[Pkg-clamav-devel] [RFR] templates://clamav/{clamav-milter.templates}
Christian Perrier
bubulle at debian.org
Thu Mar 26 18:58:47 UTC 2009
Please find, for review, the debconf templates and packages descriptions for the clamav source package.
This review will last for 5 days only
Please send reviews as unified diffs (diff -u) against the original
files. Comments about your proposed changes will be appreciated.
Your review should be sent as an answer to this mail.
When appropriate, I will send intermediate requests for review, with
"[RFRn]" (n>=2) as a subject tag.
When we will reach a consensus, I send a "Last Chance For
Comments" mail with "[LCFC]" as a subject tag.
Finally, the reviewed templates will be sent to the package maintainer
as a bug report, and a mail will be sent to this list with "[BTS]" as
a subject tag.
Rationale:
--- clamav.old/debian/clamav-milter.templates 2009-03-26 19:12:49.816449140 +0100
+++ clamav/debian/clamav-milter.templates 2009-03-26 19:12:52.020445732 +0100
@@ -4,23 +4,21 @@
_Description: Handle the configuration file automatically?
Some options must be configured for clamav-milter.
.
- The ClamAV suite won't work if it isn't configured. If you do not
+ It won't work if it isn't configured. If you do not
configure it automatically, you'll have to configure
- /etc/clamav/clamav-milter.conf manually or run 'dpkg-reconfigure clamav-milter'
+ /etc/clamav/clamav-milter.conf manually or run "dpkg-reconfigure clamav-milter"
later. In any case, manual changes in /etc/clamav/clamav-milter.conf will
be respected.
What won't work is clamav-milter....not ClamAV. I suspect this to be
inherited from other clamav templates.
Move to double quotes which is what we now recommend
Template: clamav-milter/MilterSocket
Type: string
Default: /var/run/clamav/milter.ctl
-_Description: Define the interface through to communicate with sendmail:
- Possible formats are:
- .
- Unix domain socket: [[unix|local]:]/path/to/file
- .
- IPv4 socket: inet:port@[hostname|ip-address]
- .
- IPv6 socket: inet6:port@[hostname|ip-address]
+_Description: Communication interface with sendmail:
+ Please choose the method that should be used by clamav-milter to
+ communicate with sendmail. The following formats can be used:
+ - Unix domain socket: [[unix|local]:]/path/to/file
+ - IPv4 socket : inet:port@[hostname|ip-address]
+ - IPv6 socket : inet6:port@[hostname|ip-address]
Complete layout reformatting to:
- hard-format the itemized list
- shorten it down
Template: clamav-milter/FixStaleSocket
Type: boolean
@@ -32,142 +30,181 @@
Default: clamav
_Description: User to run clamav-milter as:
It is recommended to run the ClamAV programs as a non-privileged user.
- This will work with most MTAs with a little tweaking, but if you want to
- use clamd for filesystem scans, running as root is probably unavoidable.
+ This will work with most MTAs with a little tweaking. However, using
+ clamd for filesystem scans while require running clamav-milter as root.
+ .
Please see README.Debian in the clamav-base package for details.
Split in two sentences and rephrase to drop the "this is probably
unavoidable" part.
Maybe "file system" by the way....
Template: clamav-milter/AddGroups
Type: string
_Description: Groups for clamav-milter (space-separated):
By default, clamav-milter runs as a non-privileged user. If you need
- clamav-milter to be able to access files owned by another user (e.g., in
- combination with an MTA), then you will need to add clamav to the group for
- that piece of software. Please see README.Debian in the clamav-base package for
+ clamav-milter to be able to access files owned by another user (for
+ instance when it is used in combination with an MTA), this user
+ need to be added to the relevant group(s).
+ .
+ Please see README.Debian in the clamav-base package for
details.
"e.g." is a latinism and we try to discourage them.
The previous phrasing is quite jerky. Not sure that mine is better but
I find it clearer.
Template: clamav-milter/ReadTimeout
Type: string
Default: 120
-_Description: Waiting for data from clamd will timeout after this time (seconds):
- Set to a value of '0' to disable the timeout.
+_Description: Wait timeout for data coming from clamd:
+ Please enter the delay (in seconds) before clamav-milter times out when it is
+ waiting for incoming data from clamd.
+ .
+ Choosing "0" will disable this timeout.
Shorten the synopsis and make it a better "prompt".
Template: clamav-milter/Foreground
Type: boolean
Default: false
-_Description: Stay in foreground (don't fork)?
+_Description: Should clamav-milter stay in foreground (don't fork)?
"what should stay in foreground"? :-)
Template: clamav-milter/Chroot
Type: string
_Description: Chroot to directory:
- Chrooting is performed just after reading the config file and before dropping
- privileges. An empty value means don't chroot.
+ Clamav-milter can run in a chroot jail. It will enter it after reading
+ the configuration file and before dropping root privileges.
+ .
+ If that field is left empty, no chrooting will occur.
Well, "chroot" is jargonic enough for a little introduction to be
worth it.
Template: clamav-milter/PidFile
Type: string
Default: /var/run/clamav/clamav-milter.pid
_Description: PID file:
- This option allows you to save a process identifier of the listening daemon
- (main thread).
+ Please specify the process identifier file location for clamav-milter's
+ listening daemon (main thread).
Use the "please specify" formula which we use very often. Specify what
listening daeming this is about...
Template: clamav-milter/TemporaryDirectory
Type: string
Default: /tmp
-_Description: Optional path to the global temporary directory:
- If unset, $TMPDIR and $TEMP will be honored.
+_Description: Global temporary directory path:
+ Please specify the directory for clamav-milter's temporary files.
+ If unset, $TMPDIR and $TEMP will be honored.
I'm not really comfortable with that "global" tempdir thing because I
don't really know what clamav-milter is doing with it..:)
Template: clamav-milter/ClamdSocket
Type: string
Default: unix:/var/run/clamav/clamd.ctl
-_Description: Define the clamd socket to connect to for scanning:
- To refer to a local unix socket using a absolute path, use unix:path (e.g.,
- unix:/var/run/clamd/clamd.socket). A local or remote TCP socket is specified
- using the tcp:host:port syntax. The host can be a hostname or an ip address;
- the ":port" field is only required for IPv6 addresses, otherwise it defaults to
- 3310 (e.g., tcp:192.168.0.1).
- .
- This option can be repeated several times (separated by whitespace) with
- different sockets or even with the same socket: clamd servers will be selected
- in a round-robin fashion.
+_Description: Clamd socket to connect to for scanning:
+ Please specify the socket to use to connect to the ClamAV daemon for
+ scanning purposes. Possible choices are:
+ unix:path : local unix socket using a absolute path.
+ Example: unix:/var/run/clamd/clamd.socket
+ tcp:host:port : local or remote TCP socket. The "host" value can be
+ either a hostname or an IP address. The "port"
+ is only required for IPv6 addresses (default: 3310).
+ Example: tcp:192.168.0.1
+ .
+ You may specify multiple choices, separated by spaces. In such cases, the
+ clamd servers will be selected in a round-robin fashion.
Complete reformatting. I tried to make this clearer and
hard-formatting is IMHO mandatory for this.
Template: clamav-milter/LocalNet
Type: string
-_Description: Exclusions - IP ranges:
- Messages originating from these hosts/networks will not be scanned. This
- option takes a host(name)/mask pair in CIRD notation and can be repeated
- several times (separated by whitespace). If "/mask" is omitted, a host is
- assumed. To specify a locally originated, non-smtp, email use the keyword
- "local".
+_Description: Hosts excluded from scanning:
+ Please specify, in CIDR notation (host(name)/mask), the hosts for
+ which no scanning should be performed on incoming mail. Multiple entries
+ should be separated by spaces. The "local" shortcut can be used to
+ specify locally-originated (non SMTP) email.
.
- If unset, everything regardless of the origin is scanned.
+ If this field is left empty, all incoming mail will be scanned.
Again, nearly completely rewritten. This is a really tricky
template. Hopefully, my version is an enhancement..:)
Template: clamav-milter/Whitelist
Type: string
-_Description: Exclusions - Regular expressions:
- This option specifies a file which contains a list of POSIX regular
- expressions. Addresses (sent to or from) matching these regexes will not be
- scanned. Optionally each line can start with the string "From:" or "To:"
- (note: no whitespace after the colon) indicating if it is, respectively, the
- sender or recipient that is to be whitelisted. If the field is missing, "To:"
- is assumed.
+_Description: Mail addresses whitelist:
+ Please specify the path to a file which contains a list of POSIX regular
+ expressions to specify mail addresses for which no scanning should be
+ performed.
+ .
+ Eeach line in this file may start with "From:" or "To:" to
+ restrict whitelisting to either the sender (From:) or recipient (To:)
+ addresses. Without such prefix, whitelisting is restricted to
+ recipients (To:).
.
- Lines in this file starting with #, : or ! are ignored.
+ That file may include comments, prefixed by "#", ":" or "!" characters.
Another completely rewritten template. I'm slightly unhappy because it
is still quite long (but I don't really find how to shorten it more).
Template: clamav-milter/OnClean
Type: select
-Choices: Accept, Reject, Defer, Blackhole, Quarantine
+__Choices: Accept, Reject, Defer, Blackhole, Quarantine
Default: Accept
-_Description: Action to be performed on clean messages (mostly useful for testing):
- The following actions are available:
+_Description: Action to perform on clean messages:
+ Please choose the action to perform on "clean" messages:
.
- - Accept: The message is accepted for delievery
+ - Accept : the message is accepted for delivery;
+ - Reject : immediately refuse delivery (with a 5xx error);
+ - Defer : return a temporary failure message (4xx);
+ - Blackhole : accept the message then drop it;
+ (not available for OnFail)
+ - Quarantine: accept the message then quarantine it. With
+ sendmail, the quarantine queue can be examined
+ with "mailq -qQ". With Postfix, such mails are placed
+ on hold.
+ (not available for OnFail)
.
- - Reject: Immediately refuse delievery (a 5xx error is returned to the peer)
- .
- - Defer: Return a temporary failure message (4xx) to the peer
- .
- - Blackhole (not available for OnFail): Like accept but the message is sent to
- oblivion
- .
- - Quarantine (not available for OnFail): Like accept but message is quarantined
- instead of being delivered In sendmail the quarantine queue can be examined
- via mailq -qQ For Postfix this causes the message to be accepted but placed
- on hold
+ This setting is meant for testing purposes only.
And yet another big rewrite...:-)
First of all, I think the choices should be translatable. Of course,
debconf will put the non translated value in the config file, don't
worry. So making the values translatable is safe. The "__" trick
allows splitting choices in case more options are added in the future.
The itemized list is of course hard-formatted (yours wasn't....which
is one of the big mess I mentioned).
Move the "for test) in the long description...
Template: clamav-milter/OnInfected
Type: select
-Choices: Accept, Reject, Defer, Blackhole, Quarantine
+__Choices: Accept, Reject, Defer, Blackhole, Quarantine
Default: Quarantine
-_Description: Action to be performed on infected messages:
+_Description: Action to perform on infected messages:
+ Please choose the action to perform on "infected" messages:
+ .
+ - Accept : the message is accepted for delivery;
+ - Reject : immediately refuse delivery (with a 5xx error);
+ - Defer : return a temporary failure message (4xx);
+ - Blackhole : accept the message then drop it;
+ (not available for OnFail)
+ - Quarantine: accept the message then quarantine it. With
+ sendmail, the quarantine queue can be examined
+ with "mailq -qQ". With Postfix, such mails are placed
+ on hold.
+ (not available for OnFail)
Same rewrite. Paragraphs being the same for the similar 3
templates...will make translators happy. :-)
Template: clamav-milter/OnFail
Type: select
-Choices: Accept, Reject, Defer, Blackhole, Quarantine
+__Choices: Accept, Reject, Defer, Blackhole, Quarantine
Default: Defer
-_Description: Action to be performed on error conditions:
- This includes failure to allocate data structures, no scanners available,
- network timeouts, unknown scanner replies and the like)
+_Description: Action to perform on error conditions:
+ Please choose the action to perform on errors such as failure to
+ allocate data structures, no scanners available,
+ network timeouts, unknown scanner replies...:
+ .
+ - Accept : the message is accepted for delivery;
+ - Reject : immediately refuse delivery (with a 5xx error);
+ - Defer : return a temporary failure message (4xx);
+ - Blackhole : accept the message then drop it;
+ (not available for OnFail)
+ - Quarantine: accept the message then quarantine it. With
+ sendmail, the quarantine queue can be examined
+ with "mailq -qQ". With Postfix, such mails are placed
+ on hold.
+ (not available for OnFail)
Ditto
Template: clamav-milter/RejectMsg
Type: string
_Description: Specific rejection reason for infected messages:
- It is only useful together with "OnInfected Reject". The string "%v", if
- present, will be replaced with the virus name.
+ Please specify the rejection reason that will be included in reject mails.
+ .
+ This option is only useful together with "OnInfected Reject".
+ .
+ The "%v" string may be used to include the virus name.
Introduce the setting in the long description ("Please <foo>"). Using
"It is..." makes a link between the synopsis and the long description,
which is discouraged (it assumes that the long description comes after
the synopsis, which is not always true).
Template: clamav-milter/AddHeader
Type: boolean
Default: false
_Description: Add headers to processed messages?
- If adding headers is enabled, "X-Virus-Scanned" and "X-Virus-Status" headers
+ If you choose this option, "X-Virus-Scanned" and "X-Virus-Status" headers
will be attached to each processed message, possibly replacing existing
- headers.
+ similar headers.
Use "standard" phrasing (if you choose this option).
Template: clamav-milter/LogFile
Type: string
Default: none
-_Description: Log to file:
- LogFile must be writable for the user running daemon. A full path is required.
+_Description: Log file for clamav-milter:
+ The clamav-milter log file must be writable for the user running daemon.
+ You should specify a full path.
.
- Logging via syslog is configured independently of this entry.
+ Logging via syslog is configured independently of this setting.
Be more explicit as "LogFile" is the name of the setting.
Template: clamav-milter/LogFileUnlock
Type: boolean
@@ -179,8 +216,9 @@
Template: clamav-milter/LogFileMaxSize
Type: string
Default: 1M
-_Description: Maximum size of the log file (unit Mb):
- Set to a value of '0' to disable the timeout.
+_Description: Maximum size of the log file (MB):
+ Please specify the maximu size for the log file. Using "0" will
+ allow that file to grow indefinitely.
Mb-->MB. I don't think the size is in Megabits...:)
I made a wild guess that 0 is indeed really for not limiting the file
size. Is it?
Template: clamav-milter/LogTime
Type: boolean
@@ -190,13 +228,16 @@
Template: clamav-milter/LogSyslog
Type: boolean
Default: false
-_Description: Use system logger (can work together with LogFile)?
+_Description: Use system logger?
+ Please choose whether you want to use the system logger (syslog). That
+ option can be used along with logging in a dedicated file.
Should "syslog" be used as an explanation for "system logger". We know
that syslog could indeed be "rsyslog"...but I think the term is really
common jargon so it can be used here, imho.
Template: clamav-milter/LogFacility
Type: string
Default: LOG_LOCAL6
-_Description: Specify the type of syslog messages:
- Please refer to 'man syslog' for facility names.
+_Description: Type of syslog messages:
+ Please choose the type of syslog messages as detailed in the system
+ logger manpage.
When using rsyslog, "man syslog" doesn't work..:-)
Template: clamav-milter/LogVerbose
Type: boolean
@@ -205,15 +246,21 @@
Template: clamav-milter/LogInfected
Type: select
-Choices: Off, Basic, Full
+__Choices: Off, Basic, Full
Default: Off
-_Description: What should be logged when a message is infected:
- Possible values are Off (the default - nothing is logged), Basic (minimal info
- logged), Full (verbose info logged)
+_Description: Information to log on infected messages:
+ Please choose the level of information that will be logged when infected
+ messages are found:
+ - Off : no logging;
+ - Basic: minimal information;
+ - Full : verbose information.
Option values can be translated.
Use an itemized list.
info->information
Template: clamav-milter/MaxFileSize
Type: string
Default: 25M
-_Description: Messages larger than this value won't be scanned (unit Mb):
- Make sure this value is lower than StreamMaxLength in clamd.conf
-
+_Description: Size limit for scanend messages (MB):
+ Please specify the maximum size for scanned messages. Messages bigger than
+ this limit will not be scanned.
+ .
+ You should check that this value is lower than the value of "StreamMaxLength"
+ in the clamd.conf file.
Turn the synopsis into a better "prompt".
Introduce things with a "Please specify"...
--
-------------- next part --------------
Template: clamav-milter/debconf
Type: boolean
Default: true
_Description: Handle the configuration file automatically?
Some options must be configured for clamav-milter.
.
It won't work if it isn't configured. If you do not
configure it automatically, you'll have to configure
/etc/clamav/clamav-milter.conf manually or run "dpkg-reconfigure clamav-milter"
later. In any case, manual changes in /etc/clamav/clamav-milter.conf will
be respected.
Template: clamav-milter/MilterSocket
Type: string
Default: /var/run/clamav/milter.ctl
_Description: Communication interface with sendmail:
Please choose the method that should be used by clamav-milter to
communicate with sendmail. The following formats can be used:
- Unix domain socket: [[unix|local]:]/path/to/file
- IPv4 socket : inet:port@[hostname|ip-address]
- IPv6 socket : inet6:port@[hostname|ip-address]
Template: clamav-milter/FixStaleSocket
Type: boolean
Default: true
_Description: Remove stale socket after unclean shutdown?
Template: clamav-milter/User
Type: string
Default: clamav
_Description: User to run clamav-milter as:
It is recommended to run the ClamAV programs as a non-privileged user.
This will work with most MTAs with a little tweaking. However, using
clamd for filesystem scans while require running clamav-milter as root.
.
Please see README.Debian in the clamav-base package for details.
Template: clamav-milter/AddGroups
Type: string
_Description: Groups for clamav-milter (space-separated):
By default, clamav-milter runs as a non-privileged user. If you need
clamav-milter to be able to access files owned by another user (for
instance when it is used in combination with an MTA), this user
need to be added to the relevant group(s).
.
Please see README.Debian in the clamav-base package for
details.
Template: clamav-milter/ReadTimeout
Type: string
Default: 120
_Description: Wait timeout for data coming from clamd:
Please enter the delay (in seconds) before clamav-milter times out when it is
waiting for incoming data from clamd.
.
Choosing "0" will disable this timeout.
Template: clamav-milter/Foreground
Type: boolean
Default: false
_Description: Should clamav-milter stay in foreground (don't fork)?
Template: clamav-milter/Chroot
Type: string
_Description: Chroot to directory:
Clamav-milter can run in a chroot jail. It will enter it after reading
the configuration file and before dropping root privileges.
.
If that field is left empty, no chrooting will occur.
Template: clamav-milter/PidFile
Type: string
Default: /var/run/clamav/clamav-milter.pid
_Description: PID file:
Please specify the process identifier file location for clamav-milter's
listening daemon (main thread).
Template: clamav-milter/TemporaryDirectory
Type: string
Default: /tmp
_Description: Global temporary directory path:
Please specify the directory for clamav-milter's temporary files.
If unset, $TMPDIR and $TEMP will be honored.
Template: clamav-milter/ClamdSocket
Type: string
Default: unix:/var/run/clamav/clamd.ctl
_Description: Clamd socket to connect to for scanning:
Please specify the socket to use to connect to the ClamAV daemon for
scanning purposes. Possible choices are:
unix:path : local unix socket using a absolute path.
Example: unix:/var/run/clamd/clamd.socket
tcp:host:port : local or remote TCP socket. The "host" value can be
either a hostname or an IP address. The "port"
is only required for IPv6 addresses (default: 3310).
Example: tcp:192.168.0.1
.
You may specify multiple choices, separated by spaces. In such cases, the
clamd servers will be selected in a round-robin fashion.
Template: clamav-milter/LocalNet
Type: string
_Description: Hosts excluded from scanning:
Please specify, in CIDR notation (host(name)/mask), the hosts for
which no scanning should be performed on incoming mail. Multiple entries
should be separated by spaces. The "local" shortcut can be used to
specify locally-originated (non SMTP) email.
.
If this field is left empty, all incoming mail will be scanned.
Template: clamav-milter/Whitelist
Type: string
_Description: Mail addresses whitelist:
Please specify the path to a file which contains a list of POSIX regular
expressions to specify mail addresses for which no scanning should be
performed.
.
Eeach line in this file may start with "From:" or "To:" to
restrict whitelisting to either the sender (From:) or recipient (To:)
addresses. Without such prefix, whitelisting is restricted to
recipients (To:).
.
That file may include comments, prefixed by "#", ":" or "!" characters.
Template: clamav-milter/OnClean
Type: select
__Choices: Accept, Reject, Defer, Blackhole, Quarantine
Default: Accept
_Description: Action to perform on clean messages:
Please choose the action to perform on "clean" messages:
.
- Accept : the message is accepted for delivery;
- Reject : immediately refuse delivery (with a 5xx error);
- Defer : return a temporary failure message (4xx);
- Blackhole : accept the message then drop it;
(not available for OnFail)
- Quarantine: accept the message then quarantine it. With
sendmail, the quarantine queue can be examined
with "mailq -qQ". With Postfix, such mails are placed
on hold.
(not available for OnFail)
.
This setting is meant for testing purposes only.
Template: clamav-milter/OnInfected
Type: select
__Choices: Accept, Reject, Defer, Blackhole, Quarantine
Default: Quarantine
_Description: Action to perform on infected messages:
Please choose the action to perform on "infected" messages:
.
- Accept : the message is accepted for delivery;
- Reject : immediately refuse delivery (with a 5xx error);
- Defer : return a temporary failure message (4xx);
- Blackhole : accept the message then drop it;
(not available for OnFail)
- Quarantine: accept the message then quarantine it. With
sendmail, the quarantine queue can be examined
with "mailq -qQ". With Postfix, such mails are placed
on hold.
(not available for OnFail)
Template: clamav-milter/OnFail
Type: select
__Choices: Accept, Reject, Defer, Blackhole, Quarantine
Default: Defer
_Description: Action to perform on error conditions:
Please choose the action to perform on errors such as failure to
allocate data structures, no scanners available,
network timeouts, unknown scanner replies...:
.
- Accept : the message is accepted for delivery;
- Reject : immediately refuse delivery (with a 5xx error);
- Defer : return a temporary failure message (4xx);
- Blackhole : accept the message then drop it;
(not available for OnFail)
- Quarantine: accept the message then quarantine it. With
sendmail, the quarantine queue can be examined
with "mailq -qQ". With Postfix, such mails are placed
on hold.
(not available for OnFail)
Template: clamav-milter/RejectMsg
Type: string
_Description: Specific rejection reason for infected messages:
Please specify the rejection reason that will be included in reject mails.
.
This option is only useful together with "OnInfected Reject".
.
The "%v" string may be used to include the virus name.
Template: clamav-milter/AddHeader
Type: boolean
Default: false
_Description: Add headers to processed messages?
If you choose this option, "X-Virus-Scanned" and "X-Virus-Status" headers
will be attached to each processed message, possibly replacing existing
similar headers.
Template: clamav-milter/LogFile
Type: string
Default: none
_Description: Log file for clamav-milter:
The clamav-milter log file must be writable for the user running daemon.
You should specify a full path.
.
Logging via syslog is configured independently of this setting.
Template: clamav-milter/LogFileUnlock
Type: boolean
Default: false
_Description: Disable log file locking?
By default the log file is locked for writing. The lock protects against
running clamav-milter multiple times. This option disables log file locking.
Template: clamav-milter/LogFileMaxSize
Type: string
Default: 1M
_Description: Maximum size of the log file (MB):
Please specify the maximu size for the log file. Using "0" will
allow that file to grow indefinitely.
Template: clamav-milter/LogTime
Type: boolean
Default: false
_Description: Log time with each message?
Template: clamav-milter/LogSyslog
Type: boolean
Default: false
_Description: Use system logger?
Please choose whether you want to use the system logger (syslog). That
option can be used along with logging in a dedicated file.
Template: clamav-milter/LogFacility
Type: string
Default: LOG_LOCAL6
_Description: Type of syslog messages:
Please choose the type of syslog messages as detailed in the system
logger manpage.
Template: clamav-milter/LogVerbose
Type: boolean
Default: false
_Description: Enable verbose logging?
Template: clamav-milter/LogInfected
Type: select
__Choices: Off, Basic, Full
Default: Off
_Description: Information to log on infected messages:
Please choose the level of information that will be logged when infected
messages are found:
- Off : no logging;
- Basic: minimal information;
- Full : verbose information.
Template: clamav-milter/MaxFileSize
Type: string
Default: 25M
_Description: Size limit for scanend messages (MB):
Please specify the maximum size for scanned messages. Messages bigger than
this limit will not be scanned.
.
You should check that this value is lower than the value of "StreamMaxLength"
in the clamd.conf file.
-------------- next part --------------
--- clamav.old/debian/clamav-milter.templates 2009-03-26 19:12:49.816449140 +0100
+++ clamav/debian/clamav-milter.templates 2009-03-26 19:37:02.560281704 +0100
@@ -4,23 +4,21 @@
_Description: Handle the configuration file automatically?
Some options must be configured for clamav-milter.
.
- The ClamAV suite won't work if it isn't configured. If you do not
+ It won't work if it isn't configured. If you do not
configure it automatically, you'll have to configure
- /etc/clamav/clamav-milter.conf manually or run 'dpkg-reconfigure clamav-milter'
+ /etc/clamav/clamav-milter.conf manually or run "dpkg-reconfigure clamav-milter"
later. In any case, manual changes in /etc/clamav/clamav-milter.conf will
be respected.
Template: clamav-milter/MilterSocket
Type: string
Default: /var/run/clamav/milter.ctl
-_Description: Define the interface through to communicate with sendmail:
- Possible formats are:
- .
- Unix domain socket: [[unix|local]:]/path/to/file
- .
- IPv4 socket: inet:port@[hostname|ip-address]
- .
- IPv6 socket: inet6:port@[hostname|ip-address]
+_Description: Communication interface with sendmail:
+ Please choose the method that should be used by clamav-milter to
+ communicate with sendmail. The following formats can be used:
+ - Unix domain socket: [[unix|local]:]/path/to/file
+ - IPv4 socket : inet:port@[hostname|ip-address]
+ - IPv6 socket : inet6:port@[hostname|ip-address]
Template: clamav-milter/FixStaleSocket
Type: boolean
@@ -32,142 +30,181 @@
Default: clamav
_Description: User to run clamav-milter as:
It is recommended to run the ClamAV programs as a non-privileged user.
- This will work with most MTAs with a little tweaking, but if you want to
- use clamd for filesystem scans, running as root is probably unavoidable.
+ This will work with most MTAs with a little tweaking. However, using
+ clamd for filesystem scans while require running clamav-milter as root.
+ .
Please see README.Debian in the clamav-base package for details.
Template: clamav-milter/AddGroups
Type: string
_Description: Groups for clamav-milter (space-separated):
By default, clamav-milter runs as a non-privileged user. If you need
- clamav-milter to be able to access files owned by another user (e.g., in
- combination with an MTA), then you will need to add clamav to the group for
- that piece of software. Please see README.Debian in the clamav-base package for
+ clamav-milter to be able to access files owned by another user (for
+ instance when it is used in combination with an MTA), this user
+ need to be added to the relevant group(s).
+ .
+ Please see README.Debian in the clamav-base package for
details.
Template: clamav-milter/ReadTimeout
Type: string
Default: 120
-_Description: Waiting for data from clamd will timeout after this time (seconds):
- Set to a value of '0' to disable the timeout.
+_Description: Wait timeout for data coming from clamd:
+ Please enter the delay (in seconds) before clamav-milter times out when it is
+ waiting for incoming data from clamd.
+ .
+ Choosing "0" will disable this timeout.
Template: clamav-milter/Foreground
Type: boolean
Default: false
-_Description: Stay in foreground (don't fork)?
+_Description: Should clamav-milter stay in foreground (don't fork)?
Template: clamav-milter/Chroot
Type: string
_Description: Chroot to directory:
- Chrooting is performed just after reading the config file and before dropping
- privileges. An empty value means don't chroot.
+ Clamav-milter can run in a chroot jail. It will enter it after reading
+ the configuration file and before dropping root privileges.
+ .
+ If that field is left empty, no chrooting will occur.
Template: clamav-milter/PidFile
Type: string
Default: /var/run/clamav/clamav-milter.pid
_Description: PID file:
- This option allows you to save a process identifier of the listening daemon
- (main thread).
+ Please specify the process identifier file location for clamav-milter's
+ listening daemon (main thread).
Template: clamav-milter/TemporaryDirectory
Type: string
Default: /tmp
-_Description: Optional path to the global temporary directory:
- If unset, $TMPDIR and $TEMP will be honored.
+_Description: Global temporary directory path:
+ Please specify the directory for clamav-milter's temporary files.
+ If unset, $TMPDIR and $TEMP will be honored.
Template: clamav-milter/ClamdSocket
Type: string
Default: unix:/var/run/clamav/clamd.ctl
-_Description: Define the clamd socket to connect to for scanning:
- To refer to a local unix socket using a absolute path, use unix:path (e.g.,
- unix:/var/run/clamd/clamd.socket). A local or remote TCP socket is specified
- using the tcp:host:port syntax. The host can be a hostname or an ip address;
- the ":port" field is only required for IPv6 addresses, otherwise it defaults to
- 3310 (e.g., tcp:192.168.0.1).
- .
- This option can be repeated several times (separated by whitespace) with
- different sockets or even with the same socket: clamd servers will be selected
- in a round-robin fashion.
+_Description: Clamd socket to connect to for scanning:
+ Please specify the socket to use to connect to the ClamAV daemon for
+ scanning purposes. Possible choices are:
+ unix:path : local unix socket using a absolute path.
+ Example: unix:/var/run/clamd/clamd.socket
+ tcp:host:port : local or remote TCP socket. The "host" value can be
+ either a hostname or an IP address. The "port"
+ is only required for IPv6 addresses (default: 3310).
+ Example: tcp:192.168.0.1
+ .
+ You may specify multiple choices, separated by spaces. In such cases, the
+ clamd servers will be selected in a round-robin fashion.
Template: clamav-milter/LocalNet
Type: string
-_Description: Exclusions - IP ranges:
- Messages originating from these hosts/networks will not be scanned. This
- option takes a host(name)/mask pair in CIRD notation and can be repeated
- several times (separated by whitespace). If "/mask" is omitted, a host is
- assumed. To specify a locally originated, non-smtp, email use the keyword
- "local".
+_Description: Hosts excluded from scanning:
+ Please specify, in CIDR notation (host(name)/mask), the hosts for
+ which no scanning should be performed on incoming mail. Multiple entries
+ should be separated by spaces. The "local" shortcut can be used to
+ specify locally-originated (non SMTP) email.
.
- If unset, everything regardless of the origin is scanned.
+ If this field is left empty, all incoming mail will be scanned.
Template: clamav-milter/Whitelist
Type: string
-_Description: Exclusions - Regular expressions:
- This option specifies a file which contains a list of POSIX regular
- expressions. Addresses (sent to or from) matching these regexes will not be
- scanned. Optionally each line can start with the string "From:" or "To:"
- (note: no whitespace after the colon) indicating if it is, respectively, the
- sender or recipient that is to be whitelisted. If the field is missing, "To:"
- is assumed.
+_Description: Mail addresses whitelist:
+ Please specify the path to a file which contains a list of POSIX regular
+ expressions to specify mail addresses for which no scanning should be
+ performed.
+ .
+ Eeach line in this file may start with "From:" or "To:" to
+ restrict whitelisting to either the sender (From:) or recipient (To:)
+ addresses. Without such prefix, whitelisting is restricted to
+ recipients (To:).
.
- Lines in this file starting with #, : or ! are ignored.
+ That file may include comments, prefixed by "#", ":" or "!" characters.
Template: clamav-milter/OnClean
Type: select
-Choices: Accept, Reject, Defer, Blackhole, Quarantine
+__Choices: Accept, Reject, Defer, Blackhole, Quarantine
Default: Accept
-_Description: Action to be performed on clean messages (mostly useful for testing):
- The following actions are available:
+_Description: Action to perform on clean messages:
+ Please choose the action to perform on "clean" messages:
.
- - Accept: The message is accepted for delievery
+ - Accept : the message is accepted for delivery;
+ - Reject : immediately refuse delievery (with a 5xx error);
+ - Defer : return a temporary failure message (4xx);
+ - Blackhole : accept the message then drop it;
+ (not available for OnFail)
+ - Quarantine: accept the message then quarantine it. With
+ sendmail, the quarantine queue can be examined
+ with "mailq -qQ". With Postfix, such mails are placed
+ on hold.
+ (not available for OnFail)
.
- - Reject: Immediately refuse delievery (a 5xx error is returned to the peer)
- .
- - Defer: Return a temporary failure message (4xx) to the peer
- .
- - Blackhole (not available for OnFail): Like accept but the message is sent to
- oblivion
- .
- - Quarantine (not available for OnFail): Like accept but message is quarantined
- instead of being delivered In sendmail the quarantine queue can be examined
- via mailq -qQ For Postfix this causes the message to be accepted but placed
- on hold
+ This setting is meant for testing purposes only.
Template: clamav-milter/OnInfected
Type: select
-Choices: Accept, Reject, Defer, Blackhole, Quarantine
+__Choices: Accept, Reject, Defer, Blackhole, Quarantine
Default: Quarantine
-_Description: Action to be performed on infected messages:
+_Description: Action to perform on infected messages:
+ Please choose the action to perform on "infected" messages:
+ .
+ - Accept : the message is accepted for delivery;
+ - Reject : immediately refuse delievery (with a 5xx error);
+ - Defer : return a temporary failure message (4xx);
+ - Blackhole : accept the message then drop it;
+ (not available for OnFail)
+ - Quarantine: accept the message then quarantine it. With
+ sendmail, the quarantine queue can be examined
+ with "mailq -qQ". With Postfix, such mails are placed
+ on hold.
+ (not available for OnFail)
Template: clamav-milter/OnFail
Type: select
-Choices: Accept, Reject, Defer, Blackhole, Quarantine
+__Choices: Accept, Reject, Defer, Blackhole, Quarantine
Default: Defer
-_Description: Action to be performed on error conditions:
- This includes failure to allocate data structures, no scanners available,
- network timeouts, unknown scanner replies and the like)
+_Description: Action to perform on error conditions:
+ Please choose the action to perform on errors such as failure to
+ allocate data structures, no scanners available,
+ network timeouts, unknown scanner replies...:
+ .
+ - Accept : the message is accepted for delivery;
+ - Reject : immediately refuse delievery (with a 5xx error);
+ - Defer : return a temporary failure message (4xx);
+ - Blackhole : accept the message then drop it;
+ (not available for OnFail)
+ - Quarantine: accept the message then quarantine it. With
+ sendmail, the quarantine queue can be examined
+ with "mailq -qQ". With Postfix, such mails are placed
+ on hold.
+ (not available for OnFail)
Template: clamav-milter/RejectMsg
Type: string
_Description: Specific rejection reason for infected messages:
- It is only useful together with "OnInfected Reject". The string "%v", if
- present, will be replaced with the virus name.
+ Please specify the rejection reason that will be included in reject mails.
+ .
+ This option is only useful together with "OnInfected Reject".
+ .
+ The "%v" string may be used to include the virus name.
Template: clamav-milter/AddHeader
Type: boolean
Default: false
_Description: Add headers to processed messages?
- If adding headers is enabled, "X-Virus-Scanned" and "X-Virus-Status" headers
+ If you choose this option, "X-Virus-Scanned" and "X-Virus-Status" headers
will be attached to each processed message, possibly replacing existing
- headers.
+ similar headers.
Template: clamav-milter/LogFile
Type: string
Default: none
-_Description: Log to file:
- LogFile must be writable for the user running daemon. A full path is required.
+_Description: Log file for clamav-milter:
+ The clamav-milter log file must be writable for the user running daemon.
+ You should specify a full path.
.
- Logging via syslog is configured independently of this entry.
+ Logging via syslog is configured independently of this setting.
Template: clamav-milter/LogFileUnlock
Type: boolean
@@ -179,8 +216,9 @@
Template: clamav-milter/LogFileMaxSize
Type: string
Default: 1M
-_Description: Maximum size of the log file (unit Mb):
- Set to a value of '0' to disable the timeout.
+_Description: Maximum size of the log file (MB):
+ Please specify the maximu size for the log file. Using "0" will
+ allow that file to grow indefinitely.
Template: clamav-milter/LogTime
Type: boolean
@@ -190,13 +228,16 @@
Template: clamav-milter/LogSyslog
Type: boolean
Default: false
-_Description: Use system logger (can work together with LogFile)?
+_Description: Use system logger?
+ Please choose whether you want to use the system logger (syslog). That
+ option can be used along with logging in a dedicated file.
Template: clamav-milter/LogFacility
Type: string
Default: LOG_LOCAL6
-_Description: Specify the type of syslog messages:
- Please refer to 'man syslog' for facility names.
+_Description: Type of syslog messages:
+ Please choose the type of syslog messages as detailed in the system
+ logger manpage.
Template: clamav-milter/LogVerbose
Type: boolean
@@ -205,15 +246,21 @@
Template: clamav-milter/LogInfected
Type: select
-Choices: Off, Basic, Full
+__Choices: Off, Basic, Full
Default: Off
-_Description: What should be logged when a message is infected:
- Possible values are Off (the default - nothing is logged), Basic (minimal info
- logged), Full (verbose info logged)
+_Description: Information to log on infected messages:
+ Please choose the level of information that will be logged when infected
+ messages are found:
+ - Off : no logging;
+ - Basic: minimal information;
+ - Full : verbose information.
Template: clamav-milter/MaxFileSize
Type: string
Default: 25M
-_Description: Messages larger than this value won't be scanned (unit Mb):
- Make sure this value is lower than StreamMaxLength in clamd.conf
-
+_Description: Size limit for scanend messages (MB):
+ Please specify the maximum size for scanned messages. Messages bigger than
+ this limit will not be scanned.
+ .
+ You should check that this value is lower than the value of "StreamMaxLength"
+ in the clamd.conf file.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20090326/099510de/attachment-0001.pgp
More information about the Pkg-clamav-devel
mailing list