[Doc] Use UCL highlighter instead of nginx

28 files changed, 131 insertions, 124 deletions

diff --git a/doc/markdown/architecture/index.md b/doc/markdown/architecture/index.md
index 324c5260a..45e52fa8e 100644
--- a/doc/markdown/architecture/index.md
+++ b/doc/markdown/architecture/index.md
@@ -2,7 +2,7 @@
 
 ## Introduction
 
-Rspamd is a universal spam filtering system based on event-driven processing 
+Rspamd is a universal spam filtering system based on event-driven processing
 model. It means that rspamd is intended not to block anywhere in the code. To
 process messages rspamd uses a set of so called `rules`. Each `rule` is a symbolic
 name associated with some message property. For example, we can define the following
@@ -24,7 +24,7 @@ written in Lua. There is no real difference between these two types with the exc
 that C modules are embeded all the time and can be enabled in `filters` attribute
 in the `options` section of the config:
 
-~~~nginx
+~~~ucl
 options {
  filters = "regexp,surbl,spf,dkim,fuzzy_check,chartable,email";
  ...
@@ -83,7 +83,7 @@ Rspamd defines the following actions:
 These actions are just recommendations for MTA and are not to be strictly followed.
 For all actions that are greater or equal than `greylist` it is recommended to
 perform explicit greylisting. `Add header` and `rewrite subject` actions are very
-close in semantics and are both considered as `probable spam`. `Reject` is a 
+close in semantics and are both considered as `probable spam`. `Reject` is a
 strong rule that usually means that a message should be really rejected by MTA.
 The triggering score for these actions should be specified according to their logic
 priorities. If two actions have the same weight, the result is unspecified.
@@ -106,7 +106,7 @@ Rspamd uses statistic algorithms to precise the final score of a message. Curren
 the only algorithm defined is OSB-Bayes. You may find the concrete details of this
 algorithm in the following [paper](http://osbf-lua.luaforge.net/papers/osbf-eddc.pdf).
 Rspamd uses window size of 5 words in its classification. During classification procedure,
-rspamd split a message to a set of tokens. 
+rspamd split a message to a set of tokens.
 
 Tokens are separated by punctiation or space characters. Short tokens (less than 3 symbols) are ignored. For each token rspamd
 calculates two non-cryptographic hashes used subsequently as indices. All these tokens
@@ -115,7 +115,7 @@ is a set of token chains, indexed by the first hash. A new token may be inserted
 chain, and if this chain is full then rspamd tries to expire less significant tokens to
 insert a new one. It is possible to obtain the current state of tokens by running
 
-	rspamc stat 
+	rspamc stat
 
 command that asks controller for free and used tokens in each statfile.
 Please note that if a statfile is close to be completely filled then during subsequent
@@ -123,23 +123,23 @@ learning you will loose existing data. Therefore, it is recommended to increase
 such statfiles.
 
 ## Running rspamd
- 
-There are several command-line options that can be passed to rspamd. All of them can be displayed by passing `--help` argument: 
 
-All options are optional: by default rspamd would try to read `etc/rspamd.conf` config file and run as daemon. Also there is test mode that can be turned on by passing `-t` argument. In test mode, rspamd reads config file and checks its syntax. If a configuration file is OK, then exit code is zero. Test mode is useful for testing new config file withou rspamd restart. `--convert-config` option can be used to convert old style (pre 0.6.0) config to [ucl](../configuration/ucl.md) one: 
+There are several command-line options that can be passed to rspamd. All of them can be displayed by passing `--help` argument:
+
+All options are optional: by default rspamd would try to read `etc/rspamd.conf` config file and run as daemon. Also there is test mode that can be turned on by passing `-t` argument. In test mode, rspamd reads config file and checks its syntax. If a configuration file is OK, then exit code is zero. Test mode is useful for testing new config file withou rspamd restart. `--convert-config` option can be used to convert old style (pre 0.6.0) config to [ucl](../configuration/ucl.md) one:
 
 	$ rspamd -c ./rspamd.xml --convert-conf ./rspamd.conf
 
- 
+
 ## Managing rspamd using signals
 
-First of all, it is important to note that all user's signals should be sent to rspamd main process and not to its children (as for child processes these signals can have other meanings). To determine which process is main you can use two ways: 
+First of all, it is important to note that all user's signals should be sent to rspamd main process and not to its children (as for child processes these signals can have other meanings). To determine which process is main you can use two ways:
 
-- by reading pidfile: 
+- by reading pidfile:
 
 		$ cat pidfile
 
-- by getting process info: 
+- by getting process info:
 
 		$ ps auxwww | grep rspamd
 		nobody 28378  0.0  0.2 49744  9424   rspamd: main process
@@ -147,14 +147,14 @@ First of all, it is important to note that all user's signals should be sent to
 		nobody 64083  0.0  0.3 51792 11036   rspamd: worker process
 		nobody 64084  0.0  2.7 158288 114200 rspamd: controller process
 		nobody 64085  0.0  1.8 116304 75228  rspamd: fuzzy storage
-	
+
 		$ ps auxwww | grep rspamd | grep main
 		nobody 28378  0.0  0.2 49744  9424   rspamd: main process
 
 After getting the pid of main process it is possible to manage rspamd with signals:
- 
-- `SIGHUP` - restart rspamd: reread config file, start new workers (as well as controller and other processes), stop accepting connections by old workers, reopen all log files. Note that old workers would be terminated after one minute that should allow to process all pending requests. All new requests to rspamd will be processed by newly started workers. 
+
+- `SIGHUP` - restart rspamd: reread config file, start new workers (as well as controller and other processes), stop accepting connections by old workers, reopen all log files. Note that old workers would be terminated after one minute that should allow to process all pending requests. All new requests to rspamd will be processed by newly started workers.
 - `SIGTERM` - terminate rspamd system.
-- `SIGUSR1` - reopen log files (useful for log files rotation). 
+- `SIGUSR1` - reopen log files (useful for log files rotation).
 
-These signals may be used in start scripts as it is done in `FreeBSD` start script. Restarting of rspamd is performed softly: no connections are dropped and if a new config is incorrect then the old config is used. 
\ No newline at end of file
+These signals may be used in start scripts as it is done in `FreeBSD` start script. Restarting of rspamd is performed softly: no connections are dropped and if a new config is incorrect then the old config is used.
diff --git a/doc/markdown/configuration/composites.md b/doc/markdown/configuration/composites.md
index 09815df25..88090cf33 100644
--- a/doc/markdown/configuration/composites.md
+++ b/doc/markdown/configuration/composites.md
@@ -9,7 +9,7 @@ in a joint expression.
 
 For example, you can define a composite that is added when two of symbols are found:
 
-~~~nginx
+~~~ucl
 composite {
 	name = "TEST_COMPOSITE";
 	expression = "SYMBOL1 and SYMBOL2";
@@ -31,7 +31,7 @@ You can use the following operations in a composite expression:
 You also can use braces to define priorities. Otherwise operators are evaluated from left to right.
 For example:
 
-~~~nginx
+~~~ucl
 composite {
     name = "TEST";
     expression = "SYMBOL1 and SYMBOL2 and ( not SYMBOL3 | not SYMBOL4 | not SYMBOL5 )";
@@ -39,7 +39,7 @@ composite {
 ~~~
 
 Composite rule can include other composites in the body. There is no restriction of definition order:
-~~~nginx
+~~~ucl
 composite {
     name = "TEST1";
     expression = "SYMBOL1 AND TEST2";
@@ -66,9 +66,9 @@ For example, you have symbol `A` and `B` with weights `W_a` and `W_b` and a comp
 It is also possible to include the whole group of symbols to a composite rule. This
 efficiently means **any** symbol of the specified group:
 
-~~~nginx
+~~~ucl
 composite {
     name = "TEST2";
     expression = "SYMBOL2 && !g:mua";
 }
-~~~
\ No newline at end of file
+~~~
diff --git a/doc/markdown/configuration/index.md b/doc/markdown/configuration/index.md
index 23781003f..27467777e 100644
--- a/doc/markdown/configuration/index.md
+++ b/doc/markdown/configuration/index.md
@@ -25,7 +25,7 @@ parts.
 The basic rspamd configuration is stored in $CONFDIR/rspamd.conf. By default, this
 file looks like this one:
 
-~~~nginx
+~~~ucl
 lua = "$CONFDIR/lua/rspamd.lua"
 
 .include "$CONFDIR/options.conf"
@@ -53,7 +53,7 @@ section that describes composite symbols. Statistical filters are defined in
 and internal modules) in [modules](../modules/index.md) section while modules itself are
 loaded from the following portion of configuration:
 
-~~~nginx
+~~~ucl
 modules {
 	path = "$PLUGINSDIR/lua/"
 }
diff --git a/doc/markdown/configuration/metrics.md b/doc/markdown/configuration/metrics.md
index 88a6d7c07..639c6f08e 100644
--- a/doc/markdown/configuration/metrics.md
+++ b/doc/markdown/configuration/metrics.md
@@ -37,7 +37,7 @@ configuration defines merely the `default` metric.
 Each metric is defined by a `metric` object in rspamd configuration. This object has one
 mandatory attribute - `name` which defines the name of this metric:
 
-~~~nginx
+~~~ucl
 metric {
    # Define default metric
    name = "default";
@@ -72,7 +72,7 @@ The content of this section is separated to the two main parts: symbols and acti
 Actions section is an object of all actions defined by this metric. If some actions are skipped,
 they won't be ever suggested by rspamd. Actions section looks as following:
 
-~~~nginx
+~~~ucl
 metric {
 ...
 	actions {
@@ -96,7 +96,7 @@ Symbols are defined by an object with the following properties:
 
 So far, the symbol definition looks like this one:
 
-~~~nginx
+~~~ucl
 symbol { 
     name = "RWL_SPAMHAUS_WL_IND"; 
     weight = -0.7; 
@@ -114,7 +114,7 @@ Symbols can be grouped to specify their common functionality. For example, one m
 which could be useful, for instance if some specific group should not unconditionally send a message
 to `spam` class. Here is an example of such a functionality:
 
-~~~nginx
+~~~ucl
 metric {
 	name = default; # This is mandatory option
 	
@@ -136,4 +136,4 @@ metric {
 		}
 	}
 }
-~~~
\ No newline at end of file
+~~~
diff --git a/doc/markdown/configuration/options.md b/doc/markdown/configuration/options.md
index 9d11a2007..29a7bde5e 100644
--- a/doc/markdown/configuration/options.md
+++ b/doc/markdown/configuration/options.md
@@ -5,7 +5,7 @@
 Options section defines the basic rspamd behaviour and are global for all types of workers.
 The default options are depicted in the following example configuration snippet:
 
-~~~nginx
+~~~ucl
 filters = "chartable,dkim,spf,surbl,regexp,fuzzy_check";
 raw_mode = false;
 one_shot = false;
@@ -62,7 +62,7 @@ These options live in a separate subsection named `dns` and specify the behaviou
 
 * `nameserver`: list (or array) of DNS servers to be used (if this option is missed, then `/etc/resolv.conf` is parsed instead). It is also possible to specify weights of DNS servers to balance the payload, e.g.
 
-~~~nginx
+~~~ucl
 options {
 	dns {
 		# 9/10 on 127.0.0.1 and 1/10 to 8.8.8.8
diff --git a/doc/markdown/configuration/settings.md b/doc/markdown/configuration/settings.md
index 785692129..00432d241 100644
--- a/doc/markdown/configuration/settings.md
+++ b/doc/markdown/configuration/settings.md
@@ -9,13 +9,13 @@ and updated automatically if a corresponding file or URL has changed since last
 
 To load settings as dynamic map, you can set 'settings' to a map string:
 
-~~~nginx
+~~~ucl
 settings = "http://host/url"
 ~~~
 
 If you don't want dynamic updates then you can set settings to an object:
 
-~~~nginx
+~~~ucl
 settings {
 	setting1 = {
 	...
@@ -30,7 +30,7 @@ settings {
 
 The settings file itself should contain a single section called "settings":
 
-~~~nginx
+~~~ucl
 settings {
 	some_users {
 		priority = high;
diff --git a/doc/markdown/configuration/ucl.md b/doc/markdown/configuration/ucl.md
index 7fb49a9e2..56b582c1f 100644
--- a/doc/markdown/configuration/ucl.md
+++ b/doc/markdown/configuration/ucl.md
@@ -32,7 +32,7 @@ For example, you can write the same configuration in the following ways:
 
 * in nginx like:
 
-~~~nginx
+~~~ucl
 param = value;
 section {
     param = value;
@@ -43,7 +43,7 @@ section {
     string = "something";
     subsection {
         host = {
-            host = "hostname"; 
+            host = "hostname";
             port = 900;
         }
         host = {
@@ -96,7 +96,7 @@ is equal to:
 
 * There is no requirement of quotes for strings and keys, moreover, `:` may be replaced `=` or even be skipped for objects:
 
-~~~nginx
+~~~ucl
 key = value;
 section {
     key = value;
@@ -146,7 +146,7 @@ is converted to:
 
 UCL accepts named keys and organize them into objects hierarchy internally. Here is an example of this process:
 
-~~~nginx
+~~~ucl
 section "blah" {
 	key = value;
 }
@@ -157,7 +157,7 @@ section foo {
 
 is converted to the following object:
 
-~~~nginx
+~~~ucl
 section {
 	blah {
 		key = value;
@@ -167,10 +167,10 @@ section {
 	}
 }
 ~~~
-    
+
 Plain definitions may be more complex and contain more than a single level of nested objects:
-   
-~~~nginx
+
+~~~ucl
 section "blah" "foo" {
 	key = value;
 }
@@ -178,7 +178,7 @@ section "blah" "foo" {
 
 is presented as:
 
-~~~nginx    
+~~~ucl
 section {
 	blah {
 		foo {
@@ -204,14 +204,14 @@ section {
 
 UCL supports different style of comments:
 
-* single line: `#` 
+* single line: `#`
 * multiline: `/* ... */`
 
 Multiline comments may be nested:
 
 ~~~c
 # Sample single line comment
-/* 
+/*
  some comment
  /* nested comment */
  end of comment
@@ -222,7 +222,7 @@ Multiline comments may be nested:
 
 UCL supports external macros both multiline and single line ones:
 
-~~~nginx
+~~~ucl
 .macro "sometext";
 .macro {
     Some long text
@@ -234,7 +234,7 @@ Moreover, each macro can accept an optional list of arguments in braces. These
 arguments themselves are the UCL object that is parsed and passed to a macro as
 options:
 
-~~~nginx
+~~~ucl
 .macro(param=value) "something";
 .macro(param={key=value}) "something";
 .macro(.include "params.conf") "something";
@@ -246,7 +246,7 @@ param = [value1, value2]) "something";
 UCL also provide a convenient `include` macro to load content from another files
 to the current UCL object. This macro accepts either path to file:
 
-~~~nginx
+~~~ucl
 .include "/full/path.conf"
 .include "./relative/path.conf"
 .include "${CURDIR}/path.conf"
@@ -329,10 +329,10 @@ Here are some rules for this syntax:
 
 
     key <<EOD
-    
+
     some
     text
-    
+
     EOD
 
 
@@ -358,7 +358,7 @@ parsing and emitting and compared it with UCL. Here are results:
 
     jansson: parsed json in 1.3899 seconds
     jansson: emitted object in 0.2609 seconds
-    
+
     ucl: parsed input in 0.6649 seconds
     ucl: emitted config in 0.2423 seconds
     ucl: emitted json in 0.2329 seconds
diff --git a/doc/markdown/lua/index.md b/doc/markdown/lua/index.md
index 793b143da..d003959d9 100644
--- a/doc/markdown/lua/index.md
+++ b/doc/markdown/lua/index.md
@@ -6,7 +6,7 @@ Rspamd lua api is a core part of rspamd functionality. Lua is used for writing r
 
 Many lua rules are shipped with rspamd. They can be included to rspamd by using tag **lua** in rspamd.conf:
 
-~~~nginx
+~~~ucl
 lua = "$CONFDIR/lua/rspamd.lua"
 ~~~
 
diff --git a/doc/markdown/migration.md b/doc/markdown/migration.md
index 7995d1992..66d77f63c 100644
--- a/doc/markdown/migration.md
+++ b/doc/markdown/migration.md
@@ -16,7 +16,7 @@ Now both redis and sqlite3 follows the common principles for per-user statistics
 If you need old behaviour, then you'd need to use separate classifier
 for per-user statistics, for example:
 
-~~~nginx
+~~~ucl
     classifier {
         tokenizer {
             name = "osb";
@@ -61,7 +61,7 @@ that now tokens are generated from the normalized words and there are various im
 statistics model used in pre 1.0 versions. Therefore, to use all these advantages you should either **relearn**
 your statistics or continue using your old statistics **without** new features by adding `compat` parameter:
 
-~~~nginx
+~~~ucl
 classifier {
 ...
     tokenizer {
@@ -73,7 +73,7 @@ classifier {
 
 The recommended way to create statistics now is `sqlite3` backend (which is incompatible with old mmap backend however):
 
-~~~nginx
+~~~ucl
 classifier {
     type = "bayes";
     tokenizer {
@@ -116,7 +116,7 @@ specified then `password` is used for both commands.
 Here is an example of the full configuration of rspamd controller worker to
 serve webui:
 
-~~~nginx
+~~~ucl
 worker {
 	type = "controller";
 	bind_socket = "localhost:11334";
@@ -262,4 +262,4 @@ end
 Rspamd now uses `HTTP` protocols for all operations, therefore an additional
 client library is unlikely needed. The fallback to old `spamc` protocol has also
 been implemented automatically to be compatible with `rmilter` and other software
-that uses `rspamc` protocol.
\ No newline at end of file
+that uses `rspamc` protocol.
diff --git a/doc/markdown/modules/chartable.md b/doc/markdown/modules/chartable.md
index f5aa55322..5458427a0 100644
--- a/doc/markdown/modules/chartable.md
+++ b/doc/markdown/modules/chartable.md
@@ -2,9 +2,9 @@
 
 This module allows to find number of characters from the different [unicode scripts](http://www.unicode.org/reports/tr24/). Finally, it evaluates number of scrips changes, e.g. 'a網絡a' is treated as 2 script changes - from latin to chineese and from chineese back to latin, divided by total number of unicode characters. If the product of this division is higher than threshold then a symbol is inserted. By default threshold is `0.1` meaning that script changes occurrs approximantely for 10% of characters.
 
-~~~nginx
+~~~ucl
 chartable {
   symbol = "R_CHARSET_MIXED";
   threshold = 0.1;
 }
-~~~
\ No newline at end of file
+~~~
diff --git a/doc/markdown/modules/dmarc.md b/doc/markdown/modules/dmarc.md
index c69fa3015..f71eb6f91 100644
--- a/doc/markdown/modules/dmarc.md
+++ b/doc/markdown/modules/dmarc.md
@@ -20,7 +20,7 @@ Please mention, that rspamd itself cannot send reports, it merely stores suffici
 
 DMARC configuration is very simple:
 
-~~~nginx
+~~~ucl
 dmarc {
     servers = "localhost:6390";
     key_prefix = "dmarc_"; # Keys would have format of dmarc_domain.com
@@ -41,4 +41,4 @@ When a message violates DMARC policy, rspamd adds the following information to `
 where results are `true` or `false` meaning allow and reject values accordingly.
 Unixtime and IP are inserted in text form. Keys are therefore `lists` in redis terminology.
 
-Keys are inserted to redis servers when a server is selected by hash value from sender's domain.
\ No newline at end of file
+Keys are inserted to redis servers when a server is selected by hash value from sender's domain.
diff --git a/doc/markdown/modules/fuzzy_check.md b/doc/markdown/modules/fuzzy_check.md
index 4f41a5c04..13e8c6878 100644
--- a/doc/markdown/modules/fuzzy_check.md
+++ b/doc/markdown/modules/fuzzy_check.md
@@ -37,7 +37,7 @@ Fuzzy rules are defined as a set of `rule` definitions. Each `rule` must have se
 list to check or learn and a set of flags and optional parameters. Here is an example of
 rule's settings:
 
-~~~nginx
+~~~ucl
 fuzzy_check {
 	rule {
 		# List of servers, can be an array or multi-value item
@@ -75,7 +75,7 @@ Each rule can have several maps defined by a `flag` value. For example, a single
 fuzzy storage can contain both good and bad hashes that should have different symbols
 and thus different weights. Maps are defined inside fuzzy rules as following:
 
-~~~nginx
+~~~ucl
 fuzzy_check {
 	rule {
 	...
@@ -108,7 +108,7 @@ if the weight of hash is `100` and `max_score` will be `99`, then the rule will
 added with the weight of `1`. If `max_score` is `200`, then the rule will be added with the
 weight likely `0.2` (the real function is hyperbolic tangent). In the following configuration:
 
-~~~nginx
+~~~ucl
 metric {
 	name = "default";
 	...
@@ -160,4 +160,4 @@ or delete hashes:
 	rspamc -f <flag> fuzzy_del ...
 
 On learning, rspamd sends commands to **all** servers inside specific rule. On check,
-rspamd selects a server in round-robin matter.
\ No newline at end of file
+rspamd selects a server in round-robin matter.
diff --git a/doc/markdown/modules/index.md b/doc/markdown/modules/index.md
index 4824f66a1..19af30565 100644
--- a/doc/markdown/modules/index.md
+++ b/doc/markdown/modules/index.md
@@ -14,7 +14,7 @@ to the main rspamd code. C modules are defined in the `options` section of rspam
 configuration. If no `filters` attribute is defined then all modules are disabled.
 The default configuration enables all modules explicitly:
 
-~~~nginx
+~~~ucl
 filters = "chartable,dkim,spf,surbl,regexp,fuzzy_check";
 ~~~
 
@@ -37,7 +37,7 @@ reconfiguration. Should you want to write a lua module consult with the
 [Lua API documentation](../lua/). To define path to lua modules there is a special section
 named `modules` in rspamd:
 
-~~~nginx
+~~~ucl
 modules {
   path = "/path/to/dir/";
   path = "/path/to/module.lua";
@@ -62,4 +62,4 @@ and performs some additional checks for such messages.
 - [phishing](phishing.md) - detects messages with phished URLs.
 - [ratelimit](ratelimit.md) - implements leaked bucket algorithm for ratelimiting and
 uses `redis` to store data.
-- [trie](trie.md) - uses suffix trie for extra-fast patterns lookup in messages.
\ No newline at end of file
+- [trie](trie.md) - uses suffix trie for extra-fast patterns lookup in messages.
diff --git a/doc/markdown/modules/multimap.md b/doc/markdown/modules/multimap.md
index db49cc831..290df9e49 100644
--- a/doc/markdown/modules/multimap.md
+++ b/doc/markdown/modules/multimap.md
@@ -65,7 +65,7 @@ following values:
 
 No filters will be processed for a message if such a map matches.
 
-~~~nginx
+~~~ucl
 multimap {
 	test { type = "ip"; map = "/tmp/ip.map"; symbol = "TESTMAP"; }
 	spamhaus { type = "dnsbl"; map = "pbl.spamhaus.org"; symbol = "R_IP_PBL";
@@ -107,31 +107,38 @@ Filename maps support this filters set:
 
 Here are some examples of pre-filter configurations:
 
-~~~nginx
+~~~ucl
 sender_from_whitelist_user {
-            type = "from";
-            filter = "email:user";
-            map = "file:///tmp/from.map";
-            symbol = "SENDER_FROM_WHITELIST_USER";
-            action = "accept"; # Prefilter mode
+  type = "from";
+  filter = "email:user";
+  map = "file:///tmp/from.map";
+  symbol = "SENDER_FROM_WHITELIST_USER";
+  action = "accept"; # Prefilter mode
 }
 sender_from_regexp {
-            type = "header";
-            header = "from";
-            filter = "regexp:/.*@/";
-            map = "file:///tmp/from_re.map";
-            symbol = "SENDER_FROM_REGEXP";
+  type = "header";
+  header = "from";
+  filter = "regexp:/.*@/";
+  map = "file:///tmp/from_re.map";
+  symbol = "SENDER_FROM_REGEXP";
 }
 url_map {
-            type = "url";
-            filter = "tld";
-            map = "file:///tmp/url.map";
-            symbol = "URL_MAP";
+  type = "url";
+  filter = "tld";
+  map = "file:///tmp/url.map";
+  symbol = "URL_MAP";
 }
 url_tld_re {
-            type = "url";
-            filter = "tld:regexp:/\.[^.]+$/"; # Extracts the last component of URL
-            map = "file:///tmp/url.map";
-            symbol = "URL_MAP_RE";
+  type = "url";
+  filter = "tld:regexp:/\.[^.]+$/"; # Extracts the last component of URL
+  map = "file:///tmp/url.map";
+  symbol = "URL_MAP_RE";
 }
-~~~
\ No newline at end of file
+filename_blacklist {
+  type = "filename";
+  filter = "extension";
+  map = "/${LOCAL_CONFDIR}/filename.map";
+  symbol = "FILENAME_BLACKLISTED";
+  action = "reject";
+}
+~~~
diff --git a/doc/markdown/modules/once_received.md b/doc/markdown/modules/once_received.md
index 398ce1cb1..cb91522a5 100644
--- a/doc/markdown/modules/once_received.md
+++ b/doc/markdown/modules/once_received.md
@@ -8,7 +8,7 @@ The configuration of this module is pretty straightforward: specify `symbol` for
 
 ## Example
 
-~~~nginx
+~~~ucl
 once_received {
     good_host = "^mail";
     bad_host = "static";
diff --git a/doc/markdown/modules/phishing.md b/doc/markdown/modules/phishing.md
index 8d742a9a1..4f6d86159 100644
--- a/doc/markdown/modules/phishing.md
+++ b/doc/markdown/modules/phishing.md
@@ -24,7 +24,7 @@ And the following URLs are considered as phished:
 
 Here is an example of full module configuration.
 
-~~~nginx
+~~~ucl
 phishing {
 	symbol = "R_PHISHING"; # Default symbol
 	
diff --git a/doc/markdown/modules/rbl.md b/doc/markdown/modules/rbl.md
index 24bd3532b..b7e73a1d1 100644
--- a/doc/markdown/modules/rbl.md
+++ b/doc/markdown/modules/rbl.md
@@ -4,7 +4,7 @@ The RBL module provides support for checking the IPv4/IPv6 source address of a m
 
 Configuration is structured as follows:
 
-~~~nginx
+~~~ucl
 rbl {
   # default settings defined here
   rbls {
@@ -89,7 +89,7 @@ Can be set to a URL of a list of IPv4/IPv6 addresses & subnets not to be conside
 
 RBL-specific subsection is structured as follows:
 
-~~~nginx
+~~~ucl
 # Descriptive name of RBL or symbol if symbol is not defined.
 an_rbl {
         # Explicitly defined symbol
diff --git a/doc/markdown/modules/spamassassin.md b/doc/markdown/modules/spamassassin.md
index f41af3141..ca585241f 100644
--- a/doc/markdown/modules/spamassassin.md
+++ b/doc/markdown/modules/spamassassin.md
@@ -10,7 +10,7 @@ of spamassassin rules natively within rspamd. The configuration of this plugin
 is very simple: just glue all your SA rules into a single file and feed it to
 spamassassin module:
 
-~~~nginx
+~~~ucl
 spamassassin {
 	ruleset = "/path/to/file";
 	# Limit search size to 100 kilobytes for all regular expressions
diff --git a/doc/markdown/modules/spf.md b/doc/markdown/modules/spf.md
index d858a7af3..281cd91b4 100644
--- a/doc/markdown/modules/spf.md
+++ b/doc/markdown/modules/spf.md
@@ -24,11 +24,11 @@ lifetimes is accordingly limited by the matching DNS record time to live.
 
 You can manually specify the size of this cache by configuring SPF module:
 
-~~~nginx
+~~~ucl
 spf {
 	spf_cache_size = 1k; # cache up to 1000 of the most recent SPF records
 }
 ~~~
 
 Currently, rspamd supports the full set of SPF elements, macroes and has internal
-protection from DNS recursion.
\ No newline at end of file
+protection from DNS recursion.
diff --git a/doc/markdown/modules/surbl.md b/doc/markdown/modules/surbl.md
index 84f43b8c0..ec39a6c7d 100644
--- a/doc/markdown/modules/surbl.md
+++ b/doc/markdown/modules/surbl.md
@@ -14,7 +14,7 @@ a specific sort of license.
 Nonetheless, they can be used by personal services or low volume requests free
 of charge.
 
-~~~nginx
+~~~ucl
 surbl {
     # List of domains that are not checked by surbl
     whitelist = "file://$CONFDIR/surbl-whitelist.inc";
@@ -81,7 +81,7 @@ it is possible to specify either `bit` or `ips` sections.
 
 Since some URL lists do not accept `IP` addresses, it is also possible to disable sending of URLs with IP address in the host to such lists. That could be done by specifying `noip = true` option:
 
-~~~nginx
+~~~ucl
     rule {
         suffix = "dbl.spamhaus.org";
         symbol = "DBL";
@@ -92,7 +92,7 @@ Since some URL lists do not accept `IP` addresses, it is also possible to disabl
 
 It is also possible to check HTML images URLs using URL blacklists. Just specify `images = true` for such list and you are done:
 
-~~~nginx
+~~~ucl
     rule {
         suffix = "uribl.rambler.ru";
         # Also check images
@@ -172,7 +172,7 @@ In general this procedure could be represented as following:
 
 For example, [SBL list](https://www.spamhaus.org/sbl/) of `spamhaus` project provides such functions using `ZEN` multi list. This is included in rspamd default configuration:
 
-~~~nginx
+~~~ucl
     rule {
         suffix = "zen.spamhaus.org";
         symbol = "ZEN_URIBL";
@@ -181,4 +181,4 @@ For example, [SBL list](https://www.spamhaus.org/sbl/) of `spamhaus` project pro
             URIBL_SBL = "127.0.0.2";
         }
     }
-~~~
\ No newline at end of file
+~~~
diff --git a/doc/markdown/modules/trie.md b/doc/markdown/modules/trie.md
index 997f4d0df..18e9f6808 100644
--- a/doc/markdown/modules/trie.md
+++ b/doc/markdown/modules/trie.md
@@ -10,7 +10,7 @@ This module provides a convenient interface to the search trie structure.
 
 Here is an example of trie configuration:
 
-~~~nginx
+~~~ucl
 trie {
 	# Each subsection defines a single rule with associated symbol
 	SYMBOL1 {
@@ -36,4 +36,4 @@ Despite of the fact that aho-corasic trie is very fast, it supports merely plain
 strings. Moreover, it cannot distinguish words boundaries, for example, a string
 `test` will be found in texts `test`, `tests` or even `123testing`. Therefore, it
 might be used to search some concrete and relatively specific patterns and should
-not be used for words match.
\ No newline at end of file
+not be used for words match.
diff --git a/doc/markdown/modules/whitelist.md b/doc/markdown/modules/whitelist.md
index 403f103c3..ec4671e58 100644
--- a/doc/markdown/modules/whitelist.md
+++ b/doc/markdown/modules/whitelist.md
@@ -43,7 +43,7 @@ or if using map:
 
 ## Configuration example
 
-~~~nginx
+~~~ucl
 whitelist {
     rules {
         WHITELIST_SPF = {
@@ -83,4 +83,4 @@ whitelist {
 }
 ~~~
 
-Rspamd also comes with a set of pre-defined whitelisted domains that could be useful for start.
\ No newline at end of file
+Rspamd also comes with a set of pre-defined whitelisted domains that could be useful for start.
diff --git a/doc/markdown/tutorials/migrate_sa.md b/doc/markdown/tutorials/migrate_sa.md
index 182c84a42..a85ff10ee 100644
--- a/doc/markdown/tutorials/migrate_sa.md
+++ b/doc/markdown/tutorials/migrate_sa.md
@@ -50,7 +50,7 @@ To install rspamd, I'd recommend using of the [official packages](https://rspamd
 
 For those who has a lot of custom rules, there is good news: rspamd supports a certain set of SpamAssassin rules via special [plugin](../modules/spamassassin.md) that allows **direct** loading of SA rules into rspamd. You just need to specify all your configuration files in the plugin configuration:
 
-~~~nginx
+~~~ucl
 spamassassin {
 	sa_main = "/etc/spamassassin/conf.d/*";
 	sa_local = "/etc/spamassassin/local.cf";
@@ -80,4 +80,4 @@ You can also setup rspamc to learn via passing messages to a certain email addre
 	learn-spam123: "| rspamc learn_spam"
 	learn-ham123: "| rspamc learn_ham"
 
-You'd need some less predictable aliases to avoid sending messages to such addresses by some adversary or just by a mistake to prevent statistics pollution.
\ No newline at end of file
+You'd need some less predictable aliases to avoid sending messages to such addresses by some adversary or just by a mistake to prevent statistics pollution.
diff --git a/doc/markdown/tutorials/writing_rules.md b/doc/markdown/tutorials/writing_rules.md
index 38e1f56a9..4147c5a68 100644
--- a/doc/markdown/tutorials/writing_rules.md
+++ b/doc/markdown/tutorials/writing_rules.md
@@ -36,7 +36,7 @@ For the configuration rules you can take a look at the following examples:
 
 rspamd.conf:
 
-~~~nginx
+~~~ucl
 var1 = "value1";
 
 section "name" {
@@ -46,7 +46,7 @@ section "name" {
 
 rspamd.conf.local:
 
-~~~nginx
+~~~ucl
 var1 = "value2";
 
 section "name" {
@@ -56,7 +56,7 @@ section "name" {
 
 Resulting config:
 
-~~~nginx
+~~~ucl
 var1 = "value1";
 var1 = "value2";
 
@@ -72,7 +72,7 @@ Override example:
 
 rspamd.conf:
 
-~~~nginx
+~~~ucl
 var1 = "value1";
 
 section "name" {
@@ -82,7 +82,7 @@ section "name" {
 
 rspamd.conf.override:
 
-~~~nginx
+~~~ucl
 var1 = "value2";
 
 section "name" {
@@ -92,7 +92,7 @@ section "name" {
 
 Resulting config:
 
-~~~nginx
+~~~ucl
 var1 = "value2";
 
 # Note that var2 is removed completely
@@ -158,7 +158,7 @@ For built-in rules scores are placed in the file called `${CONFDIR}/metrics.conf
 
 1. Define scores in `rspamd.conf.local` as following:
 
-~~~nginx
+~~~ucl
 metric "default" {
 	symbol "MY_SYMBOL" {
 		description = "my cool rule";
diff --git a/doc/markdown/workers/controller.md b/doc/markdown/workers/controller.md
index 94c12310a..44f8e2b0b 100644
--- a/doc/markdown/workers/controller.md
+++ b/doc/markdown/workers/controller.md
@@ -25,7 +25,7 @@ To generate a keypair for the scanner you could use:
 
 After that keypair should appear as following:
 
-~~~nginx
+~~~ucl
 keypair {
     pubkey = "tm8zjw3ougwj1qjpyweugqhuyg4576ctg6p7mbrhma6ytjewp4ry";
     privkey = "ykkrfqbyk34i1ewdmn81ttcco1eaxoqgih38duib1e7b89h9xn3y";
diff --git a/doc/markdown/workers/fuzzy_storage.md b/doc/markdown/workers/fuzzy_storage.md
index a2d29826f..ad955a46a 100644
--- a/doc/markdown/workers/fuzzy_storage.md
+++ b/doc/markdown/workers/fuzzy_storage.md
@@ -110,7 +110,7 @@ to perform changes to fuzzy storage (you should also set `read_only = no` in you
 
 Here is an example configuration of fuzzy storage:
 
-~~~nginx
+~~~ucl
 worker {
    type = "fuzzy";
    bind_socket = "*:11335";
@@ -125,4 +125,4 @@ worker {
 Rspamd fuzzy storage of version `0.8` can work with rspamd clients of all versions,
 however, all updates from legacy versions (less that `0.8`) won't update fuzzy shingles
 database. Rspamd [fuzzy check module](../modules/fuzzy_check.md) can work **only**
-with the recent rspamd fuzzy storage (it won't get anything from the legacy storages).
\ No newline at end of file
+with the recent rspamd fuzzy storage (it won't get anything from the legacy storages).
diff --git a/doc/markdown/workers/index.md b/doc/markdown/workers/index.md
index 31d1d6b96..24208cebc 100644
--- a/doc/markdown/workers/index.md
+++ b/doc/markdown/workers/index.md
@@ -33,7 +33,7 @@ listens on an UDP port and does not save any state information.
 All workers shares a set of common options. Here is a typical example of a normal
 worker configuration that uses merely common worker options:
 
-~~~nginx
+~~~ucl
 worker {
     type = "normal";
     bind_socket = "*:11333";
@@ -49,7 +49,7 @@ Here are options available to all workers:
 `bind_socket` is the mostly common used option. It defines the address where worker should accept
 connections. Rspamd allows both names and IP addresses for this option:
 
-~~~nginx
+~~~ucl
 bind_socket = "localhost:11333";
 bind_socket = "127.0.0.1:11333";
 bind_socket = "[::1]:11333"; # note that you need to enclose ipv6 in '[]'
@@ -57,7 +57,7 @@ bind_socket = "[::1]:11333"; # note that you need to enclose ipv6 in '[]'
 
 Also universal listening addresses are defined:
 
-~~~nginx
+~~~ucl
 bind_socket = "*:11333"; # any ipv4 and ipv6 address
 bind_socket = "*v4:11333"; # any ipv4 address
 bind_socket = "*v6:11333"; # any ipv6 address
@@ -65,13 +65,13 @@ bind_socket = "*v6:11333"; # any ipv6 address
 
 Moreover, you can specify systemd sockets if rspamd is invoked by systemd:
 
-~~~nginx
+~~~ucl
 bind_socket = "systemd:1"; # the first socket passed by systemd throught environment
 ~~~
 
 For unix sockets, it is also possible to specify owner and mode using this syntax:
 
-~~~nginx
+~~~ucl
 bind_socket = "/tmp/rspamd.sock mode=0666 owner=user";
 ~~~
 
@@ -81,4 +81,4 @@ then `root` is used) and `0644` as access mask. Please mention that you need to
 a weird result.
 
 You can specify multiple `bind_socket` options to listen on as many addresses as
-you want.
\ No newline at end of file
+you want.
diff --git a/doc/markdown/workers/normal.md b/doc/markdown/workers/normal.md
index 64cf4c479..9b935fb5a 100644
--- a/doc/markdown/workers/normal.md
+++ b/doc/markdown/workers/normal.md
@@ -17,7 +17,7 @@ To generate a keypair for the scanner you could use:
 
 After that keypair should appear as following:
 
-~~~nginx
+~~~ucl
 keypair {
     pubkey = "tm8zjw3ougwj1qjpyweugqhuyg4576ctg6p7mbrhma6ytjewp4ry";
     privkey = "ykkrfqbyk34i1ewdmn81ttcco1eaxoqgih38duib1e7b89h9xn3y";