From 4c0196aa5b16415166054935ae679cd2cd269dfc Mon Sep 17 00:00:00 2001
From: Matt Simerson <matt@tnpi.net>
Date: Tue, 7 Jan 2025 16:58:54 -0800
Subject: [PATCH] updates with name fixes for a handful of plugins (#49)

Is there a mechanism for these pages to get updated with the README from NPM packaged plugins?
---
 content/8.plugins/{connect.asn.md => asn.md}  |  14 +-
 content/8.plugins/connect.rdns_access.md      |  69 --------
 content/8.plugins/dkim.md                     | 152 +++++++++++++++++
 content/8.plugins/dkim_sign.md                | 106 ------------
 content/8.plugins/dkim_verify.md              |  40 -----
 content/8.plugins/{dnsbl.md => dns-list.md}   |  12 +-
 ...{log.elasticsearch.md => elasticsearch.md} |   8 +-
 .../{connect.fcrdns.md => fcrdns.md}          |  14 +-
 .../8.plugins/{connect.geoip.md => geoip.md}  |   0
 .../8.plugins/{data.headers.md => headers.md} |   0
 content/8.plugins/mail_from.access.md         |  68 --------
 .../8.plugins/max_unrecognized_commands.md    |  27 ---
 content/8.plugins/{connect.p0f.md => p0f.md}  |  12 +-
 content/8.plugins/rate_limit.md               | 157 ------------------
 content/8.plugins/rcpt_to.access.md           |  66 --------
 content/8.plugins/rcpt_to.max_count.md        |  17 --
 content/8.plugins/relay_acl.md                |  35 ----
 content/8.plugins/relay_all.md                |  20 ---
 content/8.plugins/relay_force_routing.md      |  38 -----
 .../8.plugins/{log.syslog.md => syslog.md}    |  32 ++--
 content/8.plugins/{data.uribl.md => uribl.md} |  14 +-
 21 files changed, 204 insertions(+), 697 deletions(-)
 rename content/8.plugins/{connect.asn.md => asn.md} (88%)
 delete mode 100644 content/8.plugins/connect.rdns_access.md
 create mode 100644 content/8.plugins/dkim.md
 delete mode 100644 content/8.plugins/dkim_sign.md
 delete mode 100644 content/8.plugins/dkim_verify.md
 rename content/8.plugins/{dnsbl.md => dns-list.md} (90%)
 rename content/8.plugins/{log.elasticsearch.md => elasticsearch.md} (98%)
 rename content/8.plugins/{connect.fcrdns.md => fcrdns.md} (90%)
 rename content/8.plugins/{connect.geoip.md => geoip.md} (100%)
 rename content/8.plugins/{data.headers.md => headers.md} (100%)
 delete mode 100644 content/8.plugins/mail_from.access.md
 delete mode 100644 content/8.plugins/max_unrecognized_commands.md
 rename content/8.plugins/{connect.p0f.md => p0f.md} (85%)
 delete mode 100644 content/8.plugins/rate_limit.md
 delete mode 100644 content/8.plugins/rcpt_to.access.md
 delete mode 100644 content/8.plugins/rcpt_to.max_count.md
 delete mode 100644 content/8.plugins/relay_acl.md
 delete mode 100644 content/8.plugins/relay_all.md
 delete mode 100644 content/8.plugins/relay_force_routing.md
 rename content/8.plugins/{log.syslog.md => syslog.md} (66%)
 rename content/8.plugins/{data.uribl.md => uribl.md} (93%)

diff --git a/content/8.plugins/connect.asn.md b/content/8.plugins/asn.md
similarity index 88%
rename from content/8.plugins/connect.asn.md
rename to content/8.plugins/asn.md
index fc1127e8..e442333d 100644
--- a/content/8.plugins/connect.asn.md
+++ b/content/8.plugins/asn.md
@@ -1,10 +1,10 @@
 ---
-title: connect.asn - get AS number of remote IP address plugin for Haraka
-description: Haraka connect.asn plugin - get AS number of remote
-navigation.title: connect.asn
+title: asn - get AS number of remote IP address plugin for Haraka
+description: Haraka asn plugin - get AS number of remote
+navigation.title: asn
 ---
 
-# connect.asn plugin
+# asn plugin
 
 * Use DNS queries to look up the ASN of the remote IP.
 * Inserts a result object with the ASN of the remote host.
@@ -21,9 +21,9 @@ If your mail server is very busy:
 
 ## Usage
 
-The AS number can be accessed by plugins that run after `connect.asn` like so:
+The AS number can be accessed by plugins that run after `asn` like so:
 
-    var asn = connection.results.get('connect.asn');
+    var asn = connection.results.get('asn');
     if (asn && asn.asn) {
         connection.loginfo(plugin, "hey look, it's ASN: " + asn.asn);
     }
@@ -31,7 +31,7 @@ The AS number can be accessed by plugins that run after `connect.asn` like so:
 
 ## Configuration
 
-The following settings can be set in config/connect.asn.ini.
+The following settings can be set in config/asn.ini.
 
 * providers: comma separated list of DNS zones that provide IP to ASN lookups
 
diff --git a/content/8.plugins/connect.rdns_access.md b/content/8.plugins/connect.rdns_access.md
deleted file mode 100644
index 8fe9e115..00000000
--- a/content/8.plugins/connect.rdns_access.md
+++ /dev/null
@@ -1,69 +0,0 @@
----
-title: connect.rdns_access - Reverse DNS Access Control plugin for Haraka
-description: Haraka connect.rdns_access plugin - Reverse DNS Access Control
-navigation.title: connect.rdns_access
----
-
-# connect.rdns_access plugin
-
-## DEPRECATION NOTICE
-
-See the [access](/plugins/access) plugin for upgrade instructions.
-
-
-connect.rdns\_access
-===================
-
-
-This plugin will evaluate the remote IP address and the remote rDNS hostname
-against a set of white and black lists.  The lists are applied in the following
-way:
-
-connect.rdns\_access.whitelist         (pass)
-connect.rdns\_access.whitelist\_regex   (pass)
-connect.rdns\_access.blacklist         (block)
-connect.rdns\_access.blacklist\_regex   (block)
-
-Configuration connect.rdns\_access.ini
--------------------------------------
-
-General configuration file for this plugin.
-
-* connect.rdns\_access.general.deny\_msg
-
-  Text to send the user on reject (text).
-
-
-Configuration connect.rdns\_access.whitelist
--------------------------------------------
-
-The whitelist is mostly to counter blacklist entries that match more than
-what one would want.  This file should be used for a specific IP address
-or rDNS hostnames, one per line, that should bypass blacklist checks.
-NOTE: We heavily suggest tailoring blacklist entries to be as accurate as
-possible and never using whitelists.  Nevertheless, if you need whitelists,
-here they are.
-
-Configuration connect.rdns\_access.whitelist\_regex
--------------------------------------------------
-
-Does the same thing as the whitelist file, but each line is a regex.
-Each line is also anchored for you, meaning '^' + regex + '$' is added for
-you.  If you need to get around this restriction, you may use a '.*' at
-either the start or the end of your regex.  This should help prevent people
-from writing overly permissive rules on accident.
-
-Configuration connect.rdns\_access.blacklist
--------------------------------------------
-
-This file should be used for a specific IP address or rDNS hostnames, one
-per line, that should fail on connect.
-
-Configuration connect.rdns\_access.blacklist\_regex
--------------------------------------------------
-
-Does the same thing as the blacklist file, but each line is a regex.
-Each line is also anchored for you, meaning '^' + regex + '$' is added for
-you.  If you need to get around this restriction, you may use a '.*' at
-either the start or the end of your regex.  This should help prevent people
-from writing overly permissive rules on accident.
\ No newline at end of file
diff --git a/content/8.plugins/dkim.md b/content/8.plugins/dkim.md
new file mode 100644
index 00000000..250484f8
--- /dev/null
+++ b/content/8.plugins/dkim.md
@@ -0,0 +1,152 @@
+---
+title: dkim - DKIM plugin for Haraka
+description: Haraka DKIM plugin
+navigation.title: dkim
+---
+
+# haraka-plugin-dkim
+
+## INSTALL
+
+```sh
+cd /path/to/local/haraka
+npm install haraka-plugin-dkim
+echo "dkim" >> config/plugins
+service haraka restart
+```
+
+### Configuration
+
+If the default configuration is not sufficient, copy the config file from the distribution into your haraka config dir and then modify it:
+
+```sh
+cp node_modules/haraka-plugin-dkim/config/dkim.ini config/dkim.ini
+$EDITOR config/dkim.ini
+```
+
+## SIGNING
+
+This plugin implements the [DKIM Core specification](dkimcore.org).
+
+### Getting Started
+
+Generate a DKIM selector and keys for your domain:
+
+```sh
+cd /path/to/haraka/config/dkim
+./dkim_key_gen.sh example.org
+```
+
+Within the config/dkim/${domain} directory will be 4 files:
+
+```sh
+ls config/dkim/example.org/
+dns private public selector
+```
+
+The selector file contains the DNS label where the DKIM public key is published. The `private` and `public` files contain the DKIM keys.
+
+The `dns` file contains a formatted record of the public key suitable for copy/pasting into your domains zone file. It also has suggestions for DKIM, SPF, and DMARC policy records.
+
+The DKIM DNS record will look like this:
+
+    may2013._domainkey TXT "v=DKIM1;p=[public key stripped of whitespace];"
+
+The values in the address have the following meaning:
+
+    hash: h=[ sha1 | sha256 ]
+    test; t=[ s | s:y ]
+    granularity: g=[ ]
+    notes: n=[ ]
+    services: s=[email]
+    keytypes: [ rsa ]
+
+## Key size
+
+The default key size created by `dkim_key_gen.sh` is 2048. That is considered secure as of mid-2024.
+
+# What to sign
+
+The DKIM signing key for messages from example.org _should_ be signed with
+a DKIM key for example.org. Failing to do so will result in messages not
+having an _aligned_ DKIM signature. For DMARC enabled domains, this will
+likely result in deliverability problems.
+
+For correct alignment, Haraka signs each message with that domains DKIM key.
+For an alternative, see the legacy Single Domain Configuration below.
+
+# Configuration
+
+DKIM signing is configured in the sign section of `dkim.ini`.
+
+```ini
+[sign]
+enabled = [ 1 | true | yes ], default=false
+headers = list, of; headers (REQUIRED)
+
+; for single domain configuration
+selector = name
+domain = name
+```
+
+- headers: the list of headers that should be signed, separated by commas, colons or semi-colons. Signing prevents tampering with the specified headers. The 'From' header is required by the RFC and will be added if missing.
+
+## Single Domain Configuration
+
+To sign all messages with a single DKIM key, you must set the selector and domain in dkim.ini. You must also save your DKIM private key in the file `dkim.private.key` in the Haraka config directory.
+
+- selector - Set this to the selector name published in DNS under the \_domainkey sub-domain of the domain referenced below.
+- domain - Set this to the domain name that will be used to sign messages which don't match a per-domain DKIM key. The DNS TXT entry for:
+
+  <selector>.\_domainkey.<domain>
+
+Test that your DKIM key is published properly with a DNS request like this:
+
+```sh
+drill TXT $SELECTOR._domainkey.$DOMAIN
+dig TXT $SELECTOR._domainkey.$DOMAIN +short
+```
+
+### Example DNS query
+
+```sh
+export SELECTOR=mar2013
+export DOMAIN=simerson.net
+$ dig TXT $SELECTOR._domainkey.$DOMAIN +short
+"v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyUzGOTSOmakY8BcxXgi0mN/nFegLBPs7aaGQUtjHfa8yUrt9T2j6GSXgdjLuG3R43WjePQv3RHzc+bwwOkdw0XDOXiztn5mhrlaflbVr5PMSTrv64/cpFQKLtgQx8Vgqp7Dh3jw13rLomRTqJFgMrMHdhIibZEa69gtuAfDqoeXo6QDSGk5JuBAeRHEH27FriHulg5ob" "4F4lmh7fMFVsDGkQEF6jaIVYqvRjDyyQed3R3aTJX3fpb3QrtRqvfn/LAf+3kzW58AjsERpsNCSTD2RquxbnyoR/1wdGKb8cUlD/EXvqtvpVnOzHeSeMEqex3kQI8HOGsEehWZlKd+GqwIDAQAB"
+```
+
+# DKIM VERIFY
+
+Verify DKIM signatures as defined by RFC 6376 and add an Authentication-Results header as appropriate.
+
+## Configuration
+
+```ini
+[verify]
+; allowed_time_skew = (How far can we stretch on time matching, in secs. Useful when clock is skewed.)
+; sigerror_log_level =
+```
+
+## Testing
+
+This plugin provides a command-line test tool that can be used to
+debug DKIM issues or to check results.
+
+```
+# dkimverify < message
+identity="@gmail.com" domain="gmail.com" result=pass
+```
+
+You can add `--debug` to the option arguments to see a full trace of the processing.
+
+## Notes
+
+This plugin and underlying library do not currently support DKIM body length limits (l=).
+
+<!-- leave these buried at the bottom of the document -->
+
+[ci-img]: https://github.com/haraka/haraka-plugin-dkim/actions/workflows/ci.yml/badge.svg
+[ci-url]: https://github.com/haraka/haraka-plugin-dkim/actions/workflows/ci.yml
+[clim-img]: https://codeclimate.com/github/haraka/haraka-plugin-dkim/badges/gpa.svg
+[clim-url]: https://codeclimate.com/github/haraka/haraka-plugin-dkim
diff --git a/content/8.plugins/dkim_sign.md b/content/8.plugins/dkim_sign.md
deleted file mode 100644
index ba0c9768..00000000
--- a/content/8.plugins/dkim_sign.md
+++ /dev/null
@@ -1,106 +0,0 @@
----
-title: dkim_sign - DKIM Sign plugin for Haraka
-description: Haraka dkim_sign plugin - DKIM Sign
-navigation.title: dkim_sign
----
-
-# dkim_sign plugin
-
-This plugin implements the DKIM Core specification found at dkimcore.org
-
-DKIM Core is a simplified subset of DKIM which is easier to understand
-and deploy, yet provides all the same delivery advantages as DKIM.
-
-This plugin can only *sign* outbound messages.  It does not validate
-DKIM signatures.
-
-
-## Getting Started
-
-Generate DKIM selector and keys:
-
-    % cd /path/to/haraka/config/dkim
-    ./dkim_key_gen.sh example.org
-
-Peek into the `dkim_key_gen.sh` shell script to see the commands used to
-create and format the DKIM public key. Within the config/dkim/example.org
- directory will be 4 files:
-
-    % ls config/dkim/example.org/
-    dns private public selector
-
-The`private` and `public` files contain the DKIM keys, the selector is
-in the `selector` file and the `dns` file contains a formatted record of
-the public key, as well as suggestions for DKIM, SPF, and DMARC policy
-records. The records in `dns` are ready to be copy/pasted into the DNS
-zone for example.org.
-
-The DKIM DNS record will look like this:
-
-    may2013._domainkey TXT "v=DKIM1;p=[public key stripped of whitespace];"
-
-And the values in the address have the following meaning:
-
-    hash: h=[ sha1 | sha256 ]
-    test; t=[ s | s:y ]
-    granularity: g=[ ]
-    notes: n=[ ]
-    services: s=[email]
-    keytypes: [ rsa ]
-
-
-## Key size
-
-The default key size created by `dkim_key_gen.sh` is 2048. As of mid-2014, there are some DNS providers that do not support key sizes that long.
-
-# What to sign
-
-The DKIM signing key for messages from example.org *should* be signed with
- a DKIM key for example.org. Failing to do so will result in messages not
-having an *aligned* DKIM signature. For DMARC enabled domains, this will
-likely result in deliverability problems.
-
-For correct alignment, Haraka signs each message with that domains DKIM key.
-For an alternative, see the legacy Single Domain Configuration below.
-
-
-# Configuration
-
-This plugin uses the configuration `dkim_sign.ini` in INI format.
-All configuration should appear within the 'main' block and is
-checked for updates on every run.
-
-- disabled = [ 1 | true | yes ]             (OPTIONAL)
-
-    Set this to disable DKIM signing
-
-- headers\_to\_sign = list, of; headers       (REQUIRED)
-
-    Set this to the list of headers that should be signed
-    separated by either a comma, colon or semi-colon.
-    This is to prevent any tampering of the specified headers.
-    The 'From' header is required to be present by the RFC and
-    will be added if it is missing.
-
-
-## Single Domain Configuration
-
-To sign all messages with a single DKIM key, these two config settings
-are required.
-
-- selector = name
-
-    Set this to the selector name published in DNS under the
-    \_domainkey sub-domain of the domain referenced below.
-
-- domain = name
-
-    Set this to the domain name that will be used to sign messages
-    which don't match a per-domain DKIM key.  The DNS TXT entry for:
-
-        <selector>._domainkey.<domain>
-
-- dkim.private.key = filename
-
-    Create a file `dkim.private.key` in the config folder and paste
-    your private key in it.
diff --git a/content/8.plugins/dkim_verify.md b/content/8.plugins/dkim_verify.md
deleted file mode 100644
index 5ddb2011..00000000
--- a/content/8.plugins/dkim_verify.md
+++ /dev/null
@@ -1,40 +0,0 @@
----
-title: dkim_verify - DKIM Verify plugin for Haraka
-description: Haraka dkim_verify plugin - DKIM Verify
-navigation.title: dkim_verify
----
-
-# dkim_verify plugin
-
-This plugin will verify DKIM signatures as defined by RFC 6376 and add
-an Authentication-Results header as appropriate.
-
-
-Configuration
--------------
-
-* allowed_time_skew
-
-  How far can we stretch on time matching, in secs. Useful when clock is skewed.
-
-* sigerror_log_level
-
-
-Testing
--------
-
-This plugin also provides a command-line test tool that can be used to 
-debug DKIM issues or to check results.
-
-````
-# dkimverify < message
-identity="@gmail.com" domain="gmail.com" result=pass
-````
-
-You can add `--debug` to the option arguments to see a full trace of the processing.
-
-
-Notes
------
-
-This plugin and underlying library does not currently support DKIM body length limits (l=).
diff --git a/content/8.plugins/dnsbl.md b/content/8.plugins/dns-list.md
similarity index 90%
rename from content/8.plugins/dnsbl.md
rename to content/8.plugins/dns-list.md
index 235f9917..1fa7997a 100644
--- a/content/8.plugins/dnsbl.md
+++ b/content/8.plugins/dns-list.md
@@ -1,10 +1,10 @@
 ---
-title: dnsbl - DNS Blacklists plugin for Haraka
-description: Haraka dnsbl plugin - DNS Blacklists
-navigation.title: dnsbl
+title: dns-list - DNS Blacklists plugin for Haraka
+description: Haraka dns lists plugin - DNS Blacklists
+navigation.title: dns-list
 ---
 
-# dnsbl plugin
+# dns-list plugin
 
 This plugin looks up the connecting IP address in an IP blocklist. Mails
 found to be in the blocklist are rejected.
@@ -14,9 +14,7 @@ Configuration
 
 This plugins uses the following files:
 
-dnsbl.zones - Contains a list of zones to query, one per line.
-
-dnsbl.ini - INI format with options described below:
+dns-list.ini - INI format with options described below:
 
 * zones
 
diff --git a/content/8.plugins/log.elasticsearch.md b/content/8.plugins/elasticsearch.md
similarity index 98%
rename from content/8.plugins/log.elasticsearch.md
rename to content/8.plugins/elasticsearch.md
index 7ce3adb8..c2457eb2 100644
--- a/content/8.plugins/log.elasticsearch.md
+++ b/content/8.plugins/elasticsearch.md
@@ -1,10 +1,10 @@
 ---
-title: log.elasticsearch - Logs to Elasticsearch plugin for Haraka
-description: Haraka log.elasticsearch plugin - Logs to Elasticsearch
-navigation.title: log.elasticsearch
+title: elasticsearch - Logs to Elasticsearch plugin for Haraka
+description: Haraka elasticsearch plugin - Logs to Elasticsearch
+navigation.title: elasticsearch
 ---
 
-# log.elasticsearch plugin
+# elasticsearch plugin
 
 ## Logging
 
diff --git a/content/8.plugins/connect.fcrdns.md b/content/8.plugins/fcrdns.md
similarity index 90%
rename from content/8.plugins/connect.fcrdns.md
rename to content/8.plugins/fcrdns.md
index 75a54707..ac4bd262 100644
--- a/content/8.plugins/connect.fcrdns.md
+++ b/content/8.plugins/fcrdns.md
@@ -1,10 +1,10 @@
 ---
-title: connect.fcrdns - Forward Confirmed Reverse DNS plugin for Haraka
-description: Haraka connect.fcrdns plugin - Forward Confirmed Reverse DNS
-navigation.title: connect.fcrdns
+title: fcrdns - Forward Confirmed Reverse DNS plugin for Haraka
+description: Haraka fcrdns plugin - Forward Confirmed Reverse DNS
+navigation.title: fcrdns
 ---
 
-# connect.fcrdns plugin
+# fcrdns plugin
 
 ## DESCRIPTION
 
@@ -17,14 +17,14 @@ See [FCrDNS at wikipedia](http://en.wikipedia.org/wiki/FCrDNS)
 
 Other plugins can use FCrDNS results like this:
 
-    var fcrdns = connection.results.get('connect.fcrdns');
+    var fcrdns = connection.results.get('fcrdns');
     if (fcrdns) {
         if (fcrdns.fcrdns) {
             // they passed, reward them
         }
 
         var fails = fcrdns.fail;
-        if (connection.results.has('connect.fcrdns', 'fail', /^is_generic/) {
+        if (connection.results.has('fcrdns', 'fail', /^is_generic/) {
             // their IP is in their hostname, unlikely to be MX, penalize
         }
     }
@@ -32,7 +32,7 @@ Other plugins can use FCrDNS results like this:
 
 ## CONFIGURATION
 
-Edit config/connect.fcrdns.ini
+Edit config/fcrdns.ini
 
 This plugin honors the whitelisting of IPs as set by the rdns\_access plugin.
 For that to work, rdns\_access needs to be listed *before* this plugin in
diff --git a/content/8.plugins/connect.geoip.md b/content/8.plugins/geoip.md
similarity index 100%
rename from content/8.plugins/connect.geoip.md
rename to content/8.plugins/geoip.md
diff --git a/content/8.plugins/data.headers.md b/content/8.plugins/headers.md
similarity index 100%
rename from content/8.plugins/data.headers.md
rename to content/8.plugins/headers.md
diff --git a/content/8.plugins/mail_from.access.md b/content/8.plugins/mail_from.access.md
deleted file mode 100644
index faa85c6d..00000000
--- a/content/8.plugins/mail_from.access.md
+++ /dev/null
@@ -1,68 +0,0 @@
----
-title: mail_from.access - ACL plugin for Haraka
-description: Haraka mail_from.access plugin - Access control for mail_from
-navigation.title: mail_from.access
----
-
-# mail_from.access plugin
-
-## DEPRECATION NOTICE
-
-See the [access](/plugins/access) plugin
-for upgrade instructions.
-
-
-mail\_from.access
-===================
-
-This plugin will evaluate the address against a set of white and black lists.
-The lists are applied in the following way:
-
-mail\_from.access.whitelist          (pass)
-mail\_from.access.whitelist\_regex   (pass)
-mail\_from.access.blacklist          (block)
-mail\_from.access.blacklist\_regex   (block)
-
-Configuration mail\_from.access.ini
--------------------------------------
-
-General configuration file for this plugin.
-
-* mail\_from.access.general.deny\_msg
-
-  Text to send the user on reject (text).
-
-
-Configuration mail\_from.access.whitelist
--------------------------------------------
-
-The whitelist is mostly to counter blacklist entries that match more than
-what one would want.  This file should be used for a specific address,
-one per line, that should bypass blacklist checks.
-NOTE: We heavily suggest tailoring blacklist entries to be as accurate as
-possible and never using whitelists.  Nevertheless, if you need whitelists,
-here they are.
-
-Configuration mail\_from.access.whitelist\_regex
--------------------------------------------------
-
-Does the same thing as the whitelist file, but each line is a regex.
-Each line is also anchored for you, meaning '^' + regex + '$' is added for
-you.  If you need to get around this restriction, you may use a '.*' at
-either the start or the end of your regex.  This should help prevent people
-from writing overly permissive rules on accident.
-
-Configuration mail\_from.access.blacklist
--------------------------------------------
-
-This file should be used for a specific address, one per line, that should
-fail on connect.
-
-Configuration mail\_from.access.blacklist\_regex
--------------------------------------------------
-
-Does the same thing as the blacklist file, but each line is a regex.
-Each line is also anchored for you, meaning '^' + regex + '$' is added for
-you.  If you need to get around this restriction, you may use a '.*' at
-either the start or the end of your regex.  This should help prevent people
-from writing overly permissive rules on accident.
\ No newline at end of file
diff --git a/content/8.plugins/max_unrecognized_commands.md b/content/8.plugins/max_unrecognized_commands.md
deleted file mode 100644
index aeaeb81c..00000000
--- a/content/8.plugins/max_unrecognized_commands.md
+++ /dev/null
@@ -1,27 +0,0 @@
----
-title: max_unrecognized_commands - Max Unrecognized Commands plugin for Haraka
-description: Haraka max_unrecognized_commands plugin - Rejects messages with too many unrecognized commands
-navigation.title: max_unrecognized_commands
----
-
-# max_unrecognized_commands plugin
-
-This plugin places a maximum limit on the number of unrecognized commands
-allowed before recognising that the connection is bad.
-
-If the limit is reached the connecting client is sent an error message and
-immediately (and rudely - technically an RFC violation) disconnected.
-
-**IMPORTANT**: 
-This plugin should be listed near the bottom of `config/plugins` so that it
-runs after any plugins that use the unrecognized_command hook to implement
-other SMTP verbs and extensions (such as the auth/* plugins), otherwise
-commands valid for these plugins will be counted as unknown by this plugin.
-
-Configuration
--------------
-
-* max\_unrecognized\_commands
-
-  Specifies the number of unrecognized commands to allow before disconnecting.
-  Default: 10.
\ No newline at end of file
diff --git a/content/8.plugins/connect.p0f.md b/content/8.plugins/p0f.md
similarity index 85%
rename from content/8.plugins/connect.p0f.md
rename to content/8.plugins/p0f.md
index 01c2c56a..bfc9312a 100644
--- a/content/8.plugins/connect.p0f.md
+++ b/content/8.plugins/p0f.md
@@ -1,10 +1,10 @@
 ---
-title: connect.p0f - TCP Fingerprinting plugin for Haraka
-description: Haraka connect.p0f plugin - TCP Fingerprinting
-navigation.title: connect.p0f
+title: p0f - TCP Fingerprinting plugin for Haraka
+description: Haraka p0f plugin - TCP Fingerprinting
+navigation.title: p0f
 ---
 
-# connect.p0f plugin
+# p0f plugin
 
 Use TCP fingerprint info (remote computer OS, network distance, etc) to
 implement more sophisticated anti-spam policies.
@@ -45,10 +45,10 @@ server starts up.
 
 add an entry to config/plugins to enable p0f:
 
-    connect.p0f
+    p0f
 
 
-3. review settings in config/connect.p0f.ini
+3. review settings in config/p0f.ini
 
 
 ## Startup
diff --git a/content/8.plugins/rate_limit.md b/content/8.plugins/rate_limit.md
deleted file mode 100644
index 680b8a1a..00000000
--- a/content/8.plugins/rate_limit.md
+++ /dev/null
@@ -1,157 +0,0 @@
----
-title: rate_limit - Rate limit connections plugin for Haraka
-description: Haraka rate_limit plugin - Rate limit connections
-navigation.title: rate_limit
----
-
-# rate_limit plugin
-
-Enforce limits on connection concurrency, connection rate, and recipient rate.
-
-By default DENYSOFT will be returned when the limits are exceeded, but for 
-concurrency, connection rate and recipient rate by host you can optionally 
-tarpit the connection by adding a delay before every response sent back to the 
-client instead of sending a DENYSOFT.  To do this requires the 'tarpit' plugin 
-to run immediately after this plugin.
-
-To use this plugin you will need a Redis server and will need the redis, 
-hiredis and ipaddr.js packages installed via:
-
-    cd /path/to/haraka/home
-    npm install redis hiredis ipaddr.js
-    
-Configuration
--------------
-
-This plugin uses the configuration file rate\_limit.ini which is checked for 
-updates before each hook, so changes to this file will never require a restart 
-and will take effect seconds after the changes are saved.
-
-The configuration options for each heading are detailed below:
-
-### [main]
-
-- redis\_server = \<ip | host\>[:port] *(optional)*
-
-    If port is missing then it defaults to 6379.  
-    If this setting is missing entirely then it defaults to 127.0.0.1:6379.
-    
-    Note that Redis does not currently support IPv6.
-
-- tarpit\_delay = seconds *(optional)*
-
-    Set this to the length in seconds that you want to delay every SMTP 
-    response to a remote client that has exceeded the rate limits.  For this 
-    to work the 'tarpit' plugin must be loaded **after** this plugin in 
-    config/plugins. 
-
-    If 'tarpit' is not loaded or is loaded before this plugin, then no
-    rate throttling will occur.
-
-* * *
-
-All of the following sections are optional.  Any missing section disables 
-that particular test.
-
-They all use a common configuration format:
-
-- \<lookup\> = \<limit\>[/time[unit]]  *(optional)*
-
-   'lookup' is based upon the limit being enforced and is either an IP 
-   address, rDNS name, sender address or recipient address either in full 
-   or part.  
-   The lookup order is as follows and the first match in this order is 
-   returned and is used as the record key in Redis (except for 'default' 
-   which always uses the full lookup for that test as the record key):
-   
-   **IPv4/IPv6 address or rDNS hostname:**
-
-   <pre>
-   fe80:0:0:0:202:b3ff:fe1e:8329
-   fe80:0:0:0:202:b3ff:fe1e
-   fe80:0:0:0:202:b3ff
-   fe80:0:0:0:202
-   fe80:0:0:0
-   fe80:0:0
-   fe80:0
-   fe80
-   1.2.3.4
-   1.2.3
-   1.2
-   1
-   host.part.domain.com
-   part.domain.com
-   domain.com
-   com
-   default
-   </pre>
-
-   **Sender or Recipient address:**
- 
-   <pre>
-   user@host.sub.part.domain.com
-   host.sub.part.domain.com
-   sub.part.domain.com
-   part.domain.com
-   domain.com
-   com
-   default
-   </pre>
-
-   In all tests 'default' is used to specify a default limit if nothing else has 
-   matched.
-   
-   'limit' specifies the limit for this lookup.  Specify 0 (zero) to disable 
-   limits on a matching lookup.
-   
-   'time' is optional and if missing defaults to 60 seconds.  You can optionally 
-   specify the following time units (case-insensitive):
-   
-   - s (seconds)
-   - m (minutes)
-   - h (hours)
-   - d (days)
-
-### [concurrency]
-
-**IMPORTANT NOTE:** connection concurrency is recorded in-memory (in 
-connection.server.notes) and not in Redis, so the limits are per-server and 
-per-child if you use the cluster module.
-
-IP and rDNS names are looked up by this test.  This section does *not* accept an 
-interval.  It's a hard limit on the number of connections and not based on time.
-
-### [rate\_conn]
-
-This section limits the number of connections per interval from a given host 
-or set of hosts.
-
-IP and rDNS names are looked up by this test.
-
-### [rate\_rcpt\_host]
-
-This section limits the number of recipients per interval from a given host or 
-set of hosts. 
-
-IP and rDNS names are looked up by this test.
-
-### [rate\_rcpt\_sender]
-
-This section limits the number of recipients per interval from a sender or 
-sender domain.
-
-The sender is looked up by this test.
-
-### [rate\_rcpt]
-
-This section limits the rate which a recipient or recipient domain can 
-receive messages over an interval.
-
-Each recipient is looked up by this test.
-
-### [rate\_rcpt\_null]
-
-This section limits the rate at which a recipient can receive messages from 
-a null sender (e.g. DSN, MDN etc.) over an interval.
-
-Each recipient is looked up by this test.
\ No newline at end of file
diff --git a/content/8.plugins/rcpt_to.access.md b/content/8.plugins/rcpt_to.access.md
deleted file mode 100644
index 5f0dcc59..00000000
--- a/content/8.plugins/rcpt_to.access.md
+++ /dev/null
@@ -1,66 +0,0 @@
----
-title: rcpt_to.access - Access control for RCPT TO plugin for Haraka
-description: Haraka rcpt_to.access plugin - Access control for RCPT TO
-navigation.title: rcpt_to.access
----
-
-# rcpt_to.access plugin
-
-## DEPRECATION NOTICE
-
-See the [access](http://haraka.github.io/plugins/access) plugin for upgrade instructions.
-
-rcpt\_to.access
-===================
-
-This plugin blocks RCPT\_TO addresses in a list or regex.
-This plugin will evaluate the RCPT\_TO address against a set of white and black
-lists.  The lists are applied in the following way:
-
-rcpt\_to.access.whitelist          (pass)
-rcpt\_to.access.whitelist\_regex   (pass)
-rcpt\_to.access.blacklist          (block)
-rcpt\_to.access.blacklist\_regex   (block)
-
-Configuration rcpt\_to.access.ini
--------------------------------------
-
-General configuration file for this plugin.
-
-* rcpt\_to.access.general.deny\_msg
-
-  Text to send the user on reject (text).
-
-Configuration rcpt\_to.access.whitelist
--------------------------------------------
-
-The whitelist is mostly to counter blacklist entries that match more than
-what one would want.  This file should be used for a specific address
-one per line, that should bypass blacklist checks.
-NOTE: We heavily suggest tailoring blacklist entries to be as accurate as
-possible and never using whitelists.  Nevertheless, if you need whitelists,
-here they are.
-
-Configuration rcpt\_to.access.whitelist\_regex
--------------------------------------------------
-
-Does the same thing as the whitelist file, but each line is a regex.
-Each line is also anchored for you, meaning '^' + regex + '$' is added for
-you.  If you need to get around this restriction, you may use a '.*' at
-either the start or the end of your regex.  This should help prevent people
-from writing overly permissive rules on accident.
-
-Configuration rcpt\_to.access.blacklist
--------------------------------------------
-
-This file should be used for a specific address, one per line, that should
-fail on connect.
-
-Configuration rcpt\_to.access.blacklist\_regex
--------------------------------------------------
-
-Does the same thing as the blacklist file, but each line is a regex.
-Each line is also anchored for you, meaning '^' + regex + '$' is added for
-you.  If you need to get around this restriction, you may use a '.*' at
-either the start or the end of your regex.  This should help prevent people
-from writing overly permissive rules on accident.
\ No newline at end of file
diff --git a/content/8.plugins/rcpt_to.max_count.md b/content/8.plugins/rcpt_to.max_count.md
deleted file mode 100644
index b69df3b6..00000000
--- a/content/8.plugins/rcpt_to.max_count.md
+++ /dev/null
@@ -1,17 +0,0 @@
----
-title: rcpt_to.max_count - Limit the number of recipients per connection
-description: Haraka rcpt_to.max_count plugin - Limit the number of recipients per connection
-navigation.title: rcpt_to.max_count
----
-
-# rcpt_to.max_count plugin
-
-This plugin sets a maximum limit on RCPT TOs. Violators will be disconnected.
-
-Configuration
--------------
-
-* rcpt\_to.max\_count
-
-  The maximum number of recipients. Default: 40.
-
diff --git a/content/8.plugins/relay_acl.md b/content/8.plugins/relay_acl.md
deleted file mode 100644
index 1122d2c4..00000000
--- a/content/8.plugins/relay_acl.md
+++ /dev/null
@@ -1,35 +0,0 @@
----
-title: relay_acl - Relay mail based on ACL
-description: Haraka relay acl plugin - Relay outbound mails using IP based ACLs and relay inbound mails using destination domains
-navigation.title: relay_acl
----
-
-# relay_acl plugin
-
-This plugin makes it possible to relay outbound mails using IP based ACLs
-and relay inbound mails using destination domains.
-
-Configuration
--------------
-
-* `config/relay_acl_allow`
-    Allowed IP ranges in CIDR notation, one per line.
-    IPs listed in here will be allowed to send mails without any furthur
-    checks.
-
-* `config/relay_dest_domains.ini`
-    Allowed destination domains. The format is in ini file, the domain
-    is the key and the value is in JSON, all under the [domains] section.
-    Currently supported field is "action": where the value can be
-    "accept" (accept the mail without further checks), "continue" (mails
-    are still subjected to further checks) or "deny" (reject the mails).
-
-    An example:
-
-    [domains]  
-    test.com = { "action": "continue" }
-
-    Please note that this config/relay\_dest\_domains.ini is shared with
-    plugins/relay\_force\_routing.js, which uses additional fields.
-
-
diff --git a/content/8.plugins/relay_all.md b/content/8.plugins/relay_all.md
deleted file mode 100644
index 02cfd49f..00000000
--- a/content/8.plugins/relay_all.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: relay_all - Relay all mail to a specific host
-description: Haraka relay_all plugin - Relay all mail to a specific host
-navigation.title: relay_all
----
-
-# relay_all plugin
-
-This plugin is useful in spamtraps to accept mail to any host, and to allow
-any user from anywhere to send email.
-
-Do NOT use this plugin on a real mail server, unless you really know what
-you are doing. If you use this plugin with anything that relays mail (such
-as forwarding to a real mail server, or the `deliver` plugin), your mail
-server is now an open relay.
-
-This is BAD. Hence the big letters. In short: DO NOT USE THIS PLUGIN.
-
-It is useful for testing, hence why it is here. Also I work with spamtraps
-a lot, so it is useful there.
\ No newline at end of file
diff --git a/content/8.plugins/relay_force_routing.md b/content/8.plugins/relay_force_routing.md
deleted file mode 100644
index 0bd780a5..00000000
--- a/content/8.plugins/relay_force_routing.md
+++ /dev/null
@@ -1,38 +0,0 @@
----
-title: relay_force_routing.js - Force routing of mail to a specific host
-description: Haraka relay_force_routing plugin - Force routing of mail to a specific host
-navigation.title: relay_force_routing
----
-
-# relay_force_routing plugin
-
-This plugin allows you to force the next hop for the configured domains.
-It works a lot like the transport map of Postfix.
-
-Configuration
--------------
-
-* `config/relay_dest_domains.ini`
-    This config file is shared with relay\_acl.js, for the basics see the
-    documentation provided by plugins/relay\_acl.js.
-
-    relay\_force\_routing.js adds the field "nexthop": in the JSON value
-    of the domain. The value of "nexthop": can be hostname or IP optionally
-    follow by :port.
-
-    Example:
-
-    [domains]  
-    test.com = { "action": "continue", "nexthop": "127.0.0.1:2525" }
-  
-    You can also define a default relay using the "any" domain, which will be
-    used if the message's destination domain doesn't match any of the domains
-    already defined.
-
-    Example:
-```
-        [domains]  
-        test.com = { "action": "continue", "nexthop": "127.0.0.1:2525" }
-        my.test.com = { "action": "continue", "nexthop": "127.0.0.1:2527" }
-        any = { "action": "continue", "nexthop": "10.10.10.1:2525"}
-```
\ No newline at end of file
diff --git a/content/8.plugins/log.syslog.md b/content/8.plugins/syslog.md
similarity index 66%
rename from content/8.plugins/log.syslog.md
rename to content/8.plugins/syslog.md
index fc1d4267..2b173b30 100644
--- a/content/8.plugins/log.syslog.md
+++ b/content/8.plugins/syslog.md
@@ -1,19 +1,19 @@
 ---
-title: log.syslog - Logs to syslog plugin for Haraka
-description: Haraka log.syslog plugin - Logs to syslog
-navigation.title: log.syslog
+title: syslog - Logs to syslog plugin for Haraka
+description: Haraka syslog plugin - Logs to syslog
+navigation.title: syslog
 ---
 
-# log.syslog plugin
+# syslog plugin
 
 This plugin adds syslog support to haraka.  Most log levels in haraka
 already map to valid levels in syslog.  Additional log levels in haraka
-fall under the DEBUG syslog level.  Note: this plugin requires modern-syslog and you need enable/add log.syslog inside config/plugins at the top of the file.
+fall under the DEBUG syslog level.  Note: this plugin requires modern-syslog and you need enable/add syslog inside config/plugins at the top of the file.
 
-Configuration log.syslog.ini
+Configuration syslog.ini
 ----------------------------
 
-This is the general configuration file for the log.syslog plugin.
+This is the general configuration file for the syslog plugin.
 In it you can find ways to customize the syslog service name, set the
 logging facility, and set any syslog options you wish. For example:
 ```
@@ -23,12 +23,12 @@ name=SomeOtherName
 Sane defaults are
 chosen for you.
 
-* log.syslog.general.name (default: haraka)
+* syslog.general.name (default: haraka)
 
   The service name to show up in the logs.
 
 
-* log.syslog.general.facility (default: MAIL)
+* syslog.general.facility (default: MAIL)
 
   The syslog logging facility to use.  MAIL makes the most sense, but some
   default syslog configs may try to do something special with this log level.
@@ -46,36 +46,36 @@ chosen for you.
       UUCP
       LOCAL0 ... LOCAL7
 
-* log.syslog.general.pid (default: 1)
+* syslog.general.pid (default: 1)
 
   Option to put the PID in the log message.
 
 
-* log.syslog.general.odelay (default: 1)
+* syslog.general.odelay (default: 1)
 
   Option to open the connection on the first log message.
 
 
-* log.syslog.general.ndelay (default: 0)
+* syslog.general.ndelay (default: 0)
 
     Option to open the connection immediately.
 
 
-* log.syslog.general.cons (default: 0)
+* syslog.general.cons (default: 0)
 
     Option to write directly to system console if there is an error
     while sending to system logger.
 
 
-* log.syslog.general.nowait (default: 0)
+* syslog.general.nowait (default: 0)
 
     Don't wait for child processes that may have been created while
     logging the message.
 
 
-* log.syslog.general.always\_ok (default: false)
+* syslog.general.always\_ok (default: false)
 
     If false, then this plugin will return with just next() allowing other
     plugins that have registered for the log hook to run.  To speed things up,
     if no other log hooks need to run (daemon), then one can make this true.
-    This will case the plugin to always call next(OK).
\ No newline at end of file
+    This will case the plugin to always call next(OK).
diff --git a/content/8.plugins/data.uribl.md b/content/8.plugins/uribl.md
similarity index 93%
rename from content/8.plugins/data.uribl.md
rename to content/8.plugins/uribl.md
index 909ee447..80355505 100644
--- a/content/8.plugins/data.uribl.md
+++ b/content/8.plugins/uribl.md
@@ -1,10 +1,10 @@
 ---
-title: data.uribl - URI Blacklists plugin for Haraka
-description: Haraka data.uribl plugin - URI Blacklists
-navigation.title: data.uribl
+title: uribl - URI Blacklists plugin for Haraka
+description: Haraka uribl plugin - URI Blacklists
+navigation.title: uribl
 ---
 
-# data.uribl plugin
+# uribl plugin
 
 This plugin extracts URIs and feeds them to RHS based blacklists such as 
 [DBL][1] and [SEM-FRESH][2] and body URI based DNS blacklists such as 
@@ -17,7 +17,7 @@ convert any URI ending in in-addr.arpa into an IP address lookup.
 Configuration
 -------------
 
-This plugin reads configuration from data.uribl.ini.
+This plugin reads configuration from uribl.ini.
 
 The main section defines global settings for all lists and the blacklists
 zones are specified as INI section headings with the configuration for 
@@ -113,7 +113,7 @@ The following are optional for each list:
 Other files
 -----------
 
-* data.uribl.excludes 
+* uribl.excludes 
 
   This contains a list of domains that should never be looked up in
   any blacklist as they are known good and will never be listed.
@@ -122,4 +122,4 @@ Other files
 [1]: http://www.spamhaus.org/dbl
 [2]: http://spameatingmonkey.com/lists.html#SEM-FRESH
 [3]: http://www.surbl.org/
-[4]: http://www.uribl.com/
\ No newline at end of file
+[4]: http://www.uribl.com/