eleven – Module
The eleven
module implements the spam filter and e-mail categorization service available from http://www.eleven.de/. If you intend to use this module be sure to choose it during installation. For more information see “Installing Additional Packages”.
Note
As of version 3.2, this module is available on Solaris (AMD64/SPARCV9). Prior to this, it was only available on Linux.
As of verion 3.5, this module is no longer available on Solaris (AMD64/SPARCV9) nor is it available for Red Hat 6.
Momentum version 3.3 uses version 3.2.0
of Eleven eXpurgate.
Find a typical configuration below:
eleven {
enabled = false
work_dir = "/var/tmp"
update_period = 3600
license = "/usr/local/eleven/etc/client.key"
enable_antivir = true
servers = ( "foo.example.com:55555:1" "bar.example.com:12345:2" )
}
**Configuration Change. ** This feature is available starting from Momentum 3.1.
The configuration options for the eleven module are as follows:
- enable_antivir
-
This option enables the Avira SAVAPI-based virus detection. Note: The minor results
virus
andoutbreak
are only returned if this option is set totrue
. The default value for this option isfalse
. - license
-
The absolute path to the user's license. The default value for this option is
/usr/local/eleven/etc/client.key
. - servers
-
Use this option to specify additional update servers. Each server is specified as
host:port:priority
. The trailing port and priority fields are optional and, if omitted, default to 55555 (the default port for eleven updates) and 5 respectively. Priority decreases as the numerical value increases with0
being the highest possible priority. - update_period
-
How often to poll for updates. The default value is
3600
seconds, one hour. If this value is set to0
, updates are disabled. - work_dir
-
The location of temporary files created by this module. The default value for this option is
/var/tmp
.
As with other Validation modules, eleven may be loaded in passive mode which means that inbound messages will not be virus scanned unless you explicitly call a policy script such as msys.expurgate.scan or the eleven_scan
Sieve action.
In order to enforce policy using scripts, this module must be loaded in passive mode. For more information about loading a module in passive mode see Modules.
This module makes the Lua function msys.expurgate.scan
available. For a description of how this function is used see msys.expurgate.scan.
When you have loaded this module in passive mode use the eleven_scan Sieve action to trigger a scan in the data phase. Otherwise the scan triggers automatically in the data phase.
Both Lua and Sieve create a string representation of the major score value. These functions annotate the validation context with the following values:
-
eleven-majorscore – the numeric classification of the scan
-
eleven-minorscore – the numeric minor classification
-
eleven-result – the string representation corresponding to the eleven-majorscore number
-
eleven-result-subtype – the string representation corresponding to the eleven-minorscore number
If an error occurs, eleven-majorscore
is set to "error" and eleven-minorscore
holds the error message. The same applies to eleven-result
and eleven-result-subtype
; if an error occurs eleven-result
is set to "error" and eleven-result-subtype
is set to the error message.
Otherwise, the major score is set to the numeric major classification and the major result is set to a string version of that classification number. Its value will be one of the following:
-
clean
-
suspect
-
spam
-
bulk
-
dangerous
-
unknown
The minor score is set to the numeric minor classification, and the minor result is set to the string representation corresponding to the eleven-minorscore number. Its value will be one of the following:
-
normal
-
empty
-
empty-body
-
almost-empty
-
bounce
-
advertisement
-
porn
-
virus
-
attachment
-
code
-
iframe
-
outbreak
-
url
-
url-count
-
mail-count
-
sender
Note: The minor results virus
and outbreak
are only returned if the enable_antivir
option is set to true
.