This section lists the configuration parameters supported in wgnmilter.conf.
Note: These parameters are not case-sensitive.
Defaults to 0 (zero). This parameter turns integration on or off. Set this parameter to:
0 to turn off integration. This disables the Milter MTA agent, so that emails are allowed to transit through Sendmail or Postfix without intervention from CA DataMinder.
1 to turn on CA DataMinder integration with Sendmail or Postfix.
This mandatory parameter specifies the socket that the Milter MTA agent uses to communicate with the Sendmail or Postfix server.
Important! This parameter must match the socket specified in sendmail.mc.
This parameter can specify a local socket or an Internet socket. Specify a local socket if you are installing the Milter MTA agent directly onto the Sendmail or Postfix server. Specify an Internet socket if you are installing the Milter MTA agent on a separate Linux machine.
local:/opt/milt/wgnmilter.sock
inet:CA Portal@<Agent host server>
For Internet sockets, the specified CA Portal number must not be used by another application. You can identify the Milter MTA agent host server by IP address or name (such as milter.my.com). For example:
inet:8600@milter.my.com
This mandatory parameter specifies the IP address of the machine hosting the Socket API. It corresponds to installation step 7 of Install the Milter MTA agent.
This mandatory parameter specifies the port number for the listening port on the Socket API host machine. It corresponds to installation step 8 of Install the Milter MTA agent.
This optional parameter specifies the IP address of the machine hosting the secondary Socket API. It corresponds to installation step 9 of Install the Milter MTA agent.
This optional parameter specifies the port number for the listening port on the machine hosting the secondary Socket API. It corresponds to installation step 9 of Install the Milter MTA agent.
This parameter can be set to Delete, Allow, or Mark. It defaults to Allow. It specifies how the Milter MTA agent handles event failures. If set to:
Email failures can occur when:
Defaults to 5. This parameter determines the logging level for email processing. Log messages are written to syslog. For example, you can configure the Milter MTA agent to only log alerts and emergency messages—but see the note below. The supported logging levels are:
0 Emergency
1 Alert
2 Critical
3 Errors
4 Warnings
5 Notices
6 Information
7 Debug
Note: Logging levels are cumulative so, for example, logging level 2 causes critical messages, alerts and emergency messages to be written to syslog.
This locates the folder where diagnostic files are written to. For example, set this parameter to:
diagnostic-folder=/opt/WgnMilter/diag
Be aware that if this parameter (diagnostic-folder) is not set, no diagnostic files are created, even if create-eml is set (see below).
Defaults to 0. This parameter is provided for diagnostic purposes. It specifies whether to create diagnostic files containing the emails and associated data for emails processed by the Milter MTA agent.
These diagnostic files comprise an EML file, containing the ‘raw’ MIME content of the email, and an SMTP file, containing the sender and recipient details. Any diagnostic files created are saved in the diagnostic-folder (see above).
If create-eml is set to:
0, diagnostic files are never created.
1, diagnostic files are always created for each e‑mail processed by the Milter MTA agent.
2, diagnostic files are only created on error. For example, this can happen if an event times out while waiting to be processed by a policy engine.
Defaults to 600; the minimum permitted value is 15. This parameter specifies the maximum processing time (in seconds) for each email.
This timeout covers the period from when an email is first received by the Milter MTA agent until the results of policy processing are returned to Sendmail or Postfix.
To ensure that Sendmail does not resubmit e‑mails unnecessarily to the Milter MTA agent, this parameter must specify a timeout shorter than the 'E' timeout specified in sendmail.mc.
Defaults to *. This value specifies a comma separated list of SMTP addresses for the Milter MTA agent to filter against. For example, if you only want to monitor emails sent from the unipraxis.com domain, you need only set this value to ‘unipraxis’. By default, the Milter MTA agent monitors all emails passing through Sendmail or Postfix.
If the sender’s email address does not match any item in this list, the Milter MTA agent disregards the email and allows the email to transit through Sendmail or Postfix without intervention.
Similarly, if you want to test that integration with Sendmail or Postfix is working correctly before you go live, you can specify the full address of a test user. This ensures that if there is problem with the integration, no other users will be affected.
Note that * and ? wildcards are supported. A * wildcard will match any sequence of zero or more digits, letters or punctuation characters. For example, a *unipraxis* filter will match spencer@sales.unipraxis.com. A ? wildcard will match any digit, letter or punctuation character, for example, spen?er matches Spencer or Spenser.
Defaults to empty, but see ‘Updating an empty list’ below. This parameter specifies a list of DNS domains that you want to be considered as a single enterprise. It is typically used in conjunction with smtp-dns-hostname (see below). Its purpose is to simplify the method for ensuring that emails are not reprocessed needlessly by consecutive CA DataMinder server agents.
Note: Values in this list can only contain ASCII characters, without spaces or control characters (for example, tab spaces).
How does this work? The local Milter MTA agent assumes each of the domains listed in enterprise-dns-list has its own CA DataMinder agent (that is, an Exchange or Domino server agent, or a Milter MTA agent), and that any email arriving from a listed domain has already been processed by CA DataMinder and does not need reprocessing.
In technical terms, when a remote Milter MTA agent processes an email, it writes the DNS domain of the Sendmail or Postfix server to the email’s MIME tag. Or, if the smtp-dns-hostname parameter has been configured, this DNS domain is written to the MIME tag instead.
When the local Milter MTA agent receives this e‑mail, it checks the MIME tag. If the source domain matches a domain in enterprise-dns-list, the server agent does not reprocess the email.
Updating an empty list
While this list is empty, the DNS domain of the local Sendmail or Postfix server is implied. That is, the local Milter MTA agent does not reprocess e‑mails arriving from this domain.
Note: For examples of how the equivalent registry value is used for the Exchange or Domino server agent.
Defaults to empty. This parameter is always used in conjunction with enterprise-dns-list (see above). Its purpose is to simplify the method for ensuring that emails are not reprocessed needlessly by consecutive Milter MTA agents.
Note: This parameter must be set to a valid DNS name that complies with RFC naming conventions.
smtp-dns-hostname specifies a single DNS domain that is written to the email’s MIME tag after it has been processed by the local Milter MTA agent. If set, this parameter overrides the DNS domain of the Sendmail or Postfix server in the MIME tag.
To use this parameter as intended, you need to set smtp-dns-hostname to the same DNS domain (for example, UNIPRAXIS.COM) for all your Milter MTA agents. You can optionally include this domain in the enterprise-dns-list domain list. Now, when any Milter MTA agent receives an e‑mail tagged as coming from UNIPRAXIS.COM, it knows that policy has already been applied to the email and so does not reprocess it.
Note: For examples of how the equivalent registry value is used for the Exchange or Domino server agent.
|
Copyright © 2014 CA.
All rights reserved.
|
|