Notes on Syntax:
* Include Files: Any section that can take more than one value, arrays, can use a filename 
 as an option, like /var/directory/extraoptions.txt, and blackhole will include
 all lines in that file (that are not commented with an #) into the section it is
 under
* Default Config: Check the /etc/blackhole.conf file for examples of the default options
 in each section.
 
[level]: Type of RBL Hosts to use, or amount basically, but you can
     have a custom list and have the levels mean anything you want,
     currently the built in hosts are 12 in number.

[rbl_hosts]: Hosts to use for Blackhole lookups, their are defaults, but
     you can also purchase a subscription from www.mail-abuse.org which
     will allow you to use MAPS and have them as your hosts (Free for an
     Individual), I am not any way associated with them and am neutral
     in if you need them or not (the free ones work fine for me).
     If you need this, put the section [rbl_hosts] into the .blackhole
     config, otherwise the defaults are used.

[bounce]: Send a bounce message back to the sender, if not set messages
     will silently bounce.

[smtp_bounce]:
     takes bounces and manually performs them, sends the same bounce message set
     from [bounce_msg] and uses the [smtp_server] ip to send it, will
     only send the original headers, which can avoid any really
     odd mail loops, and looks much better for Sendmail bounces.

[nosignature]: Skip body checking on the messages signature, after the --.

[maxscore]: Score that matches must add up to, all are 1 by default and
     maxscore is 0 by default.  This means usually one match blocks
     the email, but when max score is 1 or higher and each check tuned
     above 1 (or left at one, but higher ones are precident) you can
     have the best scored matches actions happen, and can have options
     not be checked if they are set to passthru.  This could save
     resources if the max is set to 1 and different actions are needed
     in order of each checks score.

[bad_subject_action]
[bad_email_action]
[bad_relay_action]
[rbl_check_action]
[body_check_spam_action]
[body_check_porn_action]
[body_check_racist_action]
[white_list_action]
[my_email_action]
[check_dns_action]
[body_check_action]
[charsets_action]
[ascii_128_action]
[check_reverse_action]
[razor_action]
[bad_headers_action]
[bad_ctype_action]
[bad_encoding_action]
[bad_maxbytes_action]
[bad_rcptto_action]
 Individual Actions, for each check type.
 These can have settings for the following options...
   active, delete, bounce, bounce_msg, spam_fwd, one_box, passthru, score

 The options allow each check to have different outcomes instead of the global
 defaults, delete will not save it, bounce can activate bounces, bounce_msg
 can send a customized bounce message for the action, one_box will just
 subject tag it instead of using .Spam or .Virus mailboxes separately, passthru
 will skip a check if another check has already matched, to conserve resources
 when [maxscore] is greater than 0, and the score option gives each an amount
 to add up to maxscore plus is the order the options take precidence.

[bounce_msg]: Up to 255 characters, message to send back, be default this
     is just a standard 'No such such user. (#5.1.1)' message.

[vscan]: Use a virus checker,
     Sophos support is in BlackHole using the SDK, you just need the
     license and scanner library, this support is recommended over McAfee,
     since it is a better scanner and has cheaper pricing. To use Sophos
     in ./Setup choose Sophos as the scanner.
     There is an auto update script in scripts/sophos_update_ides.sh
     which can keep the virus definitions up to date.

     There is support for Trend Micro, it is built in and you only need
     the library.

     McAfee is setup currently to run uvscan, it is the default in ./Setup.

[valert]: Send a message to each sender of a virus to tell them which
     Virus they have and to get help.

[check_dns]: See if sender domain is a valid domain, otherwise classify the
     Message as Spam.

[body_check_*][spam/porn/racist]:
     This has three setting, all can be set at once, to go through the
     message body using a list of regular expressions and a scoring
     system to check if the threshhold of matches for each category is
     reached.  If one categorys rises above the chosen threshhold then
     the message is classified as Spam.  This is heavy on CPU usage.
     You can also use a custom list of patterns, on this one the threshhold
     for each pattern is 1 that you enter, it is the my_body setting.
     You can change each my_body entrys score with the following syntax...
     2.0: 

[my_relay]: This is a list of relays you don't want to use in the header,
     so it will skip them and go to the next one, instead of doing the
     checks against the most recent one.  Takes either classful notation
     like 192.168. or CIDR of 192.168.0.0/16.  By default 127.0.0.1 is
     included in the config.

[excluded_relay]: This list can have ips of hosts or network blocks in it,
     these networks and hosts will not have any ip checks done against them,
     good when you have a mailing list and you don't want to check its main
     relay constantly or the senders, but still want the other spam checking.

[my_email]: List of email addresses you allow email to, anything else used
     to address you in the To: envelope will be classified as Spam.

[white_list]: Turn the whole blackhole program into a 'whitehole' ;), well
     basically everything that isn't in the Good Email and Good Relay
     sections will be classified as Spam.

[no_rbl]: Turn of checking Relay IP against RBL Hosts.

[bad_subject]: Subjects to block, able to have anchors ^ and $ at the
     beginning and end, like ^ILOVEYOU$, also you can use the following
     syntax for case insensitivity (i)pattern or (i)^pattern$.

[bad_headers]: Headers to block, able to have anchors ^ and $ at the
     beginning and end, like X-Header: ^A String to Block$.
     The actual header content is case sensitive, the header itself isn't.
     Also you can use the following syntax for case insensitivity
     Xheader: (i)pattern or Xheader: (i)^pattern$.

[good_email]: Good email addresses, domains.  Can be of several different
     formats...
      user@domain.com
      @domain.com
      domain.com (matches both domain.com and sub.domain.com)
      .domain.com

[bad_email]: Bad email addresses, domains, same syntax as above.

[good_relay]: Good networks or hosts which you allow.  Can be the following...
      Network syntax, 192.168. saying the /16 network, or 10. for /8 etc.
      or CIDR of 192.168.0.0/16, or just an ip address, like 192.168.0.30

[bad_relay]: Bad networks or hosts denied, same syntax as above.

[charsets]: Which character sets you allow through, blank ones have to be
      let through, so these are the ones other than blank/default charsets.

[ascii_128]: Give a threshhold of number of characters above ASCII 128 (which
      are usually not Latin based) to allow before blocking as Spam.  This
      can help those who get many emails in other charsets they don't want,
      and want a more accurate check than the charsets one.
[expire]: Give the number of days before removing email in .Spam and .Virus
      maildir directories, only works currently for Maildir setups, not for
      Sendmail with mbox formats.

[razor]: Checks against the distributed Spam checksum database with the
      razor-check Perl script, you have to get this from
      http://razor.sourceforge.net/ to use this feature.

[sdelete]: Delete Spam email instead of keeping it. 
      (also deletes viruses unless vdelete set)

[vdelete]: Delete virus email instead of keeping it.
      (way to delete only viruses, not spam)

[maxbytes]: Maximum bytes or size of an email to allow through.

[maxbytes_trunc]: message will be truncated to the maxbytes size if exceeded,
       otherwise the message is just put into your spam folder even if over.

[spam_header]: This controls each header added by blackhole and subject tags,
       it has each optional header listed and subject_tag setting, the default
       is to have all headers and subject tags turned on.

[virus_header]: Same as 'spam_header' but for viruses.

[one_box]: This disables putting Spam/Virus email into a separate mailbox, and
       instead keeps it in your normal email box, best used with the subject 
       tags and X-BlackHole-* headers, else it isn't really too useful.

[good_rcptto]: Your addresses (To:) Yourself that you want to accept by default.

[bad_rcptto]: Your addresses (To:) Yourself that you want block as spam.

[smtp_relay]: SMTP Server used when forwarding email to another server,
       for spam/virus/ok email, default is 127.0.0.1.

[spam_fwd]: Forward Spam to this address rather than storing locally.

[virus_fwd]: Forward Viruses to this address rather than storing locally.

[ok_fwd]: Forward OK email to this address rather than storing locally.

[rbl_check]: Use the RBL Lists.

[no_spam_check]: List of users who don't want Spam checking at all
     blackhole will skip all Spam Checks.  This is good for use with Qmail Queue
     so all users are not forced into using blackhole.  It takes the syntax of
     good_email, with the additional username@ which will match any email 
     address with that username.  This would be more used in non-qmail-queue 
     setups, since in qmail-queue that would also avoid checking for sending to
     remote users of that username too, but in .dot file setups it would be fine
     since sending email isn't ran through blackhole.

[no_virus_check]: List of users who don't want Virus checking at all
     blackhole will skip all Virus Checks. This is good for use with Qmail Queue
     so all users are not forced into using blackhole.  The syntax is the same
     for the no_spam_check option.

[sscan]: Spam Scan the email, this will activate spam scanning (on by default).

[virus_bcc_to]: BCC Address for virus alerts to be sent to,separate from normal
     virus alerts, if NULL no BCC alerts are sent, put an administrator 
     address here for them to be sent.

[check_reverse]: Check the Relay ip of the email for reverse and forward DNS
     resolution which matches each other, if it is not setup in Reverse DNS
     or the reverse doesn't match forward lookup, then the email is blocked.

[strict_reverse]: Perform this check on the helo address too, pretty good check,
     but some false positives from misconfigured mailhosts, although rare.

[bad_encoding]: Check the encoding of messages, the 'Content-Transfer-Encoding:'
     part.  Place the encodings you want to block in this option.

[bad_ctype]: Check the content type of messages, the 'Content-Type:' part.
     Place the types you want to block here.

[sreport]:  Program, which is chosen when compiling blackhole, that spam should 
     cause to execute with the iprelay and spamfile as args to the program.
     The number here is the same as maxscore, so anything > 1 needs maxscore
     to meet that number before sending a report.  You create the program ;).

[exec_check]: Custom program that you compile the name and 
     args into blackhole which checks if email is 
     spam and recieves the args of 'ipaddr' and 'spammsg', 
     you also must tell blackhole the expected return 
     value when the message is spam.


Header Tags:

Config Setup:
# Spam Header tags, control the subject tags, and also X-BlackHole headers,
# 1 equals the ones you want, and 0 the ones you don't want.
[spam_header]
subject_tag = 1
subject_msg = SPAM
subject_info = 1
subject_score = 0
version = 1
sender = 1
relay = 1
match = 1
type = 1
dUmMy= 1

# Virus Header Tags
[virus_header]
subject_tag = 1
subject_msg = VIRUS
subject_type = 1
subject_clean = 0
version = 1
sender = 1
relay = 1
match = 1
type = 1
dUmMy= 1

Header Tags:
 The messages blocked will be tagged with the following headers...

   X-BlackHole-Sender:
   X-BlackHole-Relay:
   X-BlackHole-Match:
   X-BlackHole-Info:
   X-BlackHole-Virus-Status:
   X-BlackHole-Virus-Type:

Subject line tag example:

Subject: SPAM[RBL 1.0] Messages Subject Line Here

Possible matches:
  "Subject",
  "Email/Domain",
  "Host/Network",
  "RBL",
  "Spam",
  "Porn",
  "Racist",
  "Whitelist",
  "My RCPTTO",
  "Sender DNS",
  "Custom",
  "Character Set",
  "ASCII 128+",
  "Reverse DNS",
  "Razor",
  "Custom Header",
  "C/Type",
  "T/Encoding",
  "Size",
  "Bad RCPTTO",

