PMX_EVENT codes are used in the
callback. They indicate how the variable parameters are to be interpreted.
- The engine reports that a rule or condition has been triggered. Parameter 1 is of type
PMX_TYPE_STRINGand contains the feature name. Parameter 2 is normally not used, but some plugins pass a
PMX_TYPE_STRINGparameter containing extra information about why the feature fired.
The engine determines the IP of the first untrusted relay by scanning the message headers and identifying the first connecting host that is not in its list of trusted relays. This event code only takes effect if the
core.event.furattribute has been specified and set to "1". For more information, see "Core Attributes" in the Anti-Spam Engine Attributes section.In order for this data to be useful to SophosLabs, it is recommended that you append it to an informational header, so that the IP address of the first untrusted relay is included in all false positives and false negatives submitted to Sophos. This header should follow the format shown below:
X-PMX-Version: product-name, Antispam-Engine: 22.214.171.1240677, Antispam-Data: 2009.2.13.62815, FUR: 126.96.36.199
plugin.net.trusted-relaysunder "net Attributes" in the Anti-Spam Engine Attributes section.
- The engine generates this event when it has determined the probability of the message being
spam. Parameter 1 will be of type
PMX_TYPE_DOUBLEcontaining a probability between 0.0 and 1.0. Parameter 2 is not used.