>SERVER_BIND_ADDR="0.0.0.0"
>SERVER_BIND_PORT="783"
>SERVER_MAX_SESSIONS="64"
>SERVER_TIMEOUT_SECONDS="30"
>SPAMD_VERSION="1.1"
>SPAM_SUBJECT_PREFIX=""***SPAM***""
>SPAM_SUBJECT_PREFIX_ENABLED="yes"
>CE_SUBJECT_PREFIX=""***ADS***";"
>CE_SUBJECT_PREFIX_ENABLED="no"
>SET_SPAM_FLAG_FOR_CE="no"
>SPAM_STATE_STRINGIFY="no"
>LISTUNSUBSCRIBE_HEADER_NAME="X-List-Unsubscribe"
>INCLUDE_UNSUBSCRIBE_IN_REPORT="no"
>SCAN_THREAD_COUNT="64"
>SCAN_THREAD_HARD_DISPATCH="no"
>LOG_FACILITY="2"
>LOG_SCAN_FACILITY="2"
>LOG_SCAN_DETAILS="2"
>VR_SPAM_OPTION_CHECK_VIRUS="yes"
>VR_SPAM_OPTION_CHECK_DELIVERY="yes"
>VR_SPAM_OPTION_ALLOW_RUSSIAN="yes"
>VR_SPAM_OPTION_ALLOW_CJK="yes"
>VR_SPAM_OPTION_FORBID_LATIN="no"
>VR_SPAM_OPTION_FAST_STOP_SCORE="300"
>VR_SPAM_OPTION_FULL_CHECK="no"
>VR_SPAM_OPTION_CHECK_COMMERCIAL="yes"
>VR_SPAM_OPTION_CHECK_SUSPECT="no"
>VR_SPAM_OPTION_CHECK_SOCIALNETWORK="yes"
>WATCHDOG_THREAD_ENABLED="no"
>WATCHDOG_THREAD_MAX_OVERLOAD_SECONDS="10"
>WATCHDOG_THREAD_WAKEUP_SIGNAL="10"
>WATCHDOG_LAUNCH_COUNT="5"
>WATCHDOG_SUCCESS_SECONDS="20"
>WATCHDOG_KILL_SECONDS="20"
>WATCHDOG_ON_EVENT=""
>SPAM_STORAGE_PATH=""
>STATISTICS_ENABLED="no"
>STATISTICS_MINUTES="5"
>STATISTICS_PATH="/var/vaderetro/statistics/"
>STATISTICS_KEEP_DAYS="8"
>starting...

>create scan queue
>vaderetro engine created
>module, create speedup context (workdir = /var/vaderetro/patchs)
>module, speedup context created()
>/var/vaderetro/libvaderetro.so version Vade Retro 01.399.91#75 AS+AV+AP+RT Profile: ; Bailout: 300 loaded
>items: 400 (838400 bytes)
>scan queue, loading vaderetro module
>update thread started
>start cmd server
>items: 64 (801792 bytes)
>start,bind address = 0.0.0.0:783
>start,bind() failed (98)
>cmd server start failed
>deleting vaderetro engine
>stopping update thread
>update thread stopped
>release context for version Vade Retro 01.399.91#75 AS+AV+AP+RT Profile: ; Bailout: 300
>unload version Vade Retro 01.399.91#75 AS+AV+AP+RT Profile: ; Bailout: 300
>stopping...

# set absolute path
#SERVER_BIND_ADDR=/var/run/vrspamd_localsocket

# listening port(default is 783)
SERVER_BIND_PORT=783

# reply status with "like" spamd version, if omited, return 1.1
#SPAMD_VERSION=1.1

# thread pool
# number of threads (max=128), set 0 to run without thread.
SCAN_THREAD_COUNT = 4

#------------------------------------------------
# LOGGING
#------------------------------------------------

#+0.93:log scan result(default=2)
# 0 = do not log scan result
# 1 = only score & status
# 2 = score,status and cause while virus found
# 3 = all
#LOG_SCAN_DETAILS=1

#[LOG]
# syslog facility (default : LOG_LOCAL0) for daemon events
LOG_FACILITY=3

# syslog facility (default : LOG_LOCAL0) for vrscan/vrscans results
LOG_SCAN_FACILITY=2

#------------------------------------------------
# VADERETRO
#------------------------------------------------

# engines directory
VR_ENGINES_PATH=/var/vaderetro

# incremental file directory
VR_PATCHS_PATH=/var/vaderetro/patchs

# force virus analysis for vrscans command (default=0)
VR_SPAM_OPTION_CHECK_VIRUS=1

# check for SMTP non-delivery notifications (default=0), with spamstate = 3000
VR_SPAM_OPTION_CHECK_DELIVERY= 1

# do not call dogs in for Cyrillic (default=0)
VR_SPAM_OPTION_ALLOW_RUSSIAN=1

# do not call dogs in for Chinese/Japanese/Korean scripts, either code -paged or Unicode (default=0)
VR_SPAM_OPTION_ALLOW_CJK=1

# e.g. if *all* legit e-mail you get is in Russian or Japanese (default=0)
#VR_SPAM_OPTION_FORBID_LATIN=0

# allow ads detection
VR_SPAM_OPTION_CHECK_COMMERCIAL=1

# allow supect
VR_SPAM_OPTION_CHECK_SUSPECT=0

# allow social network
VR_SPAM_OPTION_CHECK_SOCIALNETWORK=1

# full scoring (for test only)
VR_SPAM_OPTION_FULL_CHECK=0

# fast stop score
VR_SPAM_OPTION_FAST_STOP_SCORE = 400

# BU profil
VR_SPAM_PROFILE=VRUnsubscribe

#------------------------------------------------
# POLICY
#------------------------------------------------

# insert prefix in subject if spam (default=***SPAM***)
SPAM_SUBJECT_PREFIX="[[SPAM]]

# disable prefix (default=yes)
SPAM_SUBJECT_PREFIX_ENABLED="yes"

# insert prefix in subject if ce (default=***Pub***)
CE_SUBJECT_PREFIX="[[SPAM]];

# disable prefix (default=yes)
CE_SUBJECT_PREFIX_ENABLED=no

# return PCE/MCE as a SPAM ( Spam: yes), for test only
SET_SPAM_FLAG_FOR_CE=no

use POSIX qw/strftime/;

my $mid = Exim::expand_string('$message_id');
my $subj = Exim::expand_string('$header_subject');
my $recp = Exim::expand_string('$recipients');
my $sender_address = Exim::expand_string('$sender_address');
my $local_datetime = strftime('%Y-%m-%d %H:%M:%S',localtime);
my $spam_rpt = Exim::expand_string('$spam_report');
my $m8 = Exim::expand_string('$acl_m8');
my $sender_ip = Exim::expand_string('$sender_host_address');
my $sender_host_name = Exim::expand_string('$sender_host_name');

my $reject_status =$m8;

if ($m8 eq 'yes') {
if( $sender_host_name =~ /(paypal.com|paypal.com.sg|gmail.com|ipay88.com.my )/ ) {
$reject_status = 'no';
}
}

$spam_rpt =~ s/\n/,/g;

open(USAGE, ">> /var/log/exim/mainlog");
print USAGE "$local_datetime $mid #REJECT : $reject_status #SENDER IP ADDRESS : $sender_ip #HOST : $sender_host_name #FROM : $sender_address #TO : $recp #SUBJECT : $subj\n";
print USAGE "$local_datetime $mid #SPAM_REPORT : $spam_rpt\n";
close(USAGE);

return $reject_status;

}

sub ips1_ip_whitelisted_check {

use POSIX qw/strftime/;

my $mid = Exim::expand_string('$message_id');
my $subj = Exim::expand_string('$header_subject');
my $recp = Exim::expand_string('$recipients');
my $sender_address = Exim::expand_string('$sender_address');
my $local_datetime = strftime('%Y-%m-%d %H:%M:%S',localtime);
my $spam_rpt = Exim::expand_string('$spam_report');
my $m8 = Exim::expand_string('$acl_m8');
my $sender_ip = Exim::expand_string('$sender_host_address');
my $sender_host_name = Exim::expand_string('$sender_host_name');

my $accept_this = 'no';

if( $sender_address =~ /(210.5.47.|183.81.162.|14.102.148.)/ ) {
$accept_this = 'yes';

open(USAGE, ">> /var/log/exim/mainlog");
print USAGE "$local_datetime $mid #WHITELISTED : $sender_ip #Host : $sender_host_name #FROM : $sender_address #TO : $recp #SUBJECT : $subj\n";
print USAGE "$local_datetime $mid #SPAM_REPORT : $spam_rpt\n";
close(USAGE);
}

return $accept_this;

# IPSERVERONE CUSTOM START

accept condition = ${if >={$message_size}{500k}{yes}{no}}
accept condition = ${perl{ips1_ip_whitelisted_check}}

warn message = X-AS-check: ${spam_report}
spam = nobody:true
set acl_m8 = ${if !match{$spam_report}{(?i)VR_SPAM_STATE=0}{yes}{no}}

deny message = X-SA-Report: REJECTED - {$spam_score_int} - $spam_report
log_message = MESSAGE: REJECTED : ${acl_m8}:$sender_address to $recipients - ${spam_report}
condition = ${perl{ips1_spam_check}}

deny message = This message scored $spam_score spam points.
spam = nobody:true
condition = ${if >{$spam_score_int}{299}{true}{false}}

# IPSERVERONE CUSTOM END