trusted_networks to its default value
warden --task=antispam:network --default_option=trusted_networks --reload=yes

// reset all settings to their default values
warden --task=antispam:network --default=yes --reload=yes