# 
# Configuration file for Courier::Filter, the purely Perl-based filter
# framework for the Courier MTA.
#
# (Based on example configuration file.)
#
##############################################################################

use Courier::Filter::Logger::Syslog;
use Courier::Filter::Module::Header;
use Courier::Filter::Module::DNSBL;
use Courier::Filter::Module::MIMEParts;
use Courier::Filter::Module::SPF;

# Logger Declaration:
##############################################################################

my $logger = Courier::Filter::Logger::Syslog->new();

$options = {
    
    # Module Declarations:
    ##############################################################################

    modules     => [
        
	# SPF Checks
	Courier::Filter::Module::SPF->new(
	    reject_on   	=> ['fail', 'softfail', 'error'],
	    trusted_forwarders  => 1,
	    fallback_guess      => 1,
	    default_response    => 'Fails SPF Check',

	    inverse     => 0,
	    trusting    => 0,
	    testing     => 0,
	    debugging   => 0
	),
	        
        # Reject weird subjects:
        Courier::Filter::Module::Header->new(
            fields      => {
                subject         => qr/viagra/
            },
            response    => 'No SPAM, please!',

	    inverse     => 0,
	    trusting    => 0,
	    testing     => 1,
	    debugging   => 1
        ),
        
        # Reject black-listed sending IP addresses:
        Courier::Filter::Module::DNSBL->new(
            zones       => [qw(
                bl.spamcop.net
                relays.ordb.org
                dnsbl.njabl.org
                dynablock.njabl.org
                dul.dnsbl.sorbs.net
                zombie.dnsbl.sorbs.net
            )],

	    inverse     => 0,
	    trusting    => 0,
	    testing     => 0,
	    debugging   => 0
        ),
        
        # Reject various virm:
        Courier::Filter::Module::MIMEParts->new(
            max_size    => 1024**2,
            signatures  => [
                {
                    size        => 106496,
                    digest_md5  => 'b09e26c292759d654633d3c8ed00d18d',
                    response    => 'Worm detected: W32.Swen'
                },
                {
                    size        => 106496,
                    digest_md5  => '23c295369305242972529689fecb934c',
                    response    => 'Worm detected: W32.Swen'
                },
                {
                    size        => 106496,
                    digest_md5  => 'e6a96563735047dc4f467b2edf9253f2',
                    response    => 'Worm detected: W32.Swen'
                },
                {
                    size        => 106643,
                    digest_md5  => 'e7db67d648c96fb5221cbfc9d42d198a',
                    response    => 'Worm detected: W32.Swen'
                },
                {
                    size        => 106755,
                    digest_md5  => 'b581ad0060fda1dcfe37539b9e2fa577',
                    response    => 'Worm detected: W32.Swen'
                },
                {
                    size        => 106755,
                    digest_md5  => '03667b05c29b7eef022f27d950e772ef',
                    response    => 'Worm detected: W32.Swen'
                },
                {
                    # Detect the one of the images sent by W32.Swen,
                    # as a reliable fallback.
                    size        => 3639,
                    digest_md5  => '476225849b39aff9bb18d7fac79ad7da',
                    response    => 'Worm detected: W32.Swen'
                }
            ],

	    inverse     => 0,
	    trusting    => 0,
	    testing     => 0,
	    debugging   => 0
        )
        
    ],
    logger      => $logger,
};