## ACTION DEFINITIONS SECTION
# Syntax:
# variable = enumeration
# The variable will be associated with some actions.
# The enumeration contains one or multiple actions separated by ',' that will
# be performed in that order.

# The following actions are executed by RAV on the file reported as infected,
# suspicious, bulk or matched with a content filtering rule:
# 1. clean 	- clean the infected file.
# 2. move	- move the file to quarantine (equivalent to copy + delete actions).
# 3. copy	- copy the file to quarantine.
# 4. delete	- delete the file and replace it with a new file automatically
#	generated by RAV. The file name is "warn.txt" and it contains the message
#	"RAV AntiVirus has deleted this file because it contained
#	dangerous code.". Note that RAV doesn't change the mail file size
#	because of some protocols (like IMAP) may request the mail size first and
#	then the mail body. So, the "warn.txt" file will be filled with spaces
#	to fit the original file length.
# 5. rename	- the file will be renamed using the "rename_ext" extension
#	specified in configuration.
# 6. ignore	- the file is ignored, no action is taken and the e-mail is
#	delivered.
# 7. reject	- the e-mail is rejected, it will not be delivered to any of
#	its recipients.
# 8. discard	- the e-mail is silently discarded, it will not be delivered to 
#	its recipients and no bounce will be send to the sender
# 9. deliver	- used only for bulk mails; the mail is delivered to its
#				recipients after tagged as SPAM.
# 10. save	- save the bulk mail in the quarantine directory
# 11. embed	- create an embedded mail which contains a custom message
#		and has attached the bulk mail detected
# 12. add_header  - add a custom extra header to the bulk mail
# 13. add_subject - prepend a custom string to the bulk mail subject
# 14. forward - forward the bulk mail to the addresses specified by 'forward_to'
#		parameter from the respective antispam section. This is not a final
#		action. After forwarding the mail all other bulk specific actions are
#		performed.

# Depending on scanning status the following valid actions are supported:
# a. for infected files: clean, move, copy, delete, rename, ignore, reject, discard.
# b. for suspicious files: move, copy, delete, rename, ignore, reject, discard.
# c. for e-mail files matching the subject filter: copy, ignore, reject, discard.
# d. for files matching the attachment filter: move, copy, delete, rename,
# 						ignore, reject, discard.
# e. for e-mail files matching the content filter: move, copy, delete, ignore,
#						reject, discard.
# f. for bulk mails: save, forward, embed, add_header, add_subject, deliver, reject, discard.

act_for_infected_files = clean, delete, reject
act_for_suspicious_files = copy, ignore
 
# cf_subject_test = reject
# cf_file_test = copy, delete, discard
 
subj_action = reject
file_action = reject
body_action = reject

#actions for well-known viruses
act_for_wn_viruses = discard
body_wn_act = discard
file_wn_act = discard

#actions for bulk mails
bulk_actions_low = add_subject, add_header, deliver
bulk_actions_medium = add_subject, add_header, deliver
bulk_actions_high = add_subject, add_header, deliver
bulk_actions_very_high = save, discard

bulk_actions_high_with_forward = forward, add_subject, add_header, deliver
bulk_actions_very_high_with_forward = forward, save, discard

discard_all_spam_mails = discard

