info["owner"] = 'root'
info["group"] = 'root'
info["perms"] = 0644

header()

@#########################
@## SQLgrey config file ##
@#########################
@
@# Notes: 
@# - Unless specified otherwise commented settings are SQLgrey's defaults
@# - SQLgrey uses a specific config file when called with -f <conf_file>
@
@## Configuration files
@# conf_dir = /etc/sqlgrey
@
@## Log level
@# Uncomment to change the log level (default is normal: 2)
@# nothing: O, errors only: 0, warnings: 1, normal: 2, verbose: 3, debug: 4
@loglevel = 2
@
@## log categories can be fine-tuned,
@# here are the log messages sorted by types and levels,
@# (anything over the loglevel is discarded):
@#
@# grey     : (0) internal errors,
@#	     (2) initial connections, early reconnections,
@#	         awl matches, successful reconnections, AWL additions,
@#	     (3) smart decision process debug,
@# whitelist: (2) whitelisted connections,
@#	     (3) actual whitelist hit,
@#	     (4) whitelists reloads,
@# optin:     (3) optin/optout global result
@#	     (4) optin/optout SQL query results
@# spam     : (2) attempts never retried,
@# mail     : (1) error sending mails,
@#	     (4) rate-limiter debug,
@# dbaccess : (0) DB errors,
@#            (1) DB upgrade,
@#	     (2) DB upgrade details,
@# martians : (2) invalid e-mail addresses,
@# perf     : (2) cleanup time,
@# system   : (0) error forking,
@#	     (3) forked children PIDs, children exits,
@# conf     : (0) errors in config files, missing required file,
@# 	     (1) warnings in config files,
@#	         missing optional configuration files,
@#	     (2) reloading configuration files,
@# other    : (4) Startup cleanup
@# you can set a level to O (capital o) to disable logs completely,
@# but be aware that then SQLgrey can come back to haunt you...
@
@# Provide a coma-separated "logtype:loglevel" string
@# For example if you set the loglevel to 3 (verbose) but want SQLgrey to be:
@# . quiet for whitelists
@# . normal for greylisting
@# uncomment the following line.
@# log_override = whitelist:1,grey:2
@# By default, log_override is empty
@
@## Log identification
@# by default this is the process name. If you define the following variable
@# SQLgrey will use whatever you set it to
@# log_ident =
@
@## username and groupname the daemon runs as
@user = sqlgrey
@group = nogroup
@
@## Socket
@# On which socket do SQLgrey wait for queries
@# use the following if you need to bind on a public IP address
@# inet = <public ip>:port
@# default :
@# inet = 2501    # bind to localhost:2501
@
@## PID
@# where to store the process PID
@# pidfile = /var/run/sqlgrey.pid
@
@## Config directory
@# where to look for other configuration files (whitelists)
@# confdir = /etc/sqlgrey
@
@## Greylisting delays
@# If you want to be really strict (RFC-wise) use these
@# This is *not* recommended, you'll have false positives
@# reconnect_delay = 15    # don't allow a reconnection before 15 minutes
@# max_connect_age = 2     # don't allow a reconnection after 2 hours
@
@# default: (based on real-life experience)
@reconnect_delay = 6
@max_connect_age = 24
@
@## Throttling too many new entries from new host
@# Setting this optional parameter will refuse an excessive number of
@# new entries in the connect table from the same host, in the following
@# manner:
@# - If there are already "connect_src_throttle" entries in the connect
@#   table from the same host (e-mails which have not been retried yet)
@# - And there is NO entry for this host in domain_awl
@# - And there are LESS than "connect_src_throttle" entries in the
@#   from_awl table for this host
@# THEN further incoming connections from this host will be (temporarily)
@# refused without new entries being created in the connect table (until
@# some already waiting entries have been successfully retried).
@# This feature may prevent the connect table from growing too big and
@# being polluted by spambots, viruses, zombie machines and the like.
@# If set to "0" (default), this feature won't be used.
@connect_src_throttle = 5
@
@
@## Auto whitelists settings
@# default is tailored for small sites
@# awl_age = 60
@# group_domain_level = 2 
@
@# For bigger sites you may want
@# a smaller awl_age and a bigger group_domain_level
@# AWL must be renewed at least once a month
@# 32 > 31 (max delay between monthly newsletters)
@awl_age = 33
@# wait for 10 validated adresses to add a whole
@# domain in AWL
@group_domain_level = 10
@
@## Database settings
@# instead of Pg below use "mysql" for MySQL, "SQLite" for SQLite
@# any DBD driver is allowed, but only the previous 3 have been tested
@db_type = Pg
@db_name = sqlgrey
@# Note: the following are not used with SQLite
@# On laisse pgsql meme pour ovh, sqlgrey sait detecter s'il perd le
@# lien avec la base.
if has("sqlgrey-localdb"):
    @db_host = localhost
else:
    @db_host = pgsql.adm.crans.org
@
@db_user = sqlgrey
@# db_pass = spaces_are_not_supported
@# db_cleandelay = 1800 # in seconds, how much time between database cleanups
@# clean_method = sync # sync : cleanup is done in the main process,
@		      #        delaying other operations
@                      # async: cleanup is done in a forked process,
@		      #        it won't delay mail processing
@                      #        BEWARE: lockups have been reported
@		      #        and are still investigated
@
@## X-Greylist header added?
@# This adds delay, whitelist and autowhitelist information in the headers
@prepend = 1
@
@## Greylisting method:
@# - full   : greylist by IP address
@# - classc : greylist by class C network. eg:
@#            2.3.4.6 connection accepted if 2.3.4.145 did connect earlier
@# - smart  : greylist by class C network unless there is no reverse lookup
@#            or it looks like a home-user address
@# Default is smart
@greymethod = smart
@
@## Optin/Optout (see README.OPTINOUT for details)
@# - none   : everyone is greylisted (default)
@# - optin  : one must optin to have its (incoming) messages being greylisted
@# - optout : one must optout to not have its messages being greylisted
@optmethod = optout
@
@## SQLgrey return value.
@# SQLgrey can tell Postfix to:
@# - immediately reject a message with a temporary reject code
@# - only do so if following rules would allow the message to pass
@# The first choice will prevent Postfix from spending time evaluating
@# potentially expensive rules.
@# In some cases you may want following rules to be aware of the connection
@# this.
@#
@# We can specify a different rejection strategy for the first connection
@# attempt, and for early reconnections. 'immed' chooses immediate rejection
@# 'delay' choose delayed rejection
@#
@# By default we use delay on first attempt
@# reject_first_attempt = delay
@# Default for early reconnection is the value affected to reject_first_attempt
@# reject_early_reconnect = delay
@
@## Update server
@# where to get updates for whitelists
@# whitelists_host = sqlgrey.bouton.name
@
@## Postmaster address
@# who gets urgent notifications (DB is down for example)
@# default or empty: don't send mail notifications
@admin_mail = roots@crans.org