Policy Script 1: Scan and Deliver Internal Messages

# attr NAME=Mail from internal hosts
if pmx_relay :memberof "internal-hosts" {
    # The 'pmx-mlog-watch' depends on this to know which messages
    # are outgoing and which are not.
    pmx_mark1 "i";
    # attr NAME=Reject mail containing viruses
    if pmx_virus {
        reject "One or more viruses were detected in the message.";


  • The pmx_test_mark command is used to recognize sample messages sent by the " pmx-test " program.
    Consider disabling this action if running a site with a high-mail volume as this command will delay relay tests. See the pmx-policy manpage for further details.
  • If the pmx_relay test finds the message originated from a relay defined in the "internal-hosts" list:
    • The pmx_mark1 command adds a "i" mark to the message log to enable "Perimeter Protection" to distinguish outgoing messages from internal hosts. Messages accumulate "marks" throughout the filtering process. These marks can be used later to generate custom statistical reports.
  • The pmx_virus command scans the message for virus threats. If the message contains a virus:
    • The message is rejected with the reason "One or more viruses were detected in the message".
    • The stop control ends message processing.