This is an automated email from the ASF dual-hosted git repository. btellier pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/james-project.git
commit 9d181bead2a30c3912118c372735c4660ef13d7d Author: Benoit Tellier <[email protected]> AuthorDate: Wed Feb 16 14:33:02 2022 +0700 JAMES-3713 Document DLP for the distributed server --- .../modules/ROOT/pages/configure/matchers.adoc | 2 ++ .../docs/modules/ROOT/partials/DLP.adoc | 39 ++++++++++++++++++++++ 2 files changed, 41 insertions(+) diff --git a/server/apps/distributed-app/docs/modules/ROOT/pages/configure/matchers.adoc b/server/apps/distributed-app/docs/modules/ROOT/pages/configure/matchers.adoc index cad56d3..25cc76c 100644 --- a/server/apps/distributed-app/docs/modules/ROOT/pages/configure/matchers.adoc +++ b/server/apps/distributed-app/docs/modules/ROOT/pages/configure/matchers.adoc @@ -14,6 +14,8 @@ include::partial$AtMost.adoc[] include::partial$AtMostPriority.adoc[] +include::partial$DLP.adoc[] + include::partial$FetchedFrom.adoc[] include::partial$HasAttachment.adoc[] diff --git a/server/apps/distributed-app/docs/modules/ROOT/partials/DLP.adoc b/server/apps/distributed-app/docs/modules/ROOT/partials/DLP.adoc new file mode 100644 index 0000000..87fe91a --- /dev/null +++ b/server/apps/distributed-app/docs/modules/ROOT/partials/DLP.adoc @@ -0,0 +1,39 @@ +=== DLP + +Enable evaluation of incoming emails against DLP rules (Data Leak Prevention) attached to the sender domains. + +Example: + +[xml] +---- +<mailet match="DLP" class="ToRepository"> + <repositoryPath>/var/mail/quarantine</repositoryPath> +</mailet> +---- + +Rules can be administered via xref:operate/webadmin.adoc#_administrating_dlp_configuration[webAdmin]. + +Only available on top of Memory and Cassandra storages. + +Additionally a cache can be added to reduce queries done to the underlying database. + +Example: + +[xml] +---- +<mailet match="DLP=cache:60s" class="ToRepository"> + <repositoryPath>/var/mail/quarantine</repositoryPath> +</mailet> +---- + +Will query the DLP rules for a given domain only every 60 seconds. + +Please note that querying DLP rules on top of Cassandra relies on Event sourcing, involves reading a potentially +large event stream and involves some SERIAL reads (LightWeight transactions) for each processed emails. + +Efficiency of the cache can be tracked with the following metrics: + + - `dlp.cache.hitRate` + - `dlp.cache.missCount` + - `dlp.cache.hitCount` + - `dlp.cache.size` \ No newline at end of file --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
