Quarantine/Spool Management

ze-filter uses its spool directory to store quarantined/archived messages.

During the time interval ze-filter is handling a message, it saves it inside its spool directory (/var/spool/ze-filter), with a file name of the kind : 47C7FDAE.000.0000, created by the concatenation of the connection identifier and the message order inside that connection.

When ze-filter finishes handling the message, it can remove the message file or let it there if it decides to archive or quarantine the message. In this case, it will add add an extension to the file name explaining the reason why the message was quarantined. At some moment, the content of the spool directory will look like :

# ls -l /var/spool/ze-filter
total 1928
-rw-------   1 smmsp smmsp  3427 Oct  8 08:26 48EC5283.000.0000.xfile   -> xfile
-rw-------   1 smmsp smmsp 63925 Oct  8 09:50 48EC6639.000.0000.archive -> archive
-rw-------   1 smmsp smmsp    67 Oct  8 10:23 48EC6DF0.000.0000        
-rw-------   1 smmsp smmsp 56947 Oct  8 12:00 48EC8481.000.0000.xfile   -> xfile
-rw-------   1 smmsp smmsp 51345 Oct  8 12:01 48EC84C4.000.0000.virus   -> virus
-rw-------   1 smmsp smmsp    53 Oct  8 12:01 48EC84D0.000.0000

The following options are used to enable Archiving/Quarantine by ze-filter

#  Enable archiving messages feature
ARCHIVE                           YES
#  Enable quarantine for XFILES
XFILE_SAVE_MSG                    YES
#  Enable quarantine for virus detected by external scanner
SCANNER_SAVE                      YES
#  Conditions resulting from content verifications
XSTATUS_QUARANTINE_CONDITION

ze-filter automatically cleans up its spool directory. This feature is controlled by the following options :

#  Checks the content of the spool directory each 21600 s (6 hours)
CLEANUP_INTERVAL           21600
 
#  Remove messages older than 86400 s (one day)
QUARANTINE_MAX_AGE         86400