Haraka 3.1.0 → 3.1.2

package/docs/deprecated/dnsbl.md

@@ -1,11 +1,9 @@
-dnsbl
-=====
+# dnsbl
 
 This plugin looks up the connecting IP address in an IP blocklist. Mails
 found to be in the blocklist are rejected.
 
-Configuration
--------------
+## Configuration
 
 This plugins uses the following files:
 
@@ -13,39 +11,39 @@ dnsbl.zones - Contains a list of zones to query, one per line.
 
 dnsbl.ini - INI format with options described below:
 
-* zones
+- zones
 
-    A comma or semi-colon list of zones to query.  It will be merged with
-    any lists in dnsbl.zones.
+  A comma or semi-colon list of zones to query. It will be merged with
+  any lists in dnsbl.zones.
 
-* periodic\_checks
+- periodic_checks
 
-    If enabled, this will check all the zones every n minutes.
-    The minimum value that will be accepted here is 5.  Any value less
-    than 5 will cause the checks to be run at start-up only.
+  If enabled, this will check all the zones every n minutes.
+  The minimum value that will be accepted here is 5. Any value less
+  than 5 will cause the checks to be run at start-up only.
 
-    The checks confirm that the list is responding and that it is not
-    listing the world.  If any errors are detected, then the zone is
-    disabled and will be re-checked on the next test.  If a zone
-    subsequently starts working correctly then it will be re-enabled.
+  The checks confirm that the list is responding and that it is not
+  listing the world. If any errors are detected, then the zone is
+  disabled and will be re-checked on the next test. If a zone
+  subsequently starts working correctly then it will be re-enabled.
 
-* enable\_stats
+- enable_stats
 
-    To use this feature you must have installed the 'redis' module and
-    have a redis server running.
+  To use this feature you must have installed the 'redis' module and
+  have a redis server running.
 
-    When enabled, this will record several list statistics to redis.
+  When enabled, this will record several list statistics to redis.
 
-    It will track the total number of queries (TOTAL) and the average
-    response time (AVG\_RT) and the return type (e.g. LISTED or ERROR)
-    to a redis hash where the key is 'dns-list-stat:zone' and the hash
-    field is the response type.
+  It will track the total number of queries (TOTAL) and the average
+  response time (AVG_RT) and the return type (e.g. LISTED or ERROR)
+  to a redis hash where the key is 'dns-list-stat:zone' and the hash
+  field is the response type.
 
-    It will also track the positive response overlap between the lists
-    in another redis hash where the key is 'dns-list-overlap:zone' and
-    the hash field is the other list names.
+  It will also track the positive response overlap between the lists
+  in another redis hash where the key is 'dns-list-overlap:zone' and
+  the hash field is the other list names.
 
-    Example:
+  Example:
     <pre><code>redis 127.0.0.1:6379> hgetall dns-list-stat:zen.spamhaus.org
     1) "TOTAL"
     2) "23"
@@ -64,19 +62,19 @@ dnsbl.ini - INI format with options described below:
     6) "1"
     </code></pre>
 
-* stats\_redis\_host
+- stats_redis_host
 
-    In the form of `host:port` this option allows you to specify a different
-    host on which redis runs.
+  In the form of `host:port` this option allows you to specify a different
+  host on which redis runs.
 
-* reject (default: true)
+- reject (default: true)
 
-    Reject connections from IPs that are blacklisted. Setting this to false
-    makes dnsbl informational. reject=false is best used in conjunction with
-    plugins like [karma](/manual/plugins/karma.html) that employ a scoring
-    engine to make choices about message delivery.
+  Reject connections from IPs that are blacklisted. Setting this to false
+  makes dnsbl informational. reject=false is best used in conjunction with
+  plugins like [karma](/manual/plugins/karma.html) that employ a scoring
+  engine to make choices about message delivery.
 
-* search: (default: first)
+- search: (default: first)
 
-    first: consider first DNSBL response conclusive. End processing.
-    all:   process all DNSBL results
+  first: consider first DNSBL response conclusive. End processing.
+  all: process all DNSBL results

package/docs/deprecated/dnswl.md

@@ -1,16 +1,14 @@
-dnswl
-=====
+# dnswl
 
 This plugin looks up the connecting IP address in an IP whitelist.
 If the host is listed, then the plugin will return OK for all hooks
-up to hook\_data.
+up to hook_data.
 
-IMPORTANT!  The order of plugins in config/plugins is important when
-this plugin is used.  It should be listed *before* any plugins that
+IMPORTANT! The order of plugins in config/plugins is important when
+this plugin is used. It should be listed _before_ any plugins that
 you wish to skip, but after any plugins that accept recipients.
 
-Configuration
--------------
+## Configuration
 
 This plugins uses the following files:
 
@@ -18,39 +16,39 @@ dnswl.zones - Contains a list of zones to query, one per line.
 
 dnswl.ini - INI format with options described below:
 
-* zones       
-
-    A comma or semi-colon list of zones to query.  It will be merged with
-    any lists in dnswl.zones.
-
-* periodic\_checks  
-
-    If enabled, this will check all the zones every n minutes.
-    The minimum value that will be accepted here is 5.  Any value less
-    than 5 will cause the checks to be run at start-up only.
-      
-    The checks confirm that the list is responding and that it is not
-    listing the world.  If any errors are detected, then the zone is 
-    disabled and will be re-checked on the next test.  If a zone 
-    subsequently starts working correctly then it will be re-enabled.
-
-* enable\_stats
-
-    To use this feature you must have installed the 'redis' module and
-    have a redis server running.
-      
-    When enabled, this will record several list statistics to redis.
-      
-    It will track the total number of queries (TOTAL) and the average
-    response time (AVG\_RT) and the return type (e.g. LISTED or ERROR) 
-    to a redis hash where the key is 'dns-list-stat:zone' and the hash 
-    field is the response type.
-      
-    It will also track the positive response overlap between the lists
-    in another redis hash where the key is 'dns-list-overlap:zone' and
-    the hash field is the other list names.
-
-    Example:
+- zones
+
+  A comma or semi-colon list of zones to query. It will be merged with
+  any lists in dnswl.zones.
+
+- periodic_checks
+
+  If enabled, this will check all the zones every n minutes.
+  The minimum value that will be accepted here is 5. Any value less
+  than 5 will cause the checks to be run at start-up only.
+
+  The checks confirm that the list is responding and that it is not
+  listing the world. If any errors are detected, then the zone is
+  disabled and will be re-checked on the next test. If a zone
+  subsequently starts working correctly then it will be re-enabled.
+
+- enable_stats
+
+  To use this feature you must have installed the 'redis' module and
+  have a redis server running.
+
+  When enabled, this will record several list statistics to redis.
+
+  It will track the total number of queries (TOTAL) and the average
+  response time (AVG_RT) and the return type (e.g. LISTED or ERROR)
+  to a redis hash where the key is 'dns-list-stat:zone' and the hash
+  field is the response type.
+
+  It will also track the positive response overlap between the lists
+  in another redis hash where the key is 'dns-list-overlap:zone' and
+  the hash field is the other list names.
+
+  Example:
     <pre><code>redis 127.0.0.1:6379> hgetall dns-list-stat:zen.spamhaus.org
     1) "TOTAL"
     2) "23"
@@ -69,7 +67,7 @@ dnswl.ini - INI format with options described below:
     6) "1"
     </code></pre>
 
-* stats\_redis\_host
+- stats_redis_host
 
-    In the form of `host:port` this option allows you to specify a different
-    host on which redis runs.
+  In the form of `host:port` this option allows you to specify a different
+  host on which redis runs.

package/docs/deprecated/lookup_rdns.strict.md

@@ -1,80 +1,67 @@
-lookup\_rdns.strict
-===========
+# lookup_rdns.strict
 
 This plugin checks the reverse-DNS and compares the resulting addresses
-against forward DNS for a match.  If there is no match it sends a
-DENYDISCONNECT, otherwise if it matches it sends an OK.  DENYDISCONNECT
+against forward DNS for a match. If there is no match it sends a
+DENYDISCONNECT, otherwise if it matches it sends an OK. DENYDISCONNECT
 messages are configurable.
 
-Configuration lookup\_rdns.strict.ini
---------------------------------------------
+## Configuration lookup_rdns.strict.ini
 
-This is the general configuration file for the plugin.  In it you can find
+This is the general configuration file for the plugin. In it you can find
 ways to customize user messages, specify timeouts, and some whitelist
 parsing options.
 
-* lookup\_rdns.strict.general.nomatch
+- lookup_rdns.strict.general.nomatch
 
   Text to send the user if there is no reverse to forward match (text).
 
-
-* lookup\_rdns.strict.general.timeout
+- lookup_rdns.strict.general.timeout
 
   How long we should give this plugin before we time it out (seconds).
 
-
-* lookup\_rdns.strict.general.timeout\_msg
+- lookup_rdns.strict.general.timeout_msg
 
   Text to send when plugin reaches timeout (text).
 
-
-* lookup\_rdns.strict.forward.nxdomain
+- lookup_rdns.strict.forward.nxdomain
 
   Text to send the user if there is no forward match (text).
 
-
-* lookup\_rdns.strict.forward.dnserror
+- lookup_rdns.strict.forward.dnserror
 
   Text to send the user if there is some other error with the forward
   lookup (text).
 
-
-* lookup\_rdns.strict.reverse.nxdomain
+- lookup_rdns.strict.reverse.nxdomain
 
   Text to send the user if there is no reverse match (text).
 
-
-* lookup\_rdns.strict.reverse.dnserror
+- lookup_rdns.strict.reverse.dnserror
 
   Text to send the user if there is some other error with the reverse
   lookup (text).
 
-
-Configuration lookup\_rdns.strict.timeout
-------------------------------------------------
+## Configuration lookup_rdns.strict.timeout
 
 This is how we specify to Haraka that our plugin should have a certain timeout.
 If you specify 0 here, then the plugin will never timeout while the connection
-is active.  This is also required for this plugin, which needs to handle its
-own timeouts.  To actually specify the timeout for this plugin, please see
-the general config in lookup\_rdns.strict.ini.
+is active. This is also required for this plugin, which needs to handle its
+own timeouts. To actually specify the timeout for this plugin, please see
+the general config in lookup_rdns.strict.ini.
 
-Configuration lookup\_rdns.strict.whitelist
---------------------------------------------------
+## Configuration lookup_rdns.strict.whitelist
 
 No matter how much you believe in checking that DNS and rDNS match, it is not
 required by RFC, and there will always be some legitimate mail server that
-has great trouble getting their DNS in order.  For this reason we are
+has great trouble getting their DNS in order. For this reason we are
 providing a whitelist.
 
 This file will match exactly what you put on each line.
 
-
-Configuration lookup\_rdns.strict.whitelist\_regex
---------------------------------------------------------
+## Configuration lookup_rdns.strict.whitelist_regex
 
 Does the same thing as the whitelist file, but each line is a regex.
 Each line is also anchored for you, meaning '^' + regex + '$' is added for
-you.  If you need to get around this restriction, you may use a '.*' at
-either the start or the end of your regex.  This should help prevent people
+you. If you need to get around this restriction, you may use a '.\*' at
+either the start or the end of your regex. This should help prevent people
 from writing overly permissive rules on accident.

package/docs/deprecated/mail_from.access.md

@@ -3,58 +3,50 @@
 See [haraka-plugin-access](https://github.com/haraka/haraka-plugin-access)
 for upgrade instructions.
 
-
-mail\_from.access
-===================
+# mail_from.access
 
 This plugin will evaluate the address against a set of white and black lists.
 The lists are applied in the following way:
 
-mail\_from.access.whitelist          (pass)
-mail\_from.access.whitelist\_regex   (pass)
-mail\_from.access.blacklist          (block)
-mail\_from.access.blacklist\_regex   (block)
+mail_from.access.whitelist (pass)
+mail_from.access.whitelist_regex (pass)
+mail_from.access.blacklist (block)
+mail_from.access.blacklist_regex (block)
 
-Configuration mail\_from.access.ini
--------------------------------------
+## Configuration mail_from.access.ini
 
 General configuration file for this plugin.
 
-* mail\_from.access.general.deny\_msg
+- mail_from.access.general.deny_msg
 
   Text to send the user on reject (text).
 
-
-Configuration mail\_from.access.whitelist
--------------------------------------------
+## Configuration mail_from.access.whitelist
 
 The whitelist is mostly to counter blacklist entries that match more than
-what one would want.  This file should be used for a specific address,
+what one would want. This file should be used for a specific address,
 one per line, that should bypass blacklist checks.
 NOTE: We heavily suggest tailoring blacklist entries to be as accurate as
-possible and never using whitelists.  Nevertheless, if you need whitelists,
+possible and never using whitelists. Nevertheless, if you need whitelists,
 here they are.
 
-Configuration mail\_from.access.whitelist\_regex
--------------------------------------------------
+## Configuration mail_from.access.whitelist_regex
 
 Does the same thing as the whitelist file, but each line is a regex.
 Each line is also anchored for you, meaning '^' + regex + '$' is added for
-you.  If you need to get around this restriction, you may use a '.*' at
-either the start or the end of your regex.  This should help prevent people
+you. If you need to get around this restriction, you may use a '.\*' at
+either the start or the end of your regex. This should help prevent people
 from writing overly permissive rules on accident.
 
-Configuration mail\_from.access.blacklist
--------------------------------------------
+## Configuration mail_from.access.blacklist
 
 This file should be used for a specific address, one per line, that should
 fail on connect.
 
-Configuration mail\_from.access.blacklist\_regex
--------------------------------------------------
+## Configuration mail_from.access.blacklist_regex
 
 Does the same thing as the blacklist file, but each line is a regex.
 Each line is also anchored for you, meaning '^' + regex + '$' is added for
-you.  If you need to get around this restriction, you may use a '.*' at
-either the start or the end of your regex.  This should help prevent people
+you. If you need to get around this restriction, you may use a '.\*' at
+either the start or the end of your regex. This should help prevent people
 from writing overly permissive rules on accident.

package/docs/deprecated/mail_from.blocklist.md

@@ -1,21 +1,18 @@
-mail\_from.blocklist
-===================
+# mail_from.blocklist
 
-DEPRECATED
-------------
-This plugin is deprecated. Use instead the mail\_from.access plugin, which
-does everything this one does and much more. (whitelists, blacklists, regex)
+## DEPRECATED
 
+This plugin is deprecated. Use instead the mail_from.access plugin, which
+does everything this one does and much more. (whitelists, blacklists, regex)
 
-This plugin blocks MAIL\_FROM addresses in a list.
+This plugin blocks MAIL_FROM addresses in a list.
 
 NOTE: If all you need is to deny mail based on the exact address, this plugin
 will work just fine. If you want to customize the deny message, add blocks
-based on a regex, or add whitelists, please use the mail\_from.access plugin.
+based on a regex, or add whitelists, please use the mail_from.access plugin.
+
+## Configuration
 
-Configuration
--------------
+- mail_from.blocklist
 
-* mail\_from.blocklist
-  
   Contains a list of email addresses to block.

package/docs/deprecated/mail_from.nobounces.md

@@ -1,5 +1,4 @@
-mail\_from.nobounces
-===================
+# mail_from.nobounces
 
 This mail blocks all bounce messages using the simple rule of checking
 for `MAIL FROM:<>`.

package/docs/deprecated/rcpt_to.access.md

@@ -3,58 +3,51 @@
 See [haraka-plugin-access](https://github.com/haraka/haraka-plugin-access)
 for upgrade instructions.
 
+# rcpt_to.access
 
-rcpt\_to.access
-===================
+This plugin blocks RCPT_TO addresses in a list or regex.
+This plugin will evaluate the RCPT_TO address against a set of white and black
+lists. The lists are applied in the following way:
 
-This plugin blocks RCPT\_TO addresses in a list or regex.
-This plugin will evaluate the RCPT\_TO address against a set of white and black
-lists.  The lists are applied in the following way:
+rcpt_to.access.whitelist (pass)
+rcpt_to.access.whitelist_regex (pass)
+rcpt_to.access.blacklist (block)
+rcpt_to.access.blacklist_regex (block)
 
-rcpt\_to.access.whitelist          (pass)
-rcpt\_to.access.whitelist\_regex   (pass)
-rcpt\_to.access.blacklist          (block)
-rcpt\_to.access.blacklist\_regex   (block)
-
-Configuration rcpt\_to.access.ini
--------------------------------------
+## Configuration rcpt_to.access.ini
 
 General configuration file for this plugin.
 
-* rcpt\_to.access.general.deny\_msg
+- rcpt_to.access.general.deny_msg
 
   Text to send the user on reject (text).
 
-Configuration rcpt\_to.access.whitelist
--------------------------------------------
+## Configuration rcpt_to.access.whitelist
 
 The whitelist is mostly to counter blacklist entries that match more than
-what one would want.  This file should be used for a specific address
+what one would want. This file should be used for a specific address
 one per line, that should bypass blacklist checks.
 NOTE: We heavily suggest tailoring blacklist entries to be as accurate as
-possible and never using whitelists.  Nevertheless, if you need whitelists,
+possible and never using whitelists. Nevertheless, if you need whitelists,
 here they are.
 
-Configuration rcpt\_to.access.whitelist\_regex
--------------------------------------------------
+## Configuration rcpt_to.access.whitelist_regex
 
 Does the same thing as the whitelist file, but each line is a regex.
 Each line is also anchored for you, meaning '^' + regex + '$' is added for
-you.  If you need to get around this restriction, you may use a '.*' at
-either the start or the end of your regex.  This should help prevent people
+you. If you need to get around this restriction, you may use a '.\*' at
+either the start or the end of your regex. This should help prevent people
 from writing overly permissive rules on accident.
 
-Configuration rcpt\_to.access.blacklist
--------------------------------------------
+## Configuration rcpt_to.access.blacklist
 
 This file should be used for a specific address, one per line, that should
 fail on connect.
 
-Configuration rcpt\_to.access.blacklist\_regex
--------------------------------------------------
+## Configuration rcpt_to.access.blacklist_regex
 
 Does the same thing as the blacklist file, but each line is a regex.
 Each line is also anchored for you, meaning '^' + regex + '$' is added for
-you.  If you need to get around this restriction, you may use a '.*' at
-either the start or the end of your regex.  This should help prevent people
+you. If you need to get around this restriction, you may use a '.\*' at
+either the start or the end of your regex. This should help prevent people
 from writing overly permissive rules on accident.

package/docs/deprecated/rcpt_to.blocklist.md

@@ -1,21 +1,18 @@
-rcpt\_to.blocklist
-===================
+# rcpt_to.blocklist
 
-DEPRECATED
-------------
-This plugin is deprecated. Use instead the rcpt\_to.access plugin, which
-does everything this one does and much more. (whitelists, blacklists, regex)
+## DEPRECATED
 
+This plugin is deprecated. Use instead the rcpt_to.access plugin, which
+does everything this one does and much more. (whitelists, blacklists, regex)
 
-This plugin blocks RCPT\_TO addresses in a list.
+This plugin blocks RCPT_TO addresses in a list.
 
 NOTE: If all you need is to deny mail based on the exact address, this plugin
-will work just fine.  If you want to customize the deny message, add blocks
-based on a regex, or add whitelists, please use the rcpt\_to.access plugin.
+will work just fine. If you want to customize the deny message, add blocks
+based on a regex, or add whitelists, please use the rcpt_to.access plugin.
+
+## Configuration
 
-Configuration
--------------
+- rcpt_to.blocklist
 
-* rcpt\_to.blocklist
-  
   Contains a list of email addresses to block.

package/docs/deprecated/rcpt_to.routes.md

@@ -1,4 +1,3 @@
 # rcpt_to.routes
 
 Moved to [https://github.com/haraka/haraka-plugin-recipient-routes](https://github.com/haraka/haraka-plugin-recipient-routes)
-

package/docs/deprecated/rdns.regexp.md

@@ -1,32 +1,30 @@
-rdns.regexp
-===========
+# rdns.regexp
 
 WARNING: The services offered by this plugin, and much more, are now provided
-more efficiently with the connect.rdns\_access plugin.  Please transition over
-to using the new connect.rdns\_access plugin, as this plugin is now deprecated
+more efficiently with the connect.rdns_access plugin. Please transition over
+to using the new connect.rdns_access plugin, as this plugin is now deprecated
 and may be removed in a future version of Haraka.
 
 This plugin checks the reverse-DNS against a list of regular expressions. Any
 matches will result in a rejection, unless there is an allow rule to
 balance off broad regexes.
 
-To give an example.  Assume we add a rule to deny all hosts with dynamic
-in the rDNS hostname (.*dynamic.*).  Now we find a mail server,
-generaldynamics.com that is clearly a false positive.  We could try
+To give an example. Assume we add a rule to deny all hosts with dynamic
+in the rDNS hostname (._dynamic._). Now we find a mail server,
+generaldynamics.com that is clearly a false positive. We could try
 to correct the original regex (clearly it is a poorly written regex), or
-we could add an allow rule for generaldynamics.com (.*generaldynamics\.com$).
+we could add an allow rule for generaldynamics.com (.\*generaldynamics\.com$).
 This means that even though the dynamic block rule matches, it will be
 superseded by the allow rule for generaldynamics.com.
 
-Configuration
--------------
+## Configuration
 
-* rdns.deny\_regexps
+- rdns.deny_regexps
 
-  The list of regular expressions to deny.  Over broad regexes in this list
-  can be corrected by using the allow list. 
+  The list of regular expressions to deny. Over broad regexes in this list
+  can be corrected by using the allow list.
 
-* rdns.allow\_regexps
+- rdns.allow_regexps
 
-  The list of regular expressions to allow.  This list is always processed
+  The list of regular expressions to allow. This list is always processed
   in favor of rules in the deny file.