Browse Source

Updated documentation to improve the configuration section paying special attention to Windows installation procedures.

Updated snf_engine.xml.sample, getRulebase.cmd.sample and the documentation to use C:\CommuniGatePro\ as the default install path based on current info on the CommuniGate site.
Added CSS and XSL to snf_engine.xml.sample
Included current CSS and XSL files for snf_engine.xml.
Upated the distribution file.


git-svn-id: https://svn.microneil.com/svn/PKG-SNF4CGP-WIN/trunk@11 7d91e7c8-5a61-404e-b06a-95855fde9112
master
madscientist 14 years ago
parent
commit
f9d3b63fb7

BIN
CGPSNF-Win32-Intel.zip View File


BIN
CGPSNF/CGPSNF.exe View File


+ 962
- 0
CGPSNF/CURLMANUAL.rtf View File

LATEST VERSION

You always find news about what's going on as well as the latest versions
from the curl web pages, located at:

http://curl.haxx.se

SIMPLE USAGE

Get the main page from Netscape's web-server:

curl http://www.netscape.com/

Get the README file the user's home directory at funet's ftp-server:

curl ftp://ftp.funet.fi/README

Get a web page from a server using port 8000:

curl http://www.weirdserver.com:8000/

Get a list of a directory of an FTP site:

curl ftp://cool.haxx.se/

Get the definition of curl from a dictionary:

curl dict://dict.org/m:curl

Fetch two documents at once:

curl ftp://cool.haxx.se/ http://www.weirdserver.com:8000/

Get a file off an FTPS server:

curl ftps://files.are.secure.com/secrets.txt

or use the more appropriate FTPS way to get the same file:

curl --ftp-ssl ftp://files.are.secure.com/secrets.txt

Get a file from an SSH server using SFTP:

curl -u username sftp://shell.example.com/etc/issue

Get a file from an SSH server using SCP using a private key to authenticate:

curl -u username: --key ~/.ssh/id_dsa --pubkey ~/.ssh/id_dsa.pub \
scp://shell.example.com/~/personal.txt

Get the main page from an IPv6 web server:

curl -g "http://[2001:1890:1112:1::20]/"

DOWNLOAD TO A FILE

Get a web page and store in a local file:

curl -o thatpage.html http://www.netscape.com/

Get a web page and store in a local file, make the local file get the name
of the remote document (if no file name part is specified in the URL, this
will fail):

curl -O http://www.netscape.com/index.html

Fetch two files and store them with their remote names:

curl -O www.haxx.se/index.html -O curl.haxx.se/download.html

USING PASSWORDS

FTP

To ftp files using name+passwd, include them in the URL like:

curl ftp://name:passwd@machine.domain:port/full/path/to/file

or specify them with the -u flag like

curl -u name:passwd ftp://machine.domain:port/full/path/to/file

FTPS

It is just like for FTP, but you may also want to specify and use
SSL-specific options for certificates etc.

Note that using FTPS:// as prefix is the "implicit" way as described in the
standards while the recommended "explicit" way is done by using FTP:// and
the --ftp-ssl option.

SFTP / SCP

This is similar to FTP, but you can specify a private key to use instead of
a password. Note that the private key may itself be protected by a password
that is unrelated to the login password of the remote system. If you
provide a private key file you must also provide a public key file.

HTTP

Curl also supports user and password in HTTP URLs, thus you can pick a file
like:

curl http://name:passwd@machine.domain/full/path/to/file

or specify user and password separately like in

curl -u name:passwd http://machine.domain/full/path/to/file

HTTP offers many different methods of authentication and curl supports
several: Basic, Digest, NTLM and Negotiate. Without telling which method to
use, curl defaults to Basic. You can also ask curl to pick the most secure
ones out of the ones that the server accepts for the given URL, by using
--anyauth.

NOTE! Since HTTP URLs don't support user and password, you can't use that
style when using Curl via a proxy. You _must_ use the -u style fetch
during such circumstances.

HTTPS

Probably most commonly used with private certificates, as explained below.

PROXY

Get an ftp file using a proxy named my-proxy that uses port 888:

curl -x my-proxy:888 ftp://ftp.leachsite.com/README

Get a file from a HTTP server that requires user and password, using the
same proxy as above:

curl -u user:passwd -x my-proxy:888 http://www.get.this/

Some proxies require special authentication. Specify by using -U as above:

curl -U user:passwd -x my-proxy:888 http://www.get.this/

curl also supports SOCKS4 and SOCKS5 proxies with --socks4 and --socks5.

See also the environment variables Curl support that offer further proxy
control.

RANGES

With HTTP 1.1 byte-ranges were introduced. Using this, a client can request
to get only one or more subparts of a specified document. Curl supports
this with the -r flag.

Get the first 100 bytes of a document:

curl -r 0-99 http://www.get.this/

Get the last 500 bytes of a document:

curl -r -500 http://www.get.this/

Curl also supports simple ranges for FTP files as well. Then you can only
specify start and stop position.

Get the first 100 bytes of a document using FTP:

curl -r 0-99 ftp://www.get.this/README

UPLOADING

FTP / FTPS / SFTP / SCP

Upload all data on stdin to a specified server:

curl -T - ftp://ftp.upload.com/myfile

Upload data from a specified file, login with user and password:

curl -T uploadfile -u user:passwd ftp://ftp.upload.com/myfile

Upload a local file to the remote site, and use the local file name remote
too:
curl -T uploadfile -u user:passwd ftp://ftp.upload.com/

Upload a local file to get appended to the remote file:

curl -T localfile -a ftp://ftp.upload.com/remotefile

Curl also supports ftp upload through a proxy, but only if the proxy is
configured to allow that kind of tunneling. If it does, you can run curl in
a fashion similar to:

curl --proxytunnel -x proxy:port -T localfile ftp.upload.com

HTTP

Upload all data on stdin to a specified http site:

curl -T - http://www.upload.com/myfile

Note that the http server must have been configured to accept PUT before
this can be done successfully.

For other ways to do http data upload, see the POST section below.

VERBOSE / DEBUG

If curl fails where it isn't supposed to, if the servers don't let you in,
if you can't understand the responses: use the -v flag to get verbose
fetching. Curl will output lots of info and what it sends and receives in
order to let the user see all client-server interaction (but it won't show
you the actual data).

curl -v ftp://ftp.upload.com/

To get even more details and information on what curl does, try using the
--trace or --trace-ascii options with a given file name to log to, like
this:

curl --trace trace.txt www.haxx.se

DETAILED INFORMATION

Different protocols provide different ways of getting detailed information
about specific files/documents. To get curl to show detailed information
about a single file, you should use -I/--head option. It displays all
available info on a single file for HTTP and FTP. The HTTP information is a
lot more extensive.

For HTTP, you can get the header information (the same as -I would show)
shown before the data by using -i/--include. Curl understands the
-D/--dump-header option when getting files from both FTP and HTTP, and it
will then store the headers in the specified file.

Store the HTTP headers in a separate file (headers.txt in the example):

curl --dump-header headers.txt curl.haxx.se

Note that headers stored in a separate file can be very useful at a later
time if you want curl to use cookies sent by the server. More about that in
the cookies section.

POST (HTTP)

It's easy to post data using curl. This is done using the -d <data>
option. The post data must be urlencoded.

Post a simple "name" and "phone" guestbook.

curl -d "name=Rafael%20Sagula&phone=3320780" \
http://www.where.com/guest.cgi

How to post a form with curl, lesson #1:

Dig out all the <input> tags in the form that you want to fill in. (There's
a perl program called formfind.pl on the curl site that helps with this).

If there's a "normal" post, you use -d to post. -d takes a full "post
string", which is in the format

<variable1>=<data1>&<variable2>=<data2>&...

The 'variable' names are the names set with "name=" in the <input> tags, and
the data is the contents you want to fill in for the inputs. The data *must*
be properly URL encoded. That means you replace space with + and that you
write weird letters with %XX where XX is the hexadecimal representation of
the letter's ASCII code.

Example:

(page located at http://www.formpost.com/getthis/

<form action="post.cgi" method="post">
<input name=user size=10>
<input name=pass type=password size=10>
<input name=id type=hidden value="blablabla">
<input name=ding value="submit">
</form>

We want to enter user 'foobar' with password '12345'.

To post to this, you enter a curl command line like:

curl -d "user=foobar&pass=12345&id=blablabla&ding=submit" (continues)
http://www.formpost.com/getthis/post.cgi


While -d uses the application/x-www-form-urlencoded mime-type, generally
understood by CGI's and similar, curl also supports the more capable
multipart/form-data type. This latter type supports things like file upload.

-F accepts parameters like -F "name=contents". If you want the contents to
be read from a file, use <@filename> as contents. When specifying a file,
you can also specify the file content type by appending ';type=<mime type>'
to the file name. You can also post the contents of several files in one
field. For example, the field name 'coolfiles' is used to send three files,
with different content types using the following syntax:

curl -F "coolfiles=@fil1.gif;type=image/gif,fil2.txt,fil3.html" \
http://www.post.com/postit.cgi

If the content-type is not specified, curl will try to guess from the file
extension (it only knows a few), or use the previously specified type (from
an earlier file if several files are specified in a list) or else it will
using the default type 'text/plain'.

Emulate a fill-in form with -F. Let's say you fill in three fields in a
form. One field is a file name which to post, one field is your name and one
field is a file description. We want to post the file we have written named
"cooltext.txt". To let curl do the posting of this data instead of your
favourite browser, you have to read the HTML source of the form page and
find the names of the input fields. In our example, the input field names
are 'file', 'yourname' and 'filedescription'.

curl -F "file=@cooltext.txt" -F "yourname=Daniel" \
-F "filedescription=Cool text file with cool text inside" \
http://www.post.com/postit.cgi

To send two files in one post you can do it in two ways:

1. Send multiple files in a single "field" with a single field name:
curl -F "pictures=@dog.gif,cat.gif"
2. Send two fields with two field names:

curl -F "docpicture=@dog.gif" -F "catpicture=@cat.gif"

To send a field value literally without interpreting a leading '@'
or '<', or an embedded ';type=', use --form-string instead of
-F. This is recommended when the value is obtained from a user or
some other unpredictable source. Under these circumstances, using
-F instead of --form-string would allow a user to trick curl into
uploading a file.

REFERRER

A HTTP request has the option to include information about which address
that referred to actual page. Curl allows you to specify the
referrer to be used on the command line. It is especially useful to
fool or trick stupid servers or CGI scripts that rely on that information
being available or contain certain data.

curl -e www.coolsite.com http://www.showme.com/

NOTE: The Referer: [sic] field is defined in the HTTP spec to be a full URL.

USER AGENT

A HTTP request has the option to include information about the browser
that generated the request. Curl allows it to be specified on the command
line. It is especially useful to fool or trick stupid servers or CGI
scripts that only accept certain browsers.

Example:

curl -A 'Mozilla/3.0 (Win95; I)' http://www.nationsbank.com/

Other common strings:
'Mozilla/3.0 (Win95; I)' Netscape Version 3 for Windows 95
'Mozilla/3.04 (Win95; U)' Netscape Version 3 for Windows 95
'Mozilla/2.02 (OS/2; U)' Netscape Version 2 for OS/2
'Mozilla/4.04 [en] (X11; U; AIX 4.2; Nav)' NS for AIX
'Mozilla/4.05 [en] (X11; U; Linux 2.0.32 i586)' NS for Linux

Note that Internet Explorer tries hard to be compatible in every way:
'Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)' MSIE for W95

Mozilla is not the only possible User-Agent name:
'Konqueror/1.0' KDE File Manager desktop client
'Lynx/2.7.1 libwww-FM/2.14' Lynx command line browser

COOKIES

Cookies are generally used by web servers to keep state information at the
client's side. The server sets cookies by sending a response line in the
headers that looks like 'Set-Cookie: <data>' where the data part then
typically contains a set of NAME=VALUE pairs (separated by semicolons ';'
like "NAME1=VALUE1; NAME2=VALUE2;"). The server can also specify for what
path the "cookie" should be used for (by specifying "path=value"), when the
cookie should expire ("expire=DATE"), for what domain to use it
("domain=NAME") and if it should be used on secure connections only
("secure").

If you've received a page from a server that contains a header like:
Set-Cookie: sessionid=boo123; path="/foo";

it means the server wants that first pair passed on when we get anything in
a path beginning with "/foo".

Example, get a page that wants my name passed in a cookie:

curl -b "name=Daniel" www.sillypage.com

Curl also has the ability to use previously received cookies in following
sessions. If you get cookies from a server and store them in a file in a
manner similar to:

curl --dump-header headers www.example.com

... you can then in a second connect to that (or another) site, use the
cookies from the 'headers' file like:

curl -b headers www.example.com

While saving headers to a file is a working way to store cookies, it is
however error-prone and not the preferred way to do this. Instead, make curl
save the incoming cookies using the well-known netscape cookie format like
this:

curl -c cookies.txt www.example.com

Note that by specifying -b you enable the "cookie awareness" and with -L
you can make curl follow a location: (which often is used in combination
with cookies). So that if a site sends cookies and a location, you can
use a non-existing file to trigger the cookie awareness like:

curl -L -b empty.txt www.example.com

The file to read cookies from must be formatted using plain HTTP headers OR
as netscape's cookie file. Curl will determine what kind it is based on the
file contents. In the above command, curl will parse the header and store
the cookies received from www.example.com. curl will send to the server the
stored cookies which match the request as it follows the location. The
file "empty.txt" may be a nonexistent file.

Alas, to both read and write cookies from a netscape cookie file, you can
set both -b and -c to use the same file:

curl -b cookies.txt -c cookies.txt www.example.com

PROGRESS METER

The progress meter exists to show a user that something actually is
happening. The different fields in the output have the following meaning:

% Total % Received % Xferd Average Speed Time Curr.
Dload Upload Total Current Left Speed
0 151M 0 38608 0 0 9406 0 4:41:43 0:00:04 4:41:39 9287

From left-to-right:
% - percentage completed of the whole transfer
Total - total size of the whole expected transfer
% - percentage completed of the download
Received - currently downloaded amount of bytes
% - percentage completed of the upload
Xferd - currently uploaded amount of bytes
Average Speed
Dload - the average transfer speed of the download
Average Speed
Upload - the average transfer speed of the upload
Time Total - expected time to complete the operation
Time Current - time passed since the invoke
Time Left - expected time left to completion
Curr.Speed - the average transfer speed the last 5 seconds (the first
5 seconds of a transfer is based on less time of course.)

The -# option will display a totally different progress bar that doesn't
need much explanation!

SPEED LIMIT

Curl allows the user to set the transfer speed conditions that must be met
to let the transfer keep going. By using the switch -y and -Y you
can make curl abort transfers if the transfer speed is below the specified
lowest limit for a specified time.

To have curl abort the download if the speed is slower than 3000 bytes per
second for 1 minute, run:

curl -Y 3000 -y 60 www.far-away-site.com

This can very well be used in combination with the overall time limit, so
that the above operation must be completed in whole within 30 minutes:

curl -m 1800 -Y 3000 -y 60 www.far-away-site.com

Forcing curl not to transfer data faster than a given rate is also possible,
which might be useful if you're using a limited bandwidth connection and you
don't want your transfer to use all of it (sometimes referred to as
"bandwidth throttle").

Make curl transfer data no faster than 10 kilobytes per second:

curl --limit-rate 10K www.far-away-site.com

or

curl --limit-rate 10240 www.far-away-site.com

Or prevent curl from uploading data faster than 1 megabyte per second:

curl -T upload --limit-rate 1M ftp://uploadshereplease.com

When using the --limit-rate option, the transfer rate is regulated on a
per-second basis, which will cause the total transfer speed to become lower
than the given number. Sometimes of course substantially lower, if your
transfer stalls during periods.

CONFIG FILE

Curl automatically tries to read the .curlrc file (or _curlrc file on win32
systems) from the user's home dir on startup.

The config file could be made up with normal command line switches, but you
can also specify the long options without the dashes to make it more
readable. You can separate the options and the parameter with spaces, or
with = or :. Comments can be used within the file. If the first letter on a
line is a '#'-letter the rest of the line is treated as a comment.

If you want the parameter to contain spaces, you must enclose the entire
parameter within double quotes ("). Within those quotes, you specify a
quote as \".

NOTE: You must specify options and their arguments on the same line.

Example, set default time out and proxy in a config file:

# We want a 30 minute timeout:
-m 1800
# ... and we use a proxy for all accesses:
proxy = proxy.our.domain.com:8080

White spaces ARE significant at the end of lines, but all white spaces
leading up to the first characters of each line are ignored.

Prevent curl from reading the default file by using -q as the first command
line parameter, like:

curl -q www.thatsite.com

Force curl to get and display a local help page in case it is invoked
without URL by making a config file similar to:

# default url to get
url = "http://help.with.curl.com/curlhelp.html"

You can specify another config file to be read by using the -K/--config
flag. If you set config file name to "-" it'll read the config from stdin,
which can be handy if you want to hide options from being visible in process
tables etc:

echo "user = user:passwd" | curl -K - http://that.secret.site.com

EXTRA HEADERS

When using curl in your own very special programs, you may end up needing
to pass on your own custom headers when getting a web page. You can do
this by using the -H flag.

Example, send the header "X-you-and-me: yes" to the server when getting a
page:

curl -H "X-you-and-me: yes" www.love.com

This can also be useful in case you want curl to send a different text in a
header than it normally does. The -H header you specify then replaces the
header curl would normally send. If you replace an internal header with an
empty one, you prevent that header from being sent. To prevent the Host:
header from being used:

curl -H "Host:" www.server.com

FTP and PATH NAMES

Do note that when getting files with the ftp:// URL, the given path is
relative the directory you enter. To get the file 'README' from your home
directory at your ftp site, do:

curl ftp://user:passwd@my.site.com/README

But if you want the README file from the root directory of that very same
site, you need to specify the absolute file name:

curl ftp://user:passwd@my.site.com//README

(I.e with an extra slash in front of the file name.)

SFTP and SCP and PATH NAMES

With sftp: and scp: URLs, the path name given is the absolute name on the
server. To access a file relative to the remote user's home directory,
prefix the file with /~/ , such as:

curl -u $USER sftp://home.example.com/~/.bashrc

FTP and firewalls

The FTP protocol requires one of the involved parties to open a second
connection as soon as data is about to get transfered. There are two ways to
do this.

The default way for curl is to issue the PASV command which causes the
server to open another port and await another connection performed by the
client. This is good if the client is behind a firewall that don't allow
incoming connections.

curl ftp.download.com

If the server for example, is behind a firewall that don't allow connections
on other ports than 21 (or if it just doesn't support the PASV command), the
other way to do it is to use the PORT command and instruct the server to
connect to the client on the given (as parameters to the PORT command) IP
number and port.

The -P flag to curl supports a few different options. Your machine may have
several IP-addresses and/or network interfaces and curl allows you to select
which of them to use. Default address can also be used:

curl -P - ftp.download.com

Download with PORT but use the IP address of our 'le0' interface (this does
not work on windows):

curl -P le0 ftp.download.com

Download with PORT but use 192.168.0.10 as our IP address to use:

curl -P 192.168.0.10 ftp.download.com

NETWORK INTERFACE

Get a web page from a server using a specified port for the interface:

curl --interface eth0:1 http://www.netscape.com/

or

curl --interface 192.168.1.10 http://www.netscape.com/

HTTPS

Secure HTTP requires SSL libraries to be installed and used when curl is
built. If that is done, curl is capable of retrieving and posting documents
using the HTTPS protocol.

Example:

curl https://www.secure-site.com

Curl is also capable of using your personal certificates to get/post files
from sites that require valid certificates. The only drawback is that the
certificate needs to be in PEM-format. PEM is a standard and open format to
store certificates with, but it is not used by the most commonly used
browsers (Netscape and MSIE both use the so called PKCS#12 format). If you
want curl to use the certificates you use with your (favourite) browser, you
may need to download/compile a converter that can convert your browser's
formatted certificates to PEM formatted ones. This kind of converter is
included in recent versions of OpenSSL, and for older versions Dr Stephen
N. Henson has written a patch for SSLeay that adds this functionality. You
can get his patch (that requires an SSLeay installation) from his site at:
http://www.drh-consultancy.demon.co.uk/

Example on how to automatically retrieve a document using a certificate with
a personal password:

curl -E /path/to/cert.pem:password https://secure.site.com/

If you neglect to specify the password on the command line, you will be
prompted for the correct password before any data can be received.

Many older SSL-servers have problems with SSLv3 or TLS, that newer versions
of OpenSSL etc is using, therefore it is sometimes useful to specify what
SSL-version curl should use. Use -3, -2 or -1 to specify that exact SSL
version to use (for SSLv3, SSLv2 or TLSv1 respectively):

curl -2 https://secure.site.com/

Otherwise, curl will first attempt to use v3 and then v2.

To use OpenSSL to convert your favourite browser's certificate into a PEM
formatted one that curl can use, do something like this (assuming netscape,
but IE is likely to work similarly):

You start with hitting the 'security' menu button in netscape.

Select 'certificates->yours' and then pick a certificate in the list

Press the 'export' button

enter your PIN code for the certs

select a proper place to save it

Run the 'openssl' application to convert the certificate. If you cd to the
openssl installation, you can do it like:

# ./apps/openssl pkcs12 -in [file you saved] -clcerts -out [PEMfile]


RESUMING FILE TRANSFERS

To continue a file transfer where it was previously aborted, curl supports
resume on http(s) downloads as well as ftp uploads and downloads.

Continue downloading a document:

curl -C - -o file ftp://ftp.server.com/path/file

Continue uploading a document(*1):

curl -C - -T file ftp://ftp.server.com/path/file

Continue downloading a document from a web server(*2):

curl -C - -o file http://www.server.com/

(*1) = This requires that the ftp server supports the non-standard command
SIZE. If it doesn't, curl will say so.

(*2) = This requires that the web server supports at least HTTP/1.1. If it
doesn't, curl will say so.

TIME CONDITIONS

HTTP allows a client to specify a time condition for the document it
requests. It is If-Modified-Since or If-Unmodified-Since. Curl allow you to
specify them with the -z/--time-cond flag.

For example, you can easily make a download that only gets performed if the
remote file is newer than a local copy. It would be made like:

curl -z local.html http://remote.server.com/remote.html

Or you can download a file only if the local file is newer than the remote
one. Do this by prepending the date string with a '-', as in:

curl -z -local.html http://remote.server.com/remote.html

You can specify a "free text" date as condition. Tell curl to only download
the file if it was updated since January 12, 2012:

curl -z "Jan 12 2012" http://remote.server.com/remote.html

Curl will then accept a wide range of date formats. You always make the date
check the other way around by prepending it with a dash '-'.

DICT

For fun try

curl dict://dict.org/m:curl
curl dict://dict.org/d:heisenbug:jargon
curl dict://dict.org/d:daniel:web1913

Aliases for 'm' are 'match' and 'find', and aliases for 'd' are 'define'
and 'lookup'. For example,

curl dict://dict.org/find:curl

Commands that break the URL description of the RFC (but not the DICT
protocol) are

curl dict://dict.org/show:db
curl dict://dict.org/show:strat

Authentication is still missing (but this is not required by the RFC)

LDAP

If you have installed the OpenLDAP library, curl can take advantage of it
and offer ldap:// support.

LDAP is a complex thing and writing an LDAP query is not an easy task. I do
advice you to dig up the syntax description for that elsewhere. Two places
that might suit you are:

Netscape's "Netscape Directory SDK 3.0 for C Programmer's Guide Chapter 10:
Working with LDAP URLs":
http://developer.netscape.com/docs/manuals/dirsdk/csdk30/url.htm

RFC 2255, "The LDAP URL Format" http://curl.haxx.se/rfc/rfc2255.txt

To show you an example, this is now I can get all people from my local LDAP
server that has a certain sub-domain in their email address:

curl -B "ldap://ldap.frontec.se/o=frontec??sub?mail=*sth.frontec.se"

If I want the same info in HTML format, I can get it by not using the -B
(enforce ASCII) flag.

ENVIRONMENT VARIABLES

Curl reads and understands the following environment variables:

http_proxy, HTTPS_PROXY, FTP_PROXY

They should be set for protocol-specific proxies. General proxy should be
set with
ALL_PROXY

A comma-separated list of host names that shouldn't go through any proxy is
set in (only an asterisk, '*' matches all hosts)

NO_PROXY

If a tail substring of the domain-path for a host matches one of these
strings, transactions with that node will not be proxied.


The usage of the -x/--proxy flag overrides the environment variables.

NETRC

Unix introduced the .netrc concept a long time ago. It is a way for a user
to specify name and password for commonly visited ftp sites in a file so
that you don't have to type them in each time you visit those sites. You
realize this is a big security risk if someone else gets hold of your
passwords, so therefore most unix programs won't read this file unless it is
only readable by yourself (curl doesn't care though).

Curl supports .netrc files if told so (using the -n/--netrc and
--netrc-optional options). This is not restricted to only ftp,
but curl can use it for all protocols where authentication is used.

A very simple .netrc file could look something like:

machine curl.haxx.se login iamdaniel password mysecret

CUSTOM OUTPUT

To better allow script programmers to get to know about the progress of
curl, the -w/--write-out option was introduced. Using this, you can specify
what information from the previous transfer you want to extract.

To display the amount of bytes downloaded together with some text and an
ending newline:

curl -w 'We downloaded %{size_download} bytes\n' www.download.com

KERBEROS FTP TRANSFER

Curl supports kerberos4 and kerberos5/GSSAPI for FTP transfers. You need
the kerberos package installed and used at curl build time for it to be
used.

First, get the krb-ticket the normal way, like with the kinit/kauth tool.
Then use curl in way similar to:

curl --krb private ftp://krb4site.com -u username:fakepwd

There's no use for a password on the -u switch, but a blank one will make
curl ask for one and you already entered the real password to kinit/kauth.

TELNET

The curl telnet support is basic and very easy to use. Curl passes all data
passed to it on stdin to the remote server. Connect to a remote telnet
server using a command line similar to:

curl telnet://remote.server.com

And enter the data to pass to the server on stdin. The result will be sent
to stdout or to the file you specify with -o.

You might want the -N/--no-buffer option to switch off the buffered output
for slow connections or similar.

Pass options to the telnet protocol negotiation, by using the -t option. To
tell the server we use a vt100 terminal, try something like:

curl -tTTYPE=vt100 telnet://remote.server.com

Other interesting options for it -t include:

- XDISPLOC=<X display> Sets the X display location.

- NEW_ENV=<var,val> Sets an environment variable.

NOTE: the telnet protocol does not specify any way to login with a specified
user and password so curl can't do that automatically. To do that, you need
to track when the login prompt is received and send the username and
password accordingly.

PERSISTENT CONNECTIONS

Specifying multiple files on a single command line will make curl transfer
all of them, one after the other in the specified order.

libcurl will attempt to use persistent connections for the transfers so that
the second transfer to the same host can use the same connection that was
already initiated and was left open in the previous transfer. This greatly
decreases connection time for all but the first transfer and it makes a far
better use of the network.

Note that curl cannot use persistent connections for transfers that are used
in subsequence curl invokes. Try to stuff as many URLs as possible on the
same command line if they are using the same host, as that'll make the
transfers faster. If you use a http proxy for file transfers, practically
all transfers will be persistent.

MULTIPLE TRANSFERS WITH A SINGLE COMMAND LINE

As is mentioned above, you can download multiple files with one command line
by simply adding more URLs. If you want those to get saved to a local file
instead of just printed to stdout, you need to add one save option for each
URL you specify. Note that this also goes for the -O option (but not
--remote-name-all).

For example: get two files and use -O for the first and a custom file
name for the second:

curl -O http://url.com/file.txt ftp://ftp.com/moo.exe -o moo.jpg

You can also upload multiple files in a similar fashion:

curl -T local1 ftp://ftp.com/moo.exe -T local2 ftp://ftp.com/moo2.txt

IPv6

curl will connect to a server with IPv6 when a host lookup returns an IPv6
address and fall back to IPv4 if the connection fails. The --ipv4 and --ipv6
options can specify which address to use when both are available. IPv6
addresses can also be specified directly in URLs using the syntax:

http://[2001:1890:1112:1::20]/overview.html

When this style is used, the -g option must be given to stop curl from
interpreting the square brackets as special globbing characters. Link local
and site local addresses including a scope identifier, such as fe80::1234%1,
may also be used, but the scope portion must be numeric and the percent
character must be URL escaped. The previous example in an SFTP URL might
look like:

sftp://[fe80::1234%251]/

IPv6 addresses provided other than in URLs (e.g. to the --proxy, --interface
or --ftp-port options) should not be URL encoded.


MAILING LISTS

For your convenience, we have several open mailing lists to discuss curl,
its development and things relevant to this. Get all info at
http://curl.haxx.se/mail/. Some of the lists available are:

curl-users

Users of the command line tool. How to use it, what doesn't work, new
features, related tools, questions, news, installations, compilations,
running, porting etc.

curl-library

Developers using or developing libcurl. Bugs, extensions, improvements.

curl-announce

Low-traffic. Only receives announcements of new public versions. At worst,
that makes something like one or two mails per month, but usually only one
mail every second month.

curl-and-php

Using the curl functions in PHP. Everything curl with a PHP angle. Or PHP
with a curl angle.

curl-and-python

Python hackers using curl with or without the python binding pycurl.

Please direct curl questions, feature requests and trouble reports to one of
these mailing lists instead of mailing any individual.

+ 53
- 0
CGPSNF/CURLREADME.rtf View File

_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|

README

Curl is a command line tool for transferring data specified with URL
syntax. Find out how to use curl by reading the curl.1 man page or the
MANUAL document. Find out how to install Curl by reading the INSTALL
document.

libcurl is the library curl is using to do its job. It is readily
available to be used by your software. Read the libcurl.3 man page to
learn how!

You find answers to the most frequent questions we get in the FAQ document.

Study the COPYING file for distribution terms and similar. If you distribute
curl binaries or other binaries that involve libcurl, you might enjoy the
LICENSE-MIXING document.

CONTACT

If you have problems, questions, ideas or suggestions, please contact us
by posting to a suitable mailing list. See http://curl.haxx.se/mail/

All contributors to the project are listed in the THANKS document.

WEB SITE

Visit the curl web site for the latest news and downloads:

http://curl.haxx.se/

CVS

To download the very latest source off the CVS server do this:

cvs -d :pserver:anonymous@cool.haxx.se:/cvsroot/curl login

(just press enter when asked for password)

cvs -d :pserver:anonymous@cool.haxx.se:/cvsroot/curl co curl

(you'll get a directory named curl created, filled with the source code)

NOTICE

Curl contains pieces of source code that is Copyright (c) 1998, 1999
Kungliga Tekniska Högskolan. This notice is included here to comply with the
distribution terms.

+ 62
- 0
CGPSNF/Doc/AdminStyle.css View File

.WebAdmin {
font-size: smaller; font-family:Helvetica, Geneva, Arial, SunSans-Regular, sans-serif;
color:#448;
}

body.inner {margin: 1pt;}

.WebAdmin.TT {font-size: 100%;}

.WebAdmin.A {color: black }

.warning {color: red;}

.button {color: #069; font-weight:bold;}

.settingsBox {background-color: #F8F8FF; border: 1pt solid #069; border-collapse: collapse; }
.settingsBox caption {color: #069; font-weight:bold; background-color: #CCD; border: 1px solid #069;}
.settingsBox caption TH {font-weight:bold;}
.settingsBox TR TH {background-color: #DDE; font-weight:bold;}
.settingsBox THEAD TR,
.settingsBox TFOOT TR {background-color: #DDF;}

.settingsCaption {color: #069; background-color: #CCD; border: 1pt solid #069; border-collapse: collapse;}
.settingsCaption TH {font-weight:bold;}

.arrow {font-weight:bold;}
.arrow A,
.arrow A:active {color: #06A; text-decoration: underscore;}
.arrow A:hover {color: #F93; text-decoration: underscore blink;}

.logView {font-family:Monaco, Courier, serif; color: black; background-color: white;}
.logViewInline {font-family:Monaco, Courier, serif; color: black; background-color: #F0F8F8; border: 1pt solid #069;}

.histoBar {background-color: #069; }

.tabSet {padding: 0pt; spacing: 0pt;}
.tab {padding: 1pt 2pt 0pt 2pt; border-bottom: solid 1pt #444; font-weight: bold;}
.tab DIV {background-color: #CCC; border: solid 1pt #AAA; border-bottom-width: 0px;}
.tabName {padding: 1pt 2pt 0pt 2pt; border-bottom: solid 1pt #444; font-weight: bold; font-family: monospace; color: #444; text-transform: uppercase;}

.tabActive {background-color: #DDD; border: solid 1pt #444; border-bottom-width: 0px; font-weight: bold; color: #F93;}

.tabDataOuter {border: solid 1pt #444; border-top-width: 0pt; padding: 5pt 2pt 2pt 3pt; background-color: #DDD;}
.tabData {border: solid 2pt #EEE; border-width: 5pt 2pt 2pt 4pt; padding: 0pt; background-color: #EEE;}

.tab A,
.tab A:active {color: #069; text-decoration: none;}
.tab A:hover {color: #F93; text-decoration: blink;}

.tabActive A,
.tabActive A:active {color: #F93; text-decoration: underline;}
.tabActive A:hover {color: #F93; text-decoration: blink;}

.helpLink {font-weight: bolder;}
.helpLink A,
.helpLink A:active {color: #069; text-decoration: none;}
.helpLink A:hover {color: #F93; text-decoration: blink;}

.directoryValue {font-family: monospace; color: black; word-wrap: break-word;}
.serviceName {font-family: monospace; color: black;}

.settingFixed {background-color: white; border: solid 1pt #069; font-family: monospace; color: Black; padding:1pt;}

BIN
CGPSNF/Doc/CGPLogo.gif View File


BIN
CGPSNF/Doc/DisabledDownLoad.gif View File


BIN
CGPSNF/Doc/DownLoad.gif View File


+ 77
- 0
CGPSNF/Doc/GuideStyle.css View File

body {font-family: serif; color:black; background-color: white;}

tt {font-size: 100%;}

.tabLeftSet {padding: 0pt; font-family: sans-serif;}
.tabLeftSet td {padding: 2pt 0pt 2pt 1pt; border-right: solid 1pt #444; font-weight: bold;}
.tabLeftSet td div {background-color: #CCC; border: solid 1pt #AAA; border-right-width: 0px; padding: 2pt;}
.tabLeftSet th {background-color: #DDD; border: solid 1pt #444; border-right-width: 0px; font-weight: bold; color: #F93; text-align: left;}

.tabLeftSet td a,
.tabLeftSet td a:active {color: #069; text-decoration: none;}
.tabLeftSet td a:hover {color: #F93; text-decoration: blink;}

.tabLeftSet th a,
.tabLeftSet th a:active {color: #F93; text-decoration: underline;}
.tabLeftSet th a:hover {color: #F93; text-decoration: blink;}

.tabTopOuter {border: solid 1pt #444; border-left-width: 0pt; padding: 2pt 2pt 2pt 5pt; background-color: #DDD;}
.tabTopData {border: solid 2pt #EEE; border-width: 2pt 2pt 2pt 4pt; padding: 0pt; background-color: #EEE;}

.tabTopSet {padding: 0pt; font-family: sans-serif;}

.tabTopSet td {padding: 1pt 2pt 0pt 2pt; border-bottom: solid 1pt #444; font-weight: bold;}
.tabTopSet td div {background-color: #CCC; border: solid 1pt #AAA; border-bottom-width: 0px;}

.tabTopSet th {background-color: #DDD; border: solid 1pt #444; border-bottom-width: 0px; font-weight: bold; color: #F93;}

.tabTopSet td a,
.tabTopSet td a:active {color: #069; text-decoration: none;}
.tabTopSet td a:hover {color: #F93; text-decoration: blink;}

.tabTopSet th a,
.tabTopSet th a:active {color: #F93; text-decoration: underline;}
.tabTopSet th a:hover {color: #F93; text-decoration: blink;}

.tabBodyOuter {border: solid 1pt #444; border-top-width: 0pt; padding: 5pt 2pt 3pt 3pt; background-color: #DDD;}
.tabBody {border: solid 2pt #EEE; border-width: 5pt 2pt 2pt 4pt; padding: 0pt; background-color: #FFF;}

h1 {color: white; background-color: #069; font-family: sans-serif; text-indent: 5pt; border: 0pt; margin: 0pt;}

.guideTOC {border: solid 2pt #069; background-color: #EEF; }
.guideTOC ul {list-style: square outside;}
.guideTOC li a,
.guideTOC li a:active {color: #069; text-decoration:none; font-family: sans-serif; font-weight: bold;}
.guideTOC li a:hover {color: #F93;}

h2 {color: #069; font-family: sans-serif;}
h3 {color: #069; font-family: sans-serif;}
hr {color: #069;}

.guideCopyright {color: #069; font-size: smaller;}
.guideVersion {color: #069; font: bold italic smaller sans-serif;}

.guideSection {margin-left: 20;}

.guideTable {background-color: #F8F8FF; border: 1pt solid #069; border-collapse:collapse; }
.guideTable th {background-color: #E0E0FF; border: 1pt solid #069; color:Navy; }
.guideTable td {border: 1pt solid #069; }

.sampleCode {color: Navy; font-family: monospace;}
.sampleData {color: Blue; font-family: monospace;}
.sampleMarkup {color: #250; border: solid 1px #069; padding: 1px; font-family: monospace;}
.sampleProgram {color: Navy; background-color: #F4F4F4; border-style: double; border-color: #888; padding: 2px; font-family: monospace;}
.sampleMIME {background-color: #F4F4F4; border-style: dashed; border-color: #888; padding: 2px; font-family: monospace; font-size:smaller; color: Blue;}
.sampleProto {background-color: #F4F4F4; border-style: double; border-color: #888; padding: 2px; font-family: monospace; font-size:smaller; }
.sampleProtoC {color: Navy;}
.sampleProtoS {color: Blue;}

.syntax {color: Black; background-color: white; padding: 2px; font-family: monospace;}
.syntaxTable td {color: Black; background-color: white; padding: 5px; font-family: monospace;}

.spacedList dd {border-bottom: solid 1em white; }

.inactive
{
background-color: silver;
}

+ 512
- 0
CGPSNF/Doc/default.html View File

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-15">
<title>CommuniGate Pro: ARM Research Labs Sniffer Antispam Plugin</title>
<link rel="stylesheet" href="GuideStyle.css" type="text/css" />
<link rel="stylesheet" href="AdminStyle.css" type="text/css" />
</head>

<body>

<table border="0" cellPadding="0" cellSpacing="0" width="100%">

<tr>
<td class="tabBodyOuter">

<table class="tabBody" width="100%" cellspacing="0"
cellpadding="0">
<tr>

<td>

<h1>ARM Research Labs Sniffer Plugin for CommuniGate
Pro</h1>

<div class="guideTOC">
<ul>

<table class="tabBody" width="100%" cellspacing="0"
cellpadding="0">

<li><a href="#Download">Download the Sniffer Plugin</a>

<li><a href="#Install" name=Install>Installation</a>

<ul>

<li><a href="#WIN32">Installing on a MS Windows
200x/NT/XP/9x system</a>

<li><a href="#Linux">Installing on a Linux
system</a>

<li><a href="#FreeBSD">Installing on a FreeBSD
system</a>

<li><a href="#OpenBSD">Installing on an OpenBSD
system</a>

<li><a href="#Source">Installing from source</a>

</ul>

<li><a href="#Upgrading">Upgrading to a newer
version</a>

<li><a href="#Config">Configuring the Sniffer
Plugin</a>

<li><a href="#Test">Testing the Sniffer Plugin</a>

<li><a href="#Options">Command line options</a>

<li><a href="#Integrate">Integrating the Sniffer
Plugin with CommuniGate Pro</a>

<li><a href="#Update">Updating the spam definitions
database</a>

</ul>
</div>
</td>
</tr>

</table>
</tr>
</table>
</tr>
</td>
</table>

<p><b>Note:</b> The ARM Research Labs Sniffer Plugin is not available
on platforms. Before you order the Sniffer License, make sure that
the available versions of the Sniffer Plugin software run on your
CommuniGate Pro Server platform.</p>

<h2><hr><a name="Download"></a>Download the ARM Research Labs Sniffer Plugins</h2>
<dl><dd>
<p>ARM Research Labs Sniffer antispam plugins are available for certain platforms only.</p>

<table class="guideTable" border=1 cellspacing=0 cellpadding=1>

<tr bgcolor="#cccccc">
<th nowrap rowspan=2 width=50%>Operating System</th>
<th nowrap rowspan=2>CPU</th>
<th nowrap colspan=2>Download</th>
</tr>

<tr bgcolor="#cccccc">
<th nowrap>via<br>http</th>
<th nowrap>via<br>ftp</th>
</tr>

<tr>
<td align=center>Microsoft Windows NT/2000/XP<BR>Microsoft Windows 95/98</td>
<td align=center>x86</td>
<td align=center><a HREF="http://www.armresearch.com/message-sniffer/download/CGPSNF-Win32-Intel.zip">
<img src="DownLoad.gif" border=0 width=16 height=16></a></td>
<td align=center><img src="DisabledDownLoad.gif" border=0 width=16 height=16></td>
</tr>

<tr>
<td align=center rowspan=2>Linux (RedHat/Fedora/CentOS, Ubuntu, SuSE)</TD>
<td align=center>x86</td>
<td align=center><a
HREF="http://www.armresearch.com/message-sniffer/download/CGPSNF-Linux-Intel.tar.gz">
<img src="DownLoad.gif" border=0 width=16 height=16></a></td>
<td align=center><img src="DisabledDownLoad.gif" border=0 width=16 height=16></td>

<tr>
<td align=center>x86_64</td>
<td align=center><a href="http://www.armresearch.com/message-sniffer/download/CGPSNF-Linux-x86_64.tar.gz">
<img src="DisabledDownLoad.gif" border=0 width=16 height=16></a></td>
<td align=center><img src="DisabledDownLoad.gif" border=0 width=16 height=16></td>
</tr>

<tr>
<td align=center rowspan=2>FreeBSD 7.x</td>
<td align=center>x86</td>
<td align=center><a href="http://www.armresearch.com/message-sniffer/download/CGPSNF-FreeBSD7.x-Intel.tar.gz">
<img src="DownLoad.gif" border=0 width=16 height=16></a></td>
<td align=center><img src="DisabledDownLoad.gif" border=0 width=16 height=16></td>

<tr>
<td align=center>x86_64</td>
<td align=center><a href="http://www.armresearch.com/message-sniffer/download/CGPSNF-FreeBSD7.x-x86_64.tar.gz">
<img src="DisabledDownLoad.gif" border=0 width=16 height=16></a></td>
<td align=center><img src="DisabledDownLoad.gif" border=0 width=16 height=16></td>

</tr>

<tr>
<td align=center rowspan=2>OpenBSD 4.4 or later</td>
<td align=center>x86</td>
<td align=center><a href="http://www.armresearch.com/message-sniffer/download/CGPSNF-OpenBSD4.4-Intel.tar.gz">
<img src="DownLoad.gif" border=0 width=16 height=16></a></td>
<td align=center><img src="DisabledDownLoad.gif" border=0 width=16 height=16></td>

<tr>
<td align=center>x86_64</td>
<td align=center><a href="http://www.armresearch.com/message-sniffer/download/CGPSNF-OpenBSD4.4-x86_64.tar.gz">
<img src="DisabledDownLoad.gif" border=0 width=16 height=16></a></td>
<td align=center><img src="DisabledDownLoad.gif" border=0 width=16 height=16></td>

</tr>

<tr>
<td align=center>Source for Linux/FreeBSD/OpenBSD</td>
<td align=center>Any</td>
<td align=center><a HREF="http://www.armresearch.com/message-sniffer/download/snf4cgp.tar.gz">
<img src="DownLoad.gif" border=0 width=16 height=16></a></td>
<td align=center><img src="DisabledDownLoad.gif" border=0 width=16 height=16></td>
</tr>

</table>

</dl>

<p>Downloads by ftp are not available</p>
<p>The current version of the Plugin is 0.1.0.</p>
<p>The current version of the ARM Research Labs Sniffer Engine is 3.0.12.</p>

<h3><hr/><a name=Upgrading></a>Upgrading to a newer version.</h3>
<p>When upgrading the Plugin to a newer version, do the following:</p>

<ul>

<li>Stop any running copy of the Sniffer Plugin application via
CommuniGate Pro WebAdmin interface.

<li>Install and configure the new version of the Sniffer Plugin as
described in this document.

</ul>

<h3><hr><a name="WIN32"></a>Installing on a MS Windows 200x/NT/XP/9x system.</h3>
<ul>
<li>Open the command-line interface window and
change the current directory to the CommuniGate Pro <I>base directory</I>.
<li>Use any &quot;unzip&quot;-compatible tool to unpack the
<tt>CGPSNF-Win32-Intel.zip</tt> file. The <tt>CGPSNF</tt> directory will be created inside the <I>base directory</I>.
<li>Proceed with <a HREF="#Config">Configuring the Sniffer Plugin</a>.
</ul>

<h3><hr><a name=Linux></a>Installing on a Linux system.</h3>
<ul>
<li>Log in as a super-user (root).
<li>Change the current directory to the CommuniGate Pro <I>base directory</I>.
<li>Unpack the Plugin archive with the <tt>tar</tt> command:<tt><br>
&nbsp;&nbsp;tar -xzf CGPSNF-Linux-Intel.tar.gz</tt><br>
The <tt>CGPSNF</tt> directory will be created inside the <I>base directory</I>.
<li>Proceed with <a HREF="#Config">Configuring the Sniffer Plugin</a>.
</ul>

<h3><hr><a name=FreeBSD></a>Installing on a FreeBSD system.</h3>
<ul>
<li>Log in as a super-user (root).
<li>Change the current directory to the CommuniGate Pro <I>base directory</I>.
<li>Unpack the Plugin archive with the <tt>tar</tt> command:<tt><br>
&nbsp;&nbsp;tar -xzf CGPSNF-FreeBSD-Intel.tar.gz</tt><br>
The <tt>CGPSNF</tt> directory will be created inside the <I>base directory</I>.
<li>Proceed with <a HREF="#Config">Configuring the Sniffer Plugin</a>.
</ul>

<h3><hr><a name=OpenBSD></a>Installing on an OpenBSD system.</h3>
<ul>
<li>Log in as a super-user (root).
<li>Change the current directory to the CommuniGate Pro <I>base directory</I>.
<li>Unpack the Plugin archive with the <tt>tar</tt> command:<tt><br>
&nbsp;&nbsp;tar -xzf CGPSNF-OpenBSD-Intel.tar.gz</tt><br>
The <tt>CGPSNF</tt> directory will be created inside the <I>base directory</I>.
<li>Proceed with <a HREF="#Config">Configuring the Sniffer Plugin</a>.
</ul>

<h3><hr><a name=Source></a>Installing from source.</h3>
You can build the Sniffer Plugin from source:
<ul>
<li>Download the <tt>snf4cgp.tar.gz</tt>.
<li>Extract the sources with the command:<tt><br>
&nbsp;&nbsp;tar -xzf snf4cgptar.gz</tt><br>
This creates a directory <tt>snf4cgp-X.Y.Z</tt>, where X.Y.Z is the
version of the module.
<li>Change directory to <tt>snf4cgp-X.Y.Z</tt>:<tt><br>
&nbsp;&nbsp;cd snf4cgp-X.Y.Z</tt><br>
<li>Configure and build the system:<tt><br>
&nbsp;&nbsp;./configure<br>
&nbsp;&nbsp;./make</tt><br>
<li>Become super-user (root).
<li>Create the Sniffer Plugin:<tt><br> &nbsp;&nbsp;make
module</tt><br> This creates a Plugin archive
named <tt>CGPSNF-X.Y.Z-MODULE.tar.gz</tt>.
<li>Proceed with <a HREF="#Install">Installing the Sniffer
Plugin</a> for your system, using the Plugin archive that was
created.
</ul>

<h3><hr><a name=Config></a>Configuring the Sniffer Plugin.</h3>

<p>Go to the CGPSNF module directory:<br/>
<blockquote>
On a typical Linux or Linux-like system
<tt>/var/CommuniGate/CGPSNF</tt><br/> On a typical Windows system
<tt>C:\CommuniGatePro\CGPSNF</tt><br/>
<br/>
<i>Note: If these are not correct for your system you will need to
customize your snf_engine.xml and getRulebase script accordingly. Be sure
you visit the <a
href="http://www.armresearch.com/support/articles/software/snfServer/config/node/paths/">paths</a> and <a href="http://www.armresearch.com/support/articles/software/snfServer/config/node/network/update-script.jsp">update-script</a> section of snf_engine.xml as well
as
the SET SNIFFER_PATH= line in your getRulebase script. </i> </blockquote>
</p>
<ul>

<li>Have your Message Sniffer <i>LicenseID</i> (8 characters) and
<i>AuthenticationString</i> (16 characters) ready. You should have
received these in your sign-up email or in one of your update
notification email's from ARM Research Labs.
</li>

<br/>
<li>Copy the sample configuration files.</li>
<ul>
<li>Copy <tt>snf_engine.xml.sample</tt> to <tt>snf_engine.xml</tt>
and <a
href="http://www.armresearch.com/support/articles/software/snfServer/config/snfEngine.jsp">
Customize as needed.
</a>
<blockquote><i>Note: If you modify the location of your rulebase
you will also need to modify your getRulebase script accordingly!
This is supported, however it is usually best to leave the location
of the rulebase (.snf) files in the CGPSNF directory.</i></blockquote>
</li>

<li>Copy <tt>identity.xml.sample</tt> to <tt>identity.xml</tt> </li>
<li>Edit <tt>identity.xml</tt> to <a
href="http://www.armresearch.com/support/articles/software/snfServer/config/identity.jsp">Configure your <i>LicenseID</i> and
<i>AuthenticationString</i></a></li>
<li>Copy
<tt>GBUdbIgnoreList.txt.sample</tt>to<tt>GBUdbIgnoreList.txt</tt>
and <a
href="http://www.armresearch.com/support/articles/software/snfServer/config/gbudbIgnoreList.jsp">Customize as needed.</a></li>
</ul>

<br/>
<li>Configure your automated updates script.</li>
<ul>
<br/>
<li>On Windows Systems...</li>

<ul>
<li>Copy <tt>getRulebase.cmd.sample</tt> to
<tt>getRulebase.cmd</tt></li>
<li>Configure the script with your SNF license ID and
Authentication string.</li>
<ul>
<li>Change the line <tt>LICENSE_ID=licenseid</tt> to
<tt>LICENSE_ID=</tt><i>your_LicenseID</i></li>
<li>Change the line
<tt>AUTHENTICATION=authenticationxx</tt> to
<tt>AUTHENTICATION=</tt><i>your_AuthenticationString</i></li>
</ul>

</ul>

<br/>
<li>On Linux Sysetms...</li>


<ul>
<li>Copy <tt>getRulebase.sample</tt> to
<tt>getRulebase</tt></li>
<li>Configure the script with your SNF license ID and
Authentication string.</li>
<ul>
<li>Change the line <tt>LICENSE_ID=licenseid</tt> to
<tt>LICENSE_ID=</tt><i>your_LicenseID</i></li>
<li>Change the line
<tt>AUTHENTICATION=authenticationxx</tt> to
<tt>AUTHENTICATION=</tt><i>your_AuthenticationString</i></li>
</ul>
<li>Make <tt>getRulebase</tt> executable:<br/>
&nbsp;&nbsp;<tt>chmod 755 getRulebase</tt></li>

</ul>

</ul>

<br/>
<li>Download the current Message Sniffer rulebase:
<ul>
<br/>
<li>On Windows systems...</li>
<ul>
<li>Create an <tt>UpdateReady.txt</tt> file:<tt><br>
&nbsp;&nbsp;echo . > UpdateReady.txt</tt><br>
</li>
<li>Run the <tt>getRulebase</tt> script:<tt><br>
&nbsp;&nbsp;getRulebase</tt><br>
<li>Check for a new rulebase (.snf) file<br/>
&nbsp;&nbsp;<tt>dir *.snf</tt></li>
</ul>
<br/>
<li>On Linux systems...</li>
<ul>
<li>Create an <tt>UpdateReady.txt</tt> file:<tt><br>
&nbsp;&nbsp;touch UpdateReady.txt</tt><br>
</li>
<li>Run the <tt>getRulebase</tt> script:<tt><br>
&nbsp;&nbsp;./getRulebase</tt><br>
<li>Check for a new rulebase (.snf) file<br>
&nbsp;&nbsp;<tt>ls *.snf</tt><br>
</ul>
</ul>

<blockquote><i>Note: The <B><tt>CGPSNF</tt></B> program will
automatically run the getRulebase
script as needed. However there must be a valid rulebase file present
before the CGPSNF program will run. This step also helps you verify that
the getRulebase script is configured correctly. If it is you will see a
new .snf file after running the script</i></blockquote>

<li>Proceed with <a HREF="#Test">Testing the Sniffer Plugin.</a></li>
</ul>

<h3><hr><a name=Test></a>Testing the Sniffer Plugin.</h3>
<p>On Windows System:</p>

<ul>
<li> Change to the module directory:<tt><br>
&nbsp;&nbsp;cd C:\CommuniGatePro\CGPSNF</tt><br>

<li>Launch the <tt>CGPSNF.exe</tt> application by typing:<tt><br>
&nbsp;&nbsp;CGPSNF</tt><br>
It will report the Plugin version number and build date.<br>

<li>Type: <br>
&nbsp;&nbsp;<tt>1 FILE junkmsg.msg</tt><br> The plugin should
report that the file is spam.


<li>Close the progrm by typing<br>
&nbsp;&nbsp;<tt>2 QUIT</tt>
</ul>

<p>On a Unix System:</p>
<ul>
<li> Change to the module directory:<tt><br>
&nbsp;&nbsp;cd /var/CommuniGate/CGPSNF</tt><br>

<li>Launch the <tt>CGPSNF</tt> application by typing:<tt><br>
&nbsp;&nbsp;./CGPSNF</tt><br>
It will report the Plugin version number and build date.<br>

<li>Type:<br>
&nbsp;&nbsp;<tt>1 FILE junkmsg.txt</tt><br>
the plugin should report that the file is spam.

<li>Close the program by typing<br>
&nbsp;&nbsp;<tt>2 QUIT</tt>

</ul>

<h3><hr><a name="Options"></a>Command Line Options</h3>
<dl>
<dd>
The Sniffer Plugin supports the following command-line option
(parameters):

<dl>
<p><dt><tt>path_to_config_file</tt></dt></p>

<dd>This option tells the Plugin to read the configuration from
<tt>path_to_config_file</tt>.
</dd>

</dl>

</dl>


<h3><hr><a name=Integrate></a>Integrating the Sniffer Plugin with CommuniGate Pro.</h3>

Please check
the <a HREF="http://www.communigate.com/CommuniGatePro/VirusScan.html#Launch">External
Filters</a> section of the CommuniGate Pro manual.

<p>Open the General page in the Settings section of the WebAdmin
Interface and click the Helpers link. Create the Helper as follows:</p>


<center class="WebAdmin"><form action="Null.html">
<table class="settingsBox" cellpadding="3" width="90%">
<caption>Content Filtering</caption>

<tr><td BGCOLOR="#EEEEEE">
<table class="settingsBox" WIDTH="100%" BORDER="0" CELLSPACING=1 CELLPADDING=0>
<tr>
<td align="right"><select name="U3"><option value="0">Disabled</option><option value="1" selected="selected">Enabled</option></select></td>
<td><input name="N3" value="ARM Sniffer" size="15" maxlength="200" type="text" /></td>
<td colspan=2 align=center></td>
</tr><tr>
<td align="right" width="25%">Log Level:</td><td><select name="L3"><option value="0">Crashes Only</option><option value="1">Failures</option><option value="2">Major &amp; Failures</option><option value="3">Problems</option><option value="4" selected="selected">Low Level</option><option value="5">All Info</option></select></td>
<td align="right" width="25%">Program Path:</td><td><input name="P3"
value="CGPSNF/CGPSNF" size="30" maxlength="255" type="text" /></td>

</tr><tr>
<td align=RIGHT>Time-out:</td><td><select name="T0"><option VALUE=0>disabled<option VALUE="15">15 seconds<option VALUE="30">30 seconds<option VALUE="60">minute<option VALUE="120">2 minutes<option VALUE="180">3 minutes<option VALUE="300" SELECTED>5 minutes<option VALUE="600">10 minutes<option VALUE="900">15 minutes<option VALUE="1800">30 minutes<option VALUE="3600">hour</select></td>
<td align=RIGHT>Auto-Restart:</td><td><select name="A0"><option VALUE=0>disabled<option VALUE="5">5 seconds<option VALUE="7">7 seconds<option VALUE="10">10 seconds<option VALUE="15">15 seconds<option VALUE="30">30 seconds<option VALUE="60" SELECTED>minute<option VALUE="120">2 minutes<option VALUE="180">3 minutes<option VALUE="300">5 minutes<option VALUE="600">10 minutes<option VALUE="900">15 minutes<option VALUE="1800">30 minutes<option VALUE="3600">hour<option VALUE="7200">2 hours<option VALUE="10800">3 hours<option VALUE="21600">6 hours</select></td>
</tr>
</table></td></tr>
</table></FORM></center>



<B>Note:</B> For Windows system the Program Path shold be
<tt>CGPSNF\CGPSNF.exe</tt><br>
<B>Note:</B> On some versions of FreeBSD system you may need to
specify the full path to the program,
i.e. <tt>/var/CommuniGate/CGPSNF/CGPSNF</tt>

<p>The recommended Scanning Rule is as follows:</p>

<center class="WebAdmin"><form action="Null.html">
<table class="settingsBox" cellpadding="3" width="90%">
<tr align="left">
<th>Data</th>
<th>Operation</th>
<th>Parameter</th>
</tr>
<tr>
<td>
<select name="c2"><option VALUE="0" selected>---<option VALUE="12">Message Size</select>
</td><td>
<select name="o2"><option VALUE="0" selected>is<option VALUE="4">greater than</select>
</td><td>
<INPUT TYPE="text" name="p2" VALUE="" SIZE="20" MAXLENGTH="1024">
</td>
</tr>

<tr align="left">
<th>Action</th>
<th colspan="2">Parameter</th>
</tr>
<tr valign=TOP>
<td><select name="a0"><option VALUE="0">---<option VALUE="6">Stop Processing<option VALUE="17" selected>ExternalFilter</select>
</td><td><textarea name="r0" rows="4" cols="40">ARM Sniffer</textarea>
</td>
</tr>
<tr valign=top>
<td><select name="a1"><option value="0" selected>---<option value="7">Stop Processing</select></td>
<td colspan="2"><textarea name="r1" rows="4" cols="40"></textarea></td>
</tr>

</table></form></center>

<hr/>

</body>
</html>

+ 11
- 0
CGPSNF/GBUdbIgnoreList.txt.sample View File

# List of IPs to Ignore on startup
# THIS FILE MUST BE PRESENT FOR SNF TO START!
# Each IP in this list is set to Ignore in GBUdb when
# The configuration is loaded.
# Hash mark on the beginning of a line indicates a comment.
# Comments after an IP are also ignored.
# One line per IP. Sorry, no CIDR yet.
# Note that you can also use Drilldown directives to achieve CIDR like results automatically.
# Be sure to list ALL of your gateways :-)
127.0.0.1 # ignore localhost, of course.

BIN
CGPSNF/SNFClient.exe View File


BIN
CGPSNF/curl.exe View File


+ 70
- 0
CGPSNF/getRulebase.cmd.sample View File

@ECHO OFF
SETLOCAL
REM ----- Edit This Section --------
SET SNIFFER_PATH=c:\CommuniGatePro\CGPSNF
SET AUTHENTICATION=authenticationxx
SET LICENSE_ID=licensid
REM --------------------------------
CD /d %SNIFFER_PATH%
echo Running SNF getRulebase.cmd > getRulebase.txt
if not exist UpdateReady.txt echo No UpdateReady.txt >> getRulebase.txt
if not exist UpdateReady.txt goto DONE
REM The next line may cause trouble if your system stops while this
REM script is running. It is not needed when this script is run
REM from SNF's <update-script/> feature since only one copy will run
REM at a time. However, if you are going to run a version of this
REM script as a scheduled task you will want to uncomment the next
REM line to make sure only one copy runs at a time-- just be sure to
REM clean out any stale .lck files after a restart.
REM if exist UpdateReady.lck echo getRulebase.cmd locked/running >> getRulebase.txt
REM if exist UpdateReady.lck goto DONE
:DOWNLOAD
copy UpdateReady.txt UpdateReady.lck > nul
if exist %LICENSE_ID%.new del %LICENSE_ID%.new
echo.
curl -v "http://www.sortmonster.net/Sniffer/Updates/%LICENSE_ID%.snf" -o %LICENSE_ID%.new -S -R -z %LICENSE_ID%.snf -H "Accept-Encoding:gzip" --compressed -u sniffer:ki11sp8m 2>> getRulebase.txt
if %ERRORLEVEL% NEQ 0 del %LICENSE_ID%.new 2> nul
if not exist %LICENSE_ID%.new echo New rulebase file NOT downloaded >> getRulebase.txt
if not exist %LICENSE_ID%.new goto CLEANUP
snf2check.exe %LICENSE_ID%.new %AUTHENTICATION% 2>> getRulebase.txt
if errorlevel 1 goto CLEANUP
echo New rulebase file tested OK >> getRulebase.txt
if exist %LICENSE_ID%.old del %LICENSE_ID%.old
if exist %LICENSE_ID%.snf rename %LICENSE_ID%.snf %LICENSE_ID%.old
rename %LICENSE_ID%.new %LICENSE_ID%.snf
if exist UpdateReady.txt del UpdateReady.txt
if exist UpdateReady.lck del UpdateReady.lck
:CLEANUP
if exist %LICENSE_ID%.new del %LICENSE_ID%.new
if exist UpdateReady.lck del UpdateReady.lck
:DONE
echo Done >> getRulebase.txt
REM This is a good place to add a line that will email getrulebase.txt to
REM yourself so that you know what just happened.
ENDLOCAL

+ 2
- 0
CGPSNF/identity.xml.sample View File

<snf><identity licenseid='licensid' authentication='authenticationxx'/></snf>

+ 51
- 0
CGPSNF/junkmsg.txt View File

Received: from c-69-251-204-89.hsd1.md.example.com [69.251.204.89] (HELO c-69-251-204-89.hsd1.md.example.com)
by inbound.example.com (CommuniGate Pro SMTP 5.1.5)
with ESMTP id 488834279 for timarsh1@example.com; Mon, 17 Mar 2008 19:46:13 -0400
Message-ID: <000601c88888$04d58eff$9bb664a3@xytlg>
From: =?koi8-r?B?8MnXztHL?= <jsanghvi@example.com>
To: <timarsh1@example.com>
Subject: =?koi8-r?B?Rnc6INzUzyDNz9bF1CDQ0snHz8TJ1NjT0Q==?Date: Mon, 17 Mar 2008 21:56:52 +0000
MIME-Version: 1.0
Content-Type: text/plain;
charset="koi8-r"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
X-RCPT-TO: <timarsh1@example.com>
Status: U
X-UIDL: 493986027
<HTML>
<HEAD>
<TITLE>Bondage Bulletin</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
</HEAD>
<BODY BGCOLOR=#000000 LEFTMARGIN=0 TOPMARGIN=0 MARGINWIDTH=0 MARGINHEIGHT=0>
<center>
<TABLE WIDTH=500 BORDER=0 CELLPADDING=0 CELLSPACING=0>
<TR>
<TD COLSPAN=3><A HREF="http://pillagemypussy.com/"><IMG SRC="http://sex-mails.com/bb/im/bb_logo.gif" WIDTH=500 HEIGHT=35 BORDER=0></A></TD>
</TR>
<TR>
<TD COLSPAN=2><A HREF="http://pillagemypussy.com/"><IMG SRC="http://sex-mails.com/bb/im/bb_2.jpg" WIDTH=369 HEIGHT=194 BORDER=0></A></TD>
<TD ROWSPAN=2><A HREF="http://pillagemypussy.com/"><IMG SRC="http://sex-mails.com/bb/im/bb_3.jpg" WIDTH=131 HEIGHT=343 BORDER=0></A></TD>
</TR>
<TR>
<TD><A HREF="http://pillagemypussy.com/"><IMG SRC="http://sex-mails.com/bb/im/bb_4.jpg" WIDTH=122 HEIGHT=149 BORDER=0></A></TD>
<TD><A HREF="http://pillagemypussy.com/"><IMG SRC="http://sex-mails.com/bb/im/bb_5.gif" WIDTH=247 HEIGHT=149 BORDER=0></A></TD>
</TR>
<TR>
<TD COLSPAN=3><IMG SRC="http://sex-mails.com/bb/im/bb_6.gif" WIDTH=500 HEIGHT=74 BORDER=0 USEMAP="#bb_6_Map"></TD>
</TR>
</TABLE>
<MAP NAME="bb_6_Map">
<AREA SHAPE="rect" COORDS="303,54,484,73" HREF="http://shavekitty.com/">
<AREA SHAPE="rect" COORDS="149,56,288,73" HREF="http://mygyno.com/">
<AREA SHAPE="rect" COORDS="13,55,143,73" HREF="http://scatattack.com/">
<AREA SHAPE="rect" COORDS="315,31,487,51" HREF="http://peepersxxx.com/">
<AREA SHAPE="rect" COORDS="169,31,308,52" HREF="http://fuckmyfist.com/">
<AREA SHAPE="rect" COORDS="22,33,162,51" HREF="http://weeonme.com/">
</MAP>
</center>

BIN
CGPSNF/mingwm10.dll View File


+ 156
- 0
CGPSNF/snf-configuration.css View File

a {
text-decoration: none;
}
body {
font-family:Verdana, Geneva, sans-serif;
font-size:1em;
font-weight: normal;
}
.banner {
font-weight:bold;
border-top-width: thin;
border-right-width: thin;
border-bottom-width: thin;
border-left-width: thin;
border-top-style: solid;
border-right-style: solid;
border-bottom-style: solid;
border-left-style: solid;
background-color: #F7931E;
text-align: center;
}
.chart {
margin-top: 0.5em;
margin-bottom: 0.5em;
}
.chart-header {
border-top-width: thin;
border-right-width: thin;
border-bottom-width: thin;
border-left-width: thin;
border-top-style: solid;
border-right-style: solid;
border-bottom-style: solid;
border-left-style: solid;
background-color: #F90;
font-weight: bold;
padding: 0.2em;
}
.chart-label {
border-top-width: thin;
border-right-width: thin;
border-bottom-width: thin;
border-left-width: thin;
border-top-style: solid;
border-right-style: solid;
border-bottom-style: solid;
border-left-style: solid;
background-color: #FC0;
font-weight: bold;
padding: 0.2em;
white-space: nowrap;
}
.chart-value {
border-top-width: thin;
border-right-width: thin;
border-bottom-width: thin;
border-left-width: thin;
border-top-style: solid;
border-right-style: solid;
border-bottom-style: solid;
border-left-style: solid;
padding: .2em;
white-space: nowrap;
}
.xhdr-chart {
width: 80%;
}
.xhdr-col1 {
width: 35%;
}
.xhdr-col2 {
}
.xhdr-col3 {
}
.oncolor {
background-color: #9F9;
}
.offcolor {
background-color: #FCF;
}
.notset {
background-color: #CCC;
}
.section {
margin-top: 1em;
}
.section-label {
font-weight: bold;
text-decoration: underline;
font-size: large;
margin-top: .5em;
margin-bottom: .5em;
}
.section-item {
position: relative;
left: 2em;
}
.sub-section {
margin-top: .5em;
position: relative;
left: 2em;
}
.item-label {
font-weight: bold;
padding-right: 1em;
}
.item-value {
font-family: "Lucida Console", Monaco, monospace;
font-weight: normal;
}
.node {
}
.paths {
}
.logs {
}
.network {
}
.xci {
}
.gbudb {
}
.rule-panics {
}
.platform {
}
.msg-file {
}

+ 1637
- 0
CGPSNF/snf-configuration.xsl
File diff suppressed because it is too large
View File


BIN
CGPSNF/snf2check.exe View File


+ 167
- 0
CGPSNF/snf_engine.xml.sample View File

<?xml version="1.0"?>
<?xml-stylesheet type="text/xsl"
href="snf-configuration.xsl"?>
<!-- SNFMulti V3.0 Configuration File, Setup: Typical of SNF4CGP -->
<!-- http://www.armresearch.com/support/articles/software/snfServer/config/snfEngine.jsp -->
<snf>
<node identity='C:\CommuniGatePro\CGPSNF\identity.xml'>
<paths>
<log path='C:\CommuniGatePro\CGPSNF\'/>
<rulebase path='C:\CommuniGatePro\CGPSNF\'/>
<workspace path='C:\CommuniGatePro\CGPSNF\'/>
</paths>
<logs>
<rotation localtime='no'/>
<status>
<second log='yes' append='no'/>
<minute log='yes' append='no'/>
<hour log='no' append='no'/>
</status>
<scan>
<identifier force-message-id='no'/>
<classic mode='api' rotate='yes' matches='unique'/>
<xml mode='file' rotate='yes' matches='all' performance='yes' gbudb='yes'/>
<xheaders>
<output mode='api'/>
<version on-off='off'>X-MessageSniffer-Version</version>
<license on-off='off'>X-MessageSniffer-License</license>
<rulebase on-off='off'>X-MessageSniffer-RulebaseUTC</rulebase>
<identifier on-off='off'>X-MessageSniffer-Identifier</identifier>
<gbudb on-off='on'>X-GBUdb-Analysis</gbudb>
<result on-off='on'>X-MessageSniffer-Scan-Result</result>
<matches on-off='on'>X-MessageSniffer-Rules</matches>
<black on-off='on'>X-MessageSniffer-Spam: Yes</black>
<white on-off='off'>X-MessageSniffer-White: Yes</white>
<clean on-off='off'>X-MessageSniffer-Clean: Yes</clean>
<symbol on-off='off' n='0'>X-MessageSniffer-SNF-Group: OK</symbol>
<symbol on-off='off' n='20'>X-MessageSniffer-SNF-Group: Truncated</symbol>
<symbol on-off='off' n='40'>X-MessageSniffer-SNF-Group: Caution</symbol>
<symbol on-off='off' n='63'>X-MessageSniffer-SNF-Group: Black</symbol>
<symbol on-off='off' n='62'>X-MessageSniffer-SNF-Group: Obfuscation</symbol>
<symbol on-off='off' n='61'>X-MessageSniffer-SNF-Group: Abstract</symbol>
<symbol on-off='off' n='60'>X-MessageSniffer-SNF-Group: General</symbol>
<symbol on-off='off' n='59'>X-MessageSniffer-SNF-Group: Casinos-Gambling</symbol>
<symbol on-off='off' n='58'>X-MessageSniffer-SNF-Group: Debt-Credit</symbol>
<symbol on-off='off' n='57'>X-MessageSniffer-SNF-Group: Get-Rich</symbol>
<symbol on-off='off' n='56'>X-MessageSniffer-SNF-Group: Ink-Toner</symbol>
<symbol on-off='off' n='55'>X-MessageSniffer-SNF-Group: Malware</symbol>
<symbol on-off='off' n='54'>X-MessageSniffer-SNF-Group: Porn-Dating-Adult</symbol>
<symbol on-off='off' n='53'>X-MessageSniffer-SNF-Group: Scam-Phishing</symbol>
<symbol on-off='off' n='52'>X-MessageSniffer-SNF-Group: Snake-Oil</symbol>
<symbol on-off='off' n='51'>X-MessageSniffer-SNF-Group: Spamware</symbol>
<symbol on-off='off' n='50'>X-MessageSniffer-SNF-Group: Media-Theft</symbol>
<symbol on-off='off' n='49'>X-MessageSniffer-SNF-Group: AV-Push</symbol>
<symbol on-off='off' n='48'>X-MessageSniffer-SNF-Group: Insurance</symbol>
<symbol on-off='off' n='47'>X-MessageSniffer-SNF-Group: Travel</symbol>
</xheaders>
</scan>
</logs>
<network>
<sync secs='30' host='sync.messagesniffer.net' port='25'/>
<update-script on-off='on' call='C:\CommuniGatePro\CGPSNF\getRulebase.cmd' guard-time='180'/>
</network>
<xci on-off='on' port='9001'/>
<gbudb>
<database>
<condense minimum-seconds-between='600'>
<time-trigger on-off='on' seconds='86400'/>
<posts-trigger on-off='off' posts='1200000'/>
<records-trigger on-off='off' records='600000'/>
<size-trigger on-off='on' megabytes='150'/>
</condense>
<checkpoint on-off='on' secs='3600'/>
</database>
<regions>
<white on-off='on' symbol='0'>
<edge probability='-1.0' confidence='0.4'/>
<edge probability='-0.8' confidence='1.0'/>
<panic on-off='on' rule-range='1000'/>
</white>
<caution on-off='on' symbol='40'>
<edge probability='0.4' confidence='0.0'/>
<edge probability='0.8' confidence='0.5'/>
</caution>
<black on-off='on' symbol='63'>
<edge probability='0.8' confidence='0.2'/>
<edge probability='0.8' confidence='1.0'/>
<truncate on-off='on' probability='0.9' peek-one-in='5' symbol='20'/>
<sample on-off='on' probability='0.8' grab-one-in='5' passthrough='no' passthrough-symbol='0'/>
</black>
</regions>
<training on-off='on'>
<bypass>
<!-- <header name='To:' find='spam@example.com'/> -->
<!-- <header name='Received:' ordinal='1' find='friendlyhost.com'/> -->
</bypass>
<drilldown>
<!-- <received ordinal='0' find='[12.34.56.'/> where we want to ignore 12.34.56.0/24 -->
<!-- <received ordinal='0' find='mixed-source.com'/> -->
<!-- <received ordinal='1' find='mixed-source-internal.com'/> -->
</drilldown>
<source>
<!-- <header name='X-Use-This-Source:' received='mixedsource.com [' ordinal='0' /> -->
<!-- <header name='X-Originating-IP:' received='hotmail.com [' ordinal='0' /> -->
</source>
<white>
<result code='1'/>
<!-- <header name='Received:' ordinal='0' find='.friendlyhost.com'/> -->
</white>
</training>
</gbudb>
<rule-panics>
<!--
<rule id='123456'/>
<rule id='123457'/>
-->
</rule-panics>
<platform>
<snf4cgp>
<ham action='Allow' reason='Message OK' comment='Message OK' headers='yes' xml='yes'>
<result code='0' comment='(0) Not Spam/Malware' />
<result code='1' comment='(1) White Rule/IP-Range' />
</ham>
<spam action='Allow' reason='Spam/Malware' comment='Spam/Malware' headers='yes' classic='no' xml='no' hold-path='quarantine'>
<result code='40' comment='(40) Caution' />
<result code='63' action='Reject' reason='Source IP black listed (GBUdb/black)' comment='(63) Black' />
<result code='20' action='Reject' reason='Source IP black listed (GBUdb/truncate)' comment='(20) Truncate' />
</spam>
</snf4cgp>
</platform>
<msg-file type='cgp'/>
</node>
</snf>

Loading…
Cancel
Save