forked from cwc-github/sp-enduser
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsettings-default.php
More file actions
196 lines (171 loc) · 7.19 KB
/
settings-default.php
File metadata and controls
196 lines (171 loc) · 7.19 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
<?php
/*
* This is the configuration file, in PHP format. In most cases, it's
* ok just to edit our settings, and remove the // comments.
*/
/*
* System "nodes" are the most important directives; they specify where
* your Halon mail gateway(s) are, and how to access it/them.
*
* If you are planning on using authentication methods other than the default
* 'server' mode (which authenticates users directly against the server), you
* need to specify a username and password that will be used to access the
* server for non-server users. Otherwise, this can and should be omitted.
*
* It might be a good idea to read about authentication scripts on our wiki, to
* create specific access rights so that if this end-user web is compromised,
* your gateways are not. In some cases, even read-only access is good enough
* for this application.
*/
//$settings['node'][] = array(
// 'address' => 'https://10.2.0.30/',
// );
//$settings['node'][] = array(
// 'address' => 'https://10.2.0.31/',
// 'username' => 'admin',
// 'password' => 'admin',
// );
/*
* The API key is used by the Halon mail gateways to communicate with
* this application, such as creating database users when messages are
* quarantined, or doing black/whitelist lookups.
*/
//$settings['api-key'] = 'secret';
/*
* The "mail from" and "public-url" settings are used by this application
* as self identification, for example in mail such as forgot password
* reminders or digest lists. The default source determine what's shown
* on the first page, or when pressing "messages" in the menu.
*/
//$settings['mail']['from'] = 'Mail quarantine <postmaster@example.org>';
//$settings['public-url'] = 'http://10.2.0.166/enduser/';
//$settings['default-source'] = 'all';
//$settings['display-scores'] = false;
//$settings['display-textlog'] = false;
//$settings['display-stats'] = false;
//$settings['display-history'] = true;
//$settings['display-queue'] = true;
//$settings['display-quarantine'] = true;
//$settings['display-all'] = true;
//$settings['display-bwlist'] = true;
//$settings['display-spamsettings'] = false;
//$settings['display-ratelimits'] = false;
//$settings['display-listener']['mailserver:1'] = 'Inbound';
//$settings['display-transport']['mailtransport:2'] = 'Internet';
/*
* It's possible to use this application completely without a database.
* However, features such as local users (if SMTP or LDAP authentication
* is not suitable) and black/whitelisting requires a database. You can use
* most databases, such as SQLite, MySQL and PostgreSQL. Below are a few
* examples. You should use PHP PDO format.
*/
//$settings['database']['dsn'] = 'sqlite:/tmp/foo.db';
//$settings['database']['dsn'] = 'pgsql:host=localhost;port=5432;dbname=spenduser;user=halon;password=halon';
//$settings['database']['dsn'] = 'mysql:host=localhost;port=5432;dbname=spenduser';
//$settings['database']['user'] = 'root';
//$settings['database']['password'] = '1';
//$settings['database']['partitions'] = 1;
//$settings['database']['partitiontype'] = 'string'; // or 'integer'
/*
* Logs are normally read from the nodes directly, but for performance, you can
* instead opt to configure your nodes to log to a central database server, as
* described at: http://wiki.halon.se/End-user#History_log
*/
//$settings['database-log'] = false;
/*
* Stats are normally read from the nodes directly, but for performance, you can
* instead opt to configure your nodes to stat to a central database server, as
* described at: http://wiki.halon.se/End-user#History_log
*/
//$settings['database-stats'] = false;
/*
* Authentication is probably the second most important configuration
* directive, as it specifies how end-users should identify themselves.
*
* You can use the following types:
* - LDAP, against for example an Exchange server
* - SMTP (SASL), against a mail server, if the username is an e-mail
* - Database, populated by the Halon mail gateways when mail are quarantined
* - Local accounts, statically configured in this file (with access rights).
* Use lower case letters when manually adding an access level.
* - Server account, authorized against an account on the nodes themselves.
*
* If no authorization methods are specified, 'server' is assumed.
*/
//$settings['authentication'][] = array(
// 'type' => 'database',
// );
// $settings['authentication'][] = array(
// 'type' => 'account',
// 'username' => 'foo',
// 'password' => 'foo',
// 'access' => array( // optional access restrictions
// 'domain' => array('example.com'),
// 'mail' => array('foo@example.com'),
// ),
// );
//$settings['authentication'][] = array(
// 'type' => 'ldap',
// 'uri' => 'ldap://10.2.7.2',
// 'base_dn' => 'CN=Users,DC=dev,DC=halon,DC=local',
// 'schema' => 'msexchange',
// 'options' => array(LDAP_OPT_PROTOCOL_VERSION => 3),
// );
//$settings['authentication'][] = array(
// 'type' => 'smtp',
// 'host' => '10.2.0.30',
// 'port' => 25,
// );
//$settings['authentication'][] = array(
// 'type' => 'server',
// );
/*
* The quarantine filter is used to restrict the end-user access to
* only certain quarantines, in case you have multiple quarantines with
* different purposes.
*/
//$settings['quarantine-filter'][] = 'mailquarantine:1';
//$settings['quarantine-filter'][] = 'mailquarantine:2';
/*
* The default filter-pattern to use when creating additional
* inbound/outbound restrictions are "{from} or {to}", however
* in some cases it's necessary to know if the message is
* inbound or outbound.
*/
//$settings['filter-pattern'] = '{from} server=mailserver:2 or {to} server=mailserver:1';
/*
* The rate limits to display on the "rate limit" page.
* All parameters in the array for a namespace are optional and can be omittied if not applicable.
*/
//$settings['ratelimits'][] = array(
// 'name' => 'Outbound spammers', // Name to show in UI
// 'ns' => 'outbound-spammers', // Namespace
// 'count_min' => 10, // Minimum count required for entry to show
// 'count_limit' => 100, // At which number the limit is exceeded
// 'action' => 'DEFER', // Action taken if limit is exceeded
// 'search_filter' => 'from=$entry', // Search filter for the "messages" page
// );
/*
* It's possible to send "digest" messages with a list of what's in
* the quarantine. It is added as a cron job, to be run every 24 hours:
* # php cron.php.txt digestday
* and it will use the authentication sources to find users. To use LDAP,
* add a 'bind_dn' and 'bind_password' to your LDAP source. To use static
* users (type account), add a 'email' to them. To send digest messages to
* EVERY RECIPIENT (user or not) that has quarantine messages, enable the
* to-all option below. To have a "direct release link" in the messages,
* enable the digest secret below.
*/
//$settings['digest']['to-all'] = true;
//$settings['digest']['secret'] = 'badsecret';
/*
* If hosting multiple websites on the same server, it's important to use
* different session names for each site.
*/
//$settings['session-name'] = 'spenduser';
/*
* Customizable text in the interface.
*/
//$settings['pagename'] = "Halon SP for end-users";
//$settings['logintext'] = "Some text you'd like to display on the login form";
//$settings['forgottext'] = "Some text you'd like to display on the forgot form";