/*
 * --------------------------------------------------------------
 *
 * The description of the file with the "blocked" masks
 *
 *  $Revision: 1.12 $
 *
 * --------------------------------------------------------------
 */

    1. Purpose

    The file with the "blocked" masks allows to specify the addresses not
subject to antivirus check. The first variant of the file  is already
out-of-date but is supported by all the filters. The new file  allows
to widen possibilities through specifying file  version (do not mix up
with product version).

    The lines starting with # character are considered commentaries and
therefore get skipped, blank lines are also admissible. If the first
meaningful line contains the alike record:

[version=NN]

it means that the records are kept in the NN-version  of the file. If
there is no such a line the file is reputed as written in the  of the
1st version. Version record can be specify only once and only in first 
non-empty line.

    When checking the letter, its addresses (that of the sender and
addressee) get compared to every line of the file (the way they are ordered
in the file). If the correspondence to the address in some line is found
the search stops. If the correspondence to the address is not found in any
line than the letter check is permitted for the given address in any cases.

    2. Version 2 

OPERATION    WHO    METHOD    MASK
...

    OPERATION - { allow | deny } (i.e. either allow or deny value).
allow means that the addresses corresponding with the record are permitted
for checking, deny will prohibit checking for a given address.
    WHO - { from | to | any }. from value means that the record is
considered only if the address is the sender's one, if to is specified it
will be the recipients's address, if WHO is any the line is considered in
both cases.
    METHOD - { exact | subst | regex | cregex } specifies the address-mask 
comparision method. exact value means that the address should be precisely equal 
to correspond with the MASK. subst value means that it is sufficient that the
MASK is a substring in the address for the address to correspond with it.
regex or cregex values means that the addrss should according to regular 
expression (RE) in MASK (POSIX regexp used). Methods exact, subst and cregex is 
case sensitive, method regex case insensitive.
ATTENTION: in substring comparison and search the register is considered.
    MASK - the line not containing blanks. To contain blanks it should be
quoted.

    3. Version 1  (out-of-date)

OPERATION    MASK

    The descriptions of the fields agree with the described above. Any 1st
version record may be written as the record of the 2nd version this way:
OPERATION    any     subst   MASK


    4. Description in pseudocode 
        
IF DenyMode EQUAL "byAll" THEN
{
   IF sender_is_uncheckable AND all_rcpts_are_uncheckable
   THEN pass_message_without_check
   ELSE check_message
}
ELSE IF DenyMode EQUAL "byOne" THEN
{
   IF sender_is_uncheckable OR one_of_rcpts_is_uncheckable
   THEN pass_message_without_check
   ELSE check_message
}
ELSE IF DenyMode EQUAL "bySender" THEN
{
   IF sender_is_uncheckable 
   THEN pass_message_without_check
   ELSE check_message
}
ELSE IF DenyMode EQUAL "bySenderAndOneRecipient" THEN
{
   IF sender_is_uncheckable AND one_of_rcpts_is_uncheckable
   THEN pass_message_without_check
   ELSE check_message
}
ELSE IF DenyMode EQUAL "byOneRecipient" THEN
{
   IF one_of_rcpts_is_uncheckable
   THEN pass_message_without_check
   ELSE check_message
}
ELSE IF DenyMode EQUAL "byAllRecipients" THEN
{
   IF all_rcpts_are_uncheckable
   THEN pass_message_without_check
   ELSE check_message
}

* DenyMode is option from section [Scanning] your drweb_{mta}.conf, 
  where {mta} one of: smf, cgp, postfix, exim, qmail, zmailer or courier.
* sender_is_uncheckable true, if sender address accords to one of "any"- or 
  "from"- record with "deny" action
* rcpt_is_uncheckable true, if recipient address accords to one of "any"- or 
  "to"- record with "deny" action


    5. Examples
    
1) Deny check incoming mail for all users exclude asv@ .. .ru:

deny    to      regex   ^asv@(.*)\.ru$

2) Deny check outgoing mail for all users of domain drweb.ru:

deny    from    regex   @(.*)\.drweb\.ru$

    
    6. FAQ

Q: What is "allow" needed for if all the addresses are permitted by default?
A: To create exceptions from general rules. For example:

allow   any   exact     someuser@any.domain.com
deny    any   subst     @any.domain.com

In the adduced example mail for someuser in any.domain.com domain will get
checked, all the other users will not check their mail.
