Skip to main content

Configuration Details

Last updated March 2020

Each configuration option is a Lua table. This section describes these tables and their elements.


You may wish to whitelist IP addresses that will not be subjected to the policy in question. When whitelist support is enabled, each default policy can optionally honor one or more whitelists.

Whitelists can be text files or datasources. For instructions on how to create datasources see ds_core Module.

Find below the sample excerpt included in the dp_config.lua file.

msys.dp_config.whitelist = {
    name = "global",
    type = "rbldnsd",
    refresh = 1800,
    source = "/opt/msys/ecelerity/etc/whitelist.txt",
    record_type = "TXT",
    default_value = "",
    name = "global_datasource",
    type = "datasource",
    refresh = 1800,
    cachename = "sqlite",
    query = "SELECT 1 as val, cidr FROM whitelist",
    cidr_column = "cidr",
    value_column = "val",
    default_value = "",

The elements of this configuration option are as follows:


The name you wish to give to the whitelist. This name should be unique.

Throughout the configuration file the honor_whitelist element, supported by various configuration options, is assigned the name(s) given to a whitelist defined by this configuration option.


Define the type of whitelist. The legal values for this option are either datasource or rbldnsd. The other elements of this table vary depending upon the value of this element.

To create a datasource whitelist, you can define a database with a single table containing a single field. Populate this field with the desired domain names. For instructions on creating a datasource that references this database see ds_core Module.


How often to reload the rbldnsd or the datasource.

A recommended value for this option is 1800.


Define the path to the rbldnsd source file on disk. This option is only applicable when the type is rbldnsd.


Legal values for this option are either A or TXT. This option is only applicable when the type is rbldnsd.


This option is applicable to both rbldnsds and datasources and must always be "".


The name of a datasource as defined in the ecelerity.conf


Define the SELECT statement when the type is a datasource.


The name of the column in the table that contains the CIDR block. This is only applicable when the type is datasource.


The name of the column containing the value (the value is ignored for the purposes of the whitelist but something must be there).

This is only applicable when the type is datasource.

Custom Whitelists

Note that you can define custom policies to create your own whitelists (for example, based on something other than connecting IP, like envelope parameters). You may then use the Default Policy whitelist "honor" mechanism by setting the whitelist as follows:

msys.pbp.set_whitelist(vctx, "my_whitelist_name", true);

Then you may put "my_whitelist_name" as one of the "honor_whitelist" table entries if you wish a specific policy to honor that whitelist.

Was this page helpful?