Lists & Rules

CanIt-PRO allows you to make your own lists of senders, Domains and Hosts that are always allowed to send you mail, or never allowed to send you mail. It also lets you create custom rules and other types of rules. The following sections describe how to create these lists and rules.

The Sender Action Table

CanIt-PRO can take specific actions based on the sender's E-mail address. To see the sender list, click on "Rules" and then "Senders". The sender page appears.

The columns in the table are:

  • Sender: The E-mail address of a sender
  • Who: The user who last modified the sender's disposition.
  • Current Action: The action taken by CanIt-PRO when a message from the sender arrives.
  • New Action: Allows you to set a new action.The possible actions are:
    • No Change - Keep the current action.
    • Always allow - Always allow mail from this sender without scanning for SPAM. (Dangerous attachments are still scanned and stripped.)
    • Always hold for approval - Mail from this sender is always held for approval, even if SPAM-scanning does not flag it as SPAM.
    • Hold if looks like SPAM - This is the default; mail from this sender will be held if it scores high enough on the SPAM scale.
    • Always reject - Messages from this sender are always rejected with a permanent failure code. The rejection happens early on in the SMTP dialog, before any message body is transmitted.
    • Delete from Table - The sender is deleted from the table. Also, CanIt-PRO treats the sender as if the setting Hold if looks like SPAM had been used.
  • Comment: Allows you to enter a comment if you like. This can help you remember why you WhiteListed or BlackListed a sender.

To set new actions, adjust the new Action entries appropriately and click Submit Changes.

If you want to set an action for an E-mail address that is not in the sender list, enter the address in the text box and press enter. You will then be given an opportunity to set the action for that address.

For convenience, if you click on a sender address in the message summary or incident display, CanIt-PRO will take you to the sender entry for that address.

Click on Always Allow, Always Hold for Approval, Hold if Looks Like SPAM, Always Reject or All to restrict the sender page to senders who are always allowed, always held, held if the message looks like SPAM, always rejected, or all senders, respectively.

Note: CanIt-PRO uses the Envelope Sender to determine the sender of an E-mail. This may not necessarily be the address in the E-mail's From: header. Instead, you should look at all the Internet headers using your E-mail client; the envelope sender will appear in the Return-Path: header.

Note: You cannot use wildcards in the Sender Action Table. For example, rejecting *@Domain.com will
not work. Instead, reject Domain.com in the Domain Action Table.

Holding Unlisted Senders

CanIt-PRO can allow you to decide to only accept mail from a specific list of sender addresses, and to hold mail from all others. This essentially gives you the benefits of a challenge-response or sender opt-in system without requiring that senders perform any extra additional actions before sending you a message.

To use this feature:

  • Go to Rules: Senders and add the addresses of people you wish to receive mail from as Always allow.
  • Enable the Hold mail from any sender not listed in Senders Table setting under Preferences: Stream Settings.

Messages from the addresses you WhiteListed will be allowed and all messages from senders not specifically listed in the Sender Action Table will be held in your Pending trap, even if they score below your SPAM threshold.

The Domain Action Table

Just as it can make decisions based on the sender's address, CanIt-PRO can make decisions based just on the Domain part of the address. (The Domain part is everything after the @ sign. For example, the Domain part of info@roaringpenguin.com is roaringpenguin.com.)

To see the Domain list, click on "Rules" and then "Domains". The Domain list appears: The columns and actions in the table have similar meanings to those the Sender Action Table. Click on Always Allow, Always Hold for Approval, Hold if Looks Like SPAM, Always Reject or All to restrict the Domain page to Domains who are always allowed, always held, held if the message looks like SPAM, always rejected, or all Domains, respectively.

Domain Matching Rules

CanIt-PRO uses the same approach to match Domains as Sendmail's access table does. Suppose you receive E-mail from user@mail.sub.Domain.net. CanIt-PRO performs the following Domain lookups:

1. mail.sub.Domain.net
2. sub.Domain.net
3. Domain.net
4. net

Thus, if you disallow E-mail from badDomain.com, you also automatically block bouncer.badDomain.com and SPAMbox.badDomain.com. However, you can explicitly allow goodbox.badDomain.com by adding another entry, because a Domain with more components is more specific than (and takes preference over) one with fewer components.

The Host Action Table

CanIt-PRO can apply actions automatically based on the IP address of the SMTP relay Host. To see the Host list, click on "Rules" and then "Hosts".

The columns and actions in the Host table have similar meanings to those in the Sender and Domain tables, except that they are keyed on the IP address of the sending Host. In addition, the Host BlackList has an additional option, Skip RBL Checks. This option is almost the same as Hold if looks like SPAM, except that DNS-based BlackList lookups are disabled. This is useful, for example, if you receive legitimate mail from a Host that ended up in a BlackList. You might not want to WhiteList the Host entirely, but you need a way to turn off the real-time BlackList lookup.

If you reject mail from a Host, then any attempt by that Host to send E-mail to you is rejected early in the SMTP dialog. CanIt PROT skips the Domain and sender checks.

If you choose to always accept mail from a Host, then that setting overrides both the Domain and sender checks.

If you choose to hold mail from a Host (whether you hold it always or only if it looks like SPAM), then Domain and sender checks are performed, and may override the Host check. (For example, if you tell CanIt-PRO to always hold mail from 172.20.201.32, but always accept mail from friend@mycompany.com, then mail from friend@mycompany.com relayed through 172.20.201.32 is accepted.)

Bulk BlackListing and WhiteListing

Entering a large number of Hosts, Domains or senders into the BlackList/WhiteList tables can be time consuming. CanIt-PRO provides an alternative interface for bulk entry.

To see the bulk entry page, click on "Rules" and then "Bulk Entry":

  • Enter the items you want to BlackList or WhiteList, one per line. If you wish to enter item-specific comments, enter them following a pound symbol, like this: item # item-specific comment
  • In the bulk-entry text box, blank lines and lines starting with a pound sign are ignored.
  • If you want a global comment to apply to all items that lack an item-specific comment, enter the comment in the Global comment entry box.
  • Select the action. Depending on your access rights, you can bulk-enter senders, Hosts and
  • Domains. Choose the appropriate entry type and action from the menu.
  • Click Submit Changes to submit the bulk data.

MIME Types

CanIt-PRO allows you to hold or reject E-mail with attachments of certain MIME types. Some MIME types pose a risk, and you might want to hold or reject E-mail messages containing them. In particular, the message/partial MIME type may pose a risk, and we recommend you reject or hold it. To see the MIME type list, click on "Rules" and then "MIME Types".

For each MIME type, you can Accept, Hold, Reject or Discard E-mail containing the type. Note that the default is Accept. This does not mean that mail will be specifically accepted regardless of other factors; it just means that it will not be rejected because of a MIME type.

The Hold setting causes E-mail containing parts of the specified type to be held in the trap, and Reject causes the E-mail to be rejected.

To add a new MIME type to the list, enter it in the "Enter a specific MIME type:" input box and press Enter. You can then adjust its setting and click Submit Changes.

Note that with MIME types, you can specify a different action for WhiteListed senders. If a sender address is WhiteListed, then the action in the Action for WhiteListed Senders column applies. Otherwise, the General Action applies. You might use this, for example, to hold images from most people, but permit them from WhiteListed senders.

Filename Extensions

CanIt-PRO allows you to hold or reject E-mail with attachments whose filenames end in certain extensions. Some filename extensions may pose a risk to Windows machines.

To see the filename extension list, click on "Rules" and then "Filename Extensions".

For each extension, you can Accept, Hold, Discard or Reject E-mail containing the extension. Note that the default is Accept. This does not mean that mail will be specifically accepted regardless of other factors; it just means that it will not be rejected because of an extension.

If you set "Handling for messages containing Windows executables" to anything other than Accept, you can override the built-in extensions by explicitly setting them to Accept here. For example, if you would like to accept url files, you can add an Accept setting for url, and this setting will override the entry in the built-in list of dangerous extensions.

Note that you should not include the period in the extension. For example, if you want to block files ending in .exe, enter "exe", not ".exe". Filename extension matching is case-insensitive.

To enter a new extension in the list, enter it in the "Enter a specific filename extension:" input box and press Enter.

With filename extensions, as with MIME types, you can specify a different action for WhiteListed senders. If a sender address is WhiteListed, then the action in the Action for WhiteListed Senders column applies. Otherwise, the General Action applies. You might use this, for example, to hold ZIP files for most people, but allow them for WhiteListed senders.

Note: CanIt-PRO has a built-in list of extensions for detecting probable Windows executables. These are enabled with the "Handling for messages containing Windows executables" setting. If you do not want to use the built-in extension list at all, you must set the global or per-stream Windows-executable handling to Accept, and then enter a list of extensions to reject in the Filename Extensions list.

Matching Entire Filenames

In the Filename Extension list, you can match an entire file name by prefixing the name with "^". For example, the entry ^message.zip will match if the entire filename is message.zip (using a case-insensitive comparison, of course.)

Custom Rules

In addition to the built-in SPAM-detection rules, you can create your own custom rules which affect the SPAM score. To create your own rules, click on "Rules" and then "Custom Rules".

CanIt-PRO's custom rules allow you to adjust the SPAM score based on certain fields in each E-mail message. For each E-mail message, all of your custom rules are checked, and any which match have their score added to the SPAM score. Note that you can lower the SPAM score by specifying a negative number for a custom rule's score.

Note: CanIt-PRO custom rules are less efficient than built-in SPAMAssassin rules. You should not create more than one or two hundred custom rules in a given stream or in the "default" stream or CanIt-PRO will be very slow. If you require that many rules, you should investigate coding them up as SPAMAssassin rulesets.

If you enter a string in the "Filter:" box, CanIt-PRO will restrict the listing to those items that contain the string in the Field, Relation, Data or Common column.

Fields

Each custom rule can examine a certain part of the mail message, called a field. The available fields are:

  • Subject: The subject of the message.
  • Sender: The SMTP envelope sender (what appears in the MAIL FROM: command; not necessarily what appears in the From: header.)
  • Recipient: The SMTP envelope recipient (what appears in the RCPT TO: command; not necessarily what appears in the To: or CC: headers.) If you create a rule based on Recipient, the rule fires if any recipient matches.
  • HELO: The argument the server gave to the SMTP "HELO" or "EHLO" command. Many SPAMmers misguidedly think that if they provide your own server name in the HELO command, your machine is more likely to accept the mail. You can detect those SPAMmers with a HELO rule.
  • Relay: The canonical name of the sending relay, as determined by a reverse DNS lookup. If the lookup fails, the relay name is set to its IP address in square brackets, like this: [127.0.0.1]
  • RelayAddress: The IP address of the sending relay.
  • Header: Applies to all the header lines of the message. If any header matches the rule, then the rule matches. Please see Section 5.7.5 for more details.
  • Body: Applies to the message body. Note that "Body" matches apply to decoded message parts, after any MIME encoding has been decoded.
  • RawBody: Applies to the raw, undecoded message including all headers and the undecoded MIME body. In most cases, you should not use RawBody matching; instead, use Body matching.

Relations

Fields can be compared in several ways:

  • Contains: Activates a rule if the field contains the string you specify. The string-matching test is not case-sensitive, and word boundaries are ignored. Thus, the string "Roaring Penguin" is considered to contain "oAr".
  • Starts with: Activates a rule if the field starts with the specified string. Matching is not case-sensitive.
  • Ends with: Activates a rule if the field ends with the specified string. Matching is not case-sensitive.
  • Regexp matches: Considers the string you specify to be a Perl regular expression. If the field matches the regular expression (in a case-insensitive match), then the rule is fired. Please note that it is possible to write invalid regular expressions; these never match anything, but produce error messages in your mail log. You can also write regular expressions which take a long time to evaluate, so be careful.
  • Does not contain: Activates a rule if the field does not contain the specified string.
  • Is: Activates a rule if the field exactly equals the specified string, in a case-insensitive way

    Note that the last two comparisons (Does not contain and Is) are not likely to be useful for the Header, Body or RawBody fields.

Score

The score associated with a rule is added to the SPAM score if the rule matches. Negative scores may be useful; for example, if you want sensitive E-mail not to be trapped, you can inform people you trust to put a magic string (like Confidential 394753486) in the subject of the message.

You could then create a rule:

If Subject contains Confidential-394753486 then score-200. which artificially lowers the message score, ensuring it will not be trapped.

Creating and Deleting Custom Rules

To create a custom rule:

  • Set the field to one of Subject, Sender, Recipient, etc.
  • Set the relation appropriately (Contains, Starts with, etc.)
  • Enter the string you want to match in the text box. For the Regexp matches relation, be sure to enter a valid Perl regular expression.
  • Enter the score adjustment value in the score box.
  • If you wish, enter explanatory notes in the Comment column.
  • Click Submit Changes to add the rule.

To delete a rule, simply click the "Delete" link in the rule table.

If you supply a rule with a very large positive score, you can configure CanIt-PRO to automatically reject E-mail. The default setting rejects mail scoring over 2000 (which never actually happens without custom rules.) You can create a custom rule with a score of 2000 or more to auto-reject mail.

Similarly, a custom rule with a negative score of around -2000 will always allow mail it matches to come through without being trapped.

Header Matching

A custom rule matching on the Header tests each header line, and if one matches, the rule is considered to match. It is most useful to use Regexp match with headers, because you need to match both the header name and value.

For example, suppose you want to match bad@SPAMmer.net in the From: header. (This is not the same as a Sender rule, because the Sender rule uses the envelope sender.) You could create a rule like this:

If Header Regexp matches ^From:.*bad@SPAMmer.net then score 10

Body Matching

A custom rule matching Body or RawBody tests each body line, and if one matches, the rule matches. Note, therefore, that you cannot match phrases that span multiple lines.

A Body rule reads the decoded MIME body parts, while a RawBody rule uses the complete undecoded MIME message, including headers.

For example, if you want to add 20 to all messages containing "horny" in the body, create a rule like this:

If Body Contains horny then score 20.

Mismatch Rules

Mismatch rules are special rules that check for a mismatch between the sender's Domain and the SMTP relay's Domain. These rules are not recommended for general use, but are very useful at stopping a lot of SPAM in certain specific situations.

A mismatch rule allows you to hold or reject E-mail, or add to the SPAM score, if the sending relay's Hostname (as determined by a DNS lookup) does not end in the same Domain as the sender's supposed E-mail address.

In general, it is perfectly valid for this mismatch to occur, and you should not block mail just because the relay Hostname doesn't match the sender's Domain. However, many SPAMmers use fake hotmail.com, yahoo.com, aol.com and earthlink.net addresses. All of those popular services have good reverse-DNS configurations, and their outgoing relay Host names all end in the appropriate Domain name. It can be very effective to hold or block mail from these (and other) services if the relay Host name does not match the sender Domain name.

To enter mismatch rules, click on "Rules" and then "Mismatch Rules".

If you enter a string in the "Filter:" box, CanIt-PRO will restrict the listing to those items that contain the string in the Sender Domain or Relay Match column.

To add a mismatch rule:

  • Enter the Domain in the Sender Domain box.
  • Enter the string which the sending relay must end with in the Relay Match box. If you leave the Relay Match box empty, it defaults to the Sender Domain. You can enter a comma-separated list of Domains in the Relay Match box; as long as the relay matches one of the Domains, it will be accepted. For example, mail from msn.com might come from an msn.com or hotmail.com relay. In this case, you would put msn.com, hotmail.com in the Relay Match box.
  • Set the Action to "Hold" if you want to hold mismatched messages in the trap, or "Reject" if you want to reject them outright. If you'd rather just add the the SPAM score, set Action to "Score" and enter the amount you want added in the Score box.
  • If you wish, add explanatory notes in the Comment box.
  • Click on Submit Changes to add the rule.

To delete a rule, simply click on the appropriate "Delete" link.

Just like with Domain BlackLists and WhiteLists, CanIt-PRO checks mismatch rules using the Domain Matching Rules described above. That is, if mail is received from nuser@mail.sub.Domain.net, then CanIt-PRO looks for the following mismatch rules:

  • mail.sub.Domain.net
  • sub.Domain.net
  • Domain.net
  • net

To reiterate: Mismatch rules are not appropriate for general use. Even for the example Domains, there may well be legitimate reasons for an aol.com user to relay mail through a non-aol.com server. It's up to you to balance the highly effective nature of mismatch rules against the possibility of holding or rejecting valid mail.

SPF Rules

SPF (Sender Policy Framework) is a more sophisticated version of Mismatch Rules. SPF allows the owners of a Domain to assert which Hosts are allowed to originate E-mail claiming from that Domain.

For example, the Domain aol.com has an SPF record that lists which Hosts ordinarily send out AOL mail. If you receive mail from a Host not in AOL's list of approved senders, it is probably faked.

For more details on SPF, please see http://spf.pobox.com

To add SPF rules to CanIt-PRO, click on "Rules" and then "SPF Rules".

If you enter a string in the "Filter:" box, CanIt-PRO will restrict the listing to those items that contain the string in the Domain column.

How SPF Queries Work

An SPF query is a DNS query looking for a specific record. The SPF query takes as input the sender address, the IP address of the sending Host, and the argument to the SMTP HELO command. It can return one of seven values:

  • pass: means that the specified Host is authorized to send mail for the Domain.
  • fail: means that the specified Host is not authorized to send mail for the Domain, and that the Domain administrators would prefer you to reject the mail.
  • softfail: means that the specified Host is not authorized to send mail for the Domain, but that the Domain administrators want you to accept the mail anyway because it may be legitimate for some senders to relay through other machines.
  • neutral: means that the Domain administrator has no opinion about the legitimacy of the sending Host.
  • none: means that there is no SPF record for the Domain.
  • error: means that the DNS lookup encountered a temporary error.
  • unknown: means that the SPF record has a syntax error.

CanIt-PRO allows you to add different scores for the various query results. We recommend adding 5 points for fail and 2 points for softfail, and leaving all other scores at zero. You may cautiously subtract points for pass, but we recommend doing this only for selected Domains.

Entering SPF Rules

To enter an SPF rule:

  • Enter the Domain the rule should apply to in the Domain entry box. If you enter * in the Domain entry box, then the rule applies to all Domains unless there is another entry specifically for the Domain.
  • Enter the scores for each return code in the appropriate columns. If you leave a score entry box blank, zero is used.
  • Click on Submit Changes to add the rule.

To delete an SPF rule, simply click on the appropriate "Delete" link.

BlackListing Recipients

Often, a large volume of SPAM is destined for nonexistent users at your site. This is usually because users leave the company, but SPAMmers still have their old E-mail addresses.

Ideally, the CanIt-PRO machine will check the validity of recipient addresses, either directly (if CanIt- PRO is installed on your actual mail Host) or indirectly (by checking against your real SMTP server.)

Unfortunately, some mail servers, most notably Microsoft Exchange, do not perform user lookups at the RCPT TO: phase of the SMTP conversation and it is impossible for CanIt-PRO to check recipient validity at RCPT TO: Microsoft documents this behavior at http://support.microsoft.com/default.aspx?scid=kb;en-us;304897.

As a workaround for this, CanIt-PRO lets the administrator BlackList recipients. If you notice a lot of SPAM trapped for a nonexistent recipient, simply BlackList that recipient. To BlackList a recipient:

  • Click on "Rules" and then "Blacklisted Recipients".
  • Enter the full E-mail addresses of the recipient you wish to BlackList. You can enter more than one address; just put each address by itself on a line.
  • Click Blacklist Recipient(s)

If mail comes in for a BlackListed recipient, CanIt-PRO fails the RCPT TO: command for that recipient.

To remove a recipient from the BlackList, click on the "Delete" link near the recipient's E-mail address in the BlackListed recipients table.

The list of BlackListed recipients is kept on a per-stream basis. When testing if an address is BlackListed, CanIt-PRO first determines which stream the address would map to, and it then looks up that stream's list of BlackListed recipients.

Although a stream administrator can BlackList any address, CanIt-PRO will ignore addresses that don't map to that stream. For example, if the stream administrator for user1 BlackLists the address user2@Domain.net (which presumably maps to a different stream), CanIt-PRO will ignore the entry.

The CanIt-PRO administrator can globally BlackList recipients by placing the BlackListed addresses in the default stream.

Note: CanIt-PRO refuses to obey a BlackList on the special address postmaster, because this address is required to accept mail according to the SMTP standard.

Enumerating Valid Recipients

If you have a relatively small site, you can enter a list of valid recipients into CanIt-PRO, and CanIt- PRO will not accept mail for recipients unless they are in the table of valid recipients. Be sure to enter all your valid addresses, including aliases and "role" addresses into the Valid Recipients Table.

To enter a list of valid recipients:

  • Click on "Rules" and then "Valid Recipients"
  • Enter the full E-mail addresses (one per line) of valid recipients. Note that you can enter either a complete address (like user@Domain.com) or just the local part (user). If you just enter the local part, then any E-mail address whose local part is found in the table will be accepted.
  • Click Add Recipient(s)

Normally, CanIt-PRO does not consult the table of Valid Recipients. If you want the table to be used, set the "Only accept mail for accounts in the Valid Recipients table" Global Setting to Yes.

The list of valid recipients is kept on a per-stream basis. When looking up a recipient, CanIt-PRO first determines which stream the address would map to, and then looks the address up in that stream's list of valid recipients.
The CanIt-PRO administrator can globally enter valid recipients by placing the addresses in the
default stream.

Note that if your CanIt-PRO machine processes outgoing mail, you should ensure that outgoing mail is streamed to a stream that does not check the Valid Recipients Table.

Note:CanIt-PRO always treats the special address postmaster as valid, because this address is required to accept mail according to the SMTP standard.

Importing and Exporting Rules

CanIt-PRO can export your rules in comma-separated value (CSV) format. This format can be manipulated by a variety of software such as spreadsheets and database programs. CanIt-PRO can also import rules in CSV format, allowing for efficient bulk creation of rules.

Exporting Rules

To export rules, click on "Preferences" and the "Export Rules". The Export Rules screen appears.

  • Select all of the rules you wish to export by enabling the appropriate checkboxes.
  • Click on Export Objects as Text to view the CSV file as a plain-text file in your browser. Click on Export Objects as Downloadable CSV if you want your browser to prompt you to save the text to a file.

The resulting CSV file can be imported into a spreadsheet program such as Open Office "calc" or other popular spreadsheet software.

Format of the Exported Rules

Each rule type in the CSV file has a specific layout.

For sender BlackLists and WhiteLists, the fields are:

  • Sender - The literal text Sender.
  • stream - The stream containing the rule.
  • address - The sender's address.
  • action - The action to associate with the address (one of allow-always, hold-always, hold-if-SPAM or reject.)
  • who - The user ID of the person who created the rule.
  • comment - Any comment attached to the rule.

For Domain BlackLists and WhiteLists, the fields are:

  • Domain - The literal text Domain.
  • stream - The stream containing the rule.
  • Domain - The Domain.
  • action - The action to associate with the Domain (one of allow-always, hold-always, hold-if-SPAM or reject.)
  • who - The user ID of the person who created the rule.
  • comment - Any comment attached to the rule.

For Host BlackLists and WhiteLists, the fields are:

  • Host - The literal text Host.
  • stream - The stream containing the rule.
  • Host - The Host's IP address.
  • action - The action to associate with the Host (one of allow-always, hold-always, hold-if-SPAM, no-rbl or reject.)
  • who - The user ID of the person who created the rule.
  • comment - Any comment attached to the rule.

For custom rules, the fields are:

  • Custom - The literal text Custom.
  • stream - The stream containing the rule.
  • field - The field associated with the rule.
  • relation - The relation associated with the rule.
  • data - The string data associated with the rule.
  • score - The score to assign to the rule.
  • comment - Any comment attached to the rule.

For mismatch rules, the fields are:

  • Mismatch - The literal text Mismatch.
  • stream - The stream containing the rule.
  • Domain - The Domain associated with the rule.
  • match - A list of allowable Domains for the relay Host.
  • action - The action to take if the rule is fired.
  • who - The user-ID of the person who created the rule.
  • score - The score associated with the rule.
  • comment - Any comment attached to the rule.

For MIME type rules, the fields are:

  • MIME - The literal text MIME.
  • stream - The stream containing the rule.
  • MIMEtype - The MIME type.
  • action - The action to associate with the MIME type.
  • who - The user ID of the person who created the rule.
  • comment - Any comment attached to the rule.

For filename extension rules, the fields are:

  • Extension - The literal text Extension.
  • stream - The stream containing the rule.
  • extension - The filename extension.
  • action - The action to associate with the extension.
  • who - The user ID of the person who created the rule.
  • comment - Any comment attached to the rule.

For Bayesian settings, the fields are:

  • Bayes - The literal text Bayes.
  • stream - The stream containing the rule.
  • percentage - The percentage probability associated with the rule.
  • score - The score associated with the rule.

Importing Rules

CanIt-PRO can import CSV files that are in the format described in Section 5.12.2 earlier. To import rules, click on "Preferences" and then "Import Rules". The Import Rules page appears:

  • Enter the name of a file to upload in the text box. Use the Browse... button to browse your local
    file system to find a file.
  • Choose what to do in case of a conflict. The default, Preserve Original, means that if the CSV file contains a rule that conflicts with an existing rule, the existing rule is retained. Alternatively, you can choose Overwrite, which overwrites any conflicting rules with rules from the CSV file.
  • Click on Import Objects to import the rules.

Note: CanIt-PRO expects the CSV file to follow precisely the format described in Section 5.12.2. Any lines
the the file which deviate from the format are silently ignored.
During rule importing, CanIt-PRO ignores the "stream" field in the CSV file. All rules are imported
into the current stream.