示例#1
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            'template_blockedfile': {
                'default': '/etc/fuglu/templates/blockedfile.tmpl',
                'description': 'Mail template for the bounce to inform sender about blocked attachment',
            },

            'sendbounce': {
                'default': '1',
                'description': 'inform the sender about blocked attachments.\nIf a previous plugin tagged the message as spam or infected, no bounce will be sent to prevent backscatter',
            },

            'rulesdir': {
                'default': '/etc/fuglu/rules',
                'description': 'directory that contains attachment rules',
            },

            'blockaction': {
                'default': 'DELETE',
                'description': 'what should the plugin do when a blocked attachment is detected\nREJECT : reject the message (recommended in pre-queue mode)\nDELETE : discard messages\nDUNNO  : mark as blocked but continue anyway (eg. if you have a later quarantine plugin)',
            },

            'dbconnectstring': {
                'default': '',
                'description': 'sqlalchemy connectstring to load rules from a database and use files only as fallback. requires SQL extension to be enabled',
                'confidential': True,
            },

            'query': {
                'default': 'SELECT action,regex,description FROM attachmentrules WHERE scope=:scope AND checktype=:checktype ORDER BY prio',
                'description': "sql query to load rules from a db. #:scope will be replaced by the recipient address first, then by the recipient domain\n:check will be replaced 'filename','contenttype','archive-filename' or 'archive-contenttype'",
            },

            'checkarchivenames': {
                'default': '0',
                'description': "enable scanning of filenames within archives (zip,rar). This does not actually extract the files, it just looks at the filenames found in the archive."
            },

            'checkarchivecontent': {
                'default': '0',
                'description': 'extract compressed archives(zip,rar) and check file content type with libmagics\nnote that the files will be extracted into memory - tune archivecontentmaxsize  accordingly.\nfuglu does not extract archives within the archive(recursion)',
            },

            'archivecontentmaxsize': {
                'default': '5000000',
                'description': 'only extract and examine files up to this amount of (uncompressed) bytes',
            },

        }

        self.logger = self._logger()
        self.rulescache = None
        self.extremeverbosity = False

        # remember that the order is important here, if we support tar.gz and
        # gz in the future make sure tar.gz comes first!
        self.supported_archive_extensions = ['zip', ]
        if RARFILE_AVAILABLE:
            self.supported_archive_extensions.append('rar')
示例#2
0
    def __init__(self, section=None):
        ScannerPlugin.__init__(self, section)
        self.filelist = FileList(strip=True, skip_empty=True, skip_comments=True, lowercase=True,
                                 additional_filters=None, minimum_time_between_reloads=30)

        self.requiredvars = {
            'domainsfile': {
                'default': '/etc/fuglu/spearphish-domains',
                'description': 'Filename where we load spearphish domains from. One domain per line. If this setting is empty, the check will be applied to all domains.',
            },
            'virusenginename': {
                'default': 'Fuglu SpearPhishing Protection',
                'description': 'Name of this plugins av engine',
            },
            'virusname': {
                'default': 'TRAIT.SPEARPHISH',
                'description': 'Name to use as virus signature',
            },
            'virusaction': {
                'default': 'DEFAULTVIRUSACTION',
                'description': "action if spear phishing attempt is detected (DUNNO, REJECT, DELETE)",
            },
            'rejectmessage': {
                'default': 'threat detected: ${virusname}',
                'description': "reject message template if running in pre-queue mode and virusaction=REJECT",
            },
        }
示例#3
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.logger = self._logger()
     self.requiredvars = {
         'maxsize': {
             'default': self.MAX_SIZE * 2,
             'description': 'Maximum message size',
         },
         'caldav_url': {
             'default':
             '',
             'description':
             'CalDAV server URL (%s will be replaced with recipient email)'
         },
         'caldav_username': {
             'default': '',
             'description': 'CalDAV server username'
         },
         'caldav_password': {
             'default': '',
             'description': 'CalDAV server password'
         },
         'caldav_ssl_skip_verify': {
             'default': 'False',
             'description':
             'Skip CalDAV server SSL certificate verification'
         }
     }
示例#4
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.logger = self._logger()
     self.skiplist = FileList(filename=None,
                              strip=True,
                              skip_empty=True,
                              skip_comments=True,
                              lowercase=True)
     self.requiredvars = {
         'max_lookups': {
             'default': '10',
             'description':
             'maximum number of lookups (RFC defaults to 10)',
         },
         'skiplist': {
             'default':
             '',
             'description':
             'File containing a list of domains (one per line) which are not checked'
         },
         'temperror_retries': {
             'default': '3',
             'description': 'maximum number of retries on temp error',
         },
         'temperror_sleep': {
             'default': '3',
             'description':
             'waiting interval between retries on temp error',
         },
     }
示例#5
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.logger = logging.getLogger('fuglu.plugin.DomainAction')

        self.requiredvars = {
            'blacklistconfig': {
                'default': '/etc/fuglu/rbl.conf',
                'description': 'RBL Lookup config file',
            },
            'checksubdomains': {
                'default':
                'yes',
                'description':
                'check subdomains as well (from top to bottom, eg. example.com, bla.example.com, blubb.bla.example.com',
            },
            'action': {
                'default': 'reject',
                'description': 'action on hit (reject, delete, etc)',
            },
            'message': {
                'default': '5.7.1 black listed URL ${domain} by ${blacklist}',
                'description': 'message template for rejects/ok messages',
            },
            'maxdomains': {
                'default': '10',
                'description':
                'maximum number of domains to check per message',
            },
        }

        self.rbllookup = None
        self.tldmagic = None
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            'limiterfile': {
                'default': '/etc/fuglu/ratelimit.conf',
                'description': 'file based rate limits',
            },
            'backendtype': {
                'default':
                'memory',
                'description':
                'type of backend where the events are stored. memory is only recommended for low traffic standalone systems. alternatives are: redis, sqlalchemy'
            },
            'backendconfig': {
                'default':
                '',
                'description':
                'backend specific configuration. sqlalchemy: the database url, redis: hostname:port:db'
            }
        }

        self.logger = self._logger()
        self.backend_instance = None
        self.limiters = None
        self.filter = SuspectFilter(None)
示例#7
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.backend = None
     self.logger = self._logger()
     self.requiredvars = {
         'redis': {
             'default': 'localhost:6379:0',
             'description': 'redis config: host:port:db',
         },
         # commented, for now we only want the count
         # 'lowthreshold':{
         #     'default':'1',
         #     'description': 'threshold for adding <headername>: LOW',
         # },
         # 'highthreshold':{
         #     'default':'3',
         #     'description': 'threshold for adding <headername>: HIGH',
         # },
         'headername': {
             'default': 'X-FuZor',
              'description': 'header name',
         },
         'maxsize': {
             'default': '600000',
             'description':
                 'maxsize in bytes, larger messages will be skipped'
         },
         'timeout': {
             'default': '2',
             'description': 'timeout in seconds'
         },
     }
示例#8
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)

        self.requiredvars = {
            "yararulesdir": {
                "default": "/etc/fuglu/yararules",
                "description": "Directory containing one or more YARA rule files",
            },
            "archivecontentmaxsize": {
                "default": "5000000",
                "description": "only extract and examine files up to this amount of (uncompressed) bytes",
            },
            "virusaction": {
                "default": "DEFAULTVIRUSACTION",
                "description": "action if infection is detected (DUNNO, REJECT, DELETE)",
            },
            "problemaction": {"default": "DEFER", "description": "action if there is a problem (DUNNO, DEFER)"},
            "rejectmessage": {
                "default": "threat detected in ${infectedfile}: ${virusname}",
                "description": "reject message template if running in pre-queue mode and virusaction=REJECT",
            },
        }
        self.filter = None
        self.logger = self._logger()
        self.lastreload = 0
        self.compiled_rules = None

        # remember that the order is important here, if we support tar.gz and
        # gz in the future make sure tar.gz comes first!
        self.supported_archive_extensions = ["zip"]
        if RARFILE_AVAILABLE:
            self.supported_archive_extensions.append("rar")
示例#9
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.requiredvars = {
         'domainsfile': {
             'description':
             "File containing a list of domains (one per line) which must be DKIM and/or SPF authenticated",
             'default': "/etc/fuglu/auth_required_domains.txt",
         },
         'failaction': {
             'default':
             'DUNNO',
             'description':
             "action if the message doesn't pass authentication (DUNNO, REJECT)",
         },
         'rejectmessage': {
             'default':
             'sender domain ${header_from_domain} must pass DKIM and/or SPF authentication',
             'description':
             "reject message template if running in pre-queue mode",
         },
     }
     self.logger = self._logger()
     self.filelist = FileList(filename=None,
                              strip=True,
                              skip_empty=True,
                              skip_comments=True,
                              lowercase=True)
示例#10
0
 def __init__(self,config,section=None):
     ScannerPlugin.__init__(self,config,section)
     self.logger=logging.getLogger('fuglu.plugin.DomainAction')
 
     self.requiredvars={       
         'blacklistconfig':{
             'default':'/etc/fuglu/rbl.conf',
             'description':'RBL Lookup config file',
         },
         'checksubdomains':{
             'default':'yes',
             'description':'check subdomains as well (from top to bottom, eg. example.com, bla.example.com, blubb.bla.example.com',
         },
             
         'action':{
             'default':'reject',
             'description':'action on hit (reject, delete, etc)',
         }, 
                        
         'message':{
             'default':'5.7.1 black listed URL ${domain} by ${blacklist}',
             'description':'message template for rejects/ok messages',
         }, 
                        
         'maxdomains':{
             'default':'10',
             'description':'maximum number of domains to check per message',
         }
         
     }
     
     self.rbllookup=None
     self.tldmagic=None
示例#11
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)

        self.requiredvars = {
            "path": {
                "default": "/usr/local/fuglu/deliver/${to_address}",
                "description": "Path to maildir / mbox file, supports templates",
            },
            # maybe we need to support our own locking later, for now we use python's built-ins
            #'locktype':{
            #    'default':'',
            #    'description':"flock, ...",
            # },
            "boxtype": {"default": "mbox", "description": "mbox, maildir"},
            # maybe we need to support various mbox types later, for now we use python's built-in module
            #'subtype':{
            #    'default':'',
            #    'description':"what type of mbox... ",
            # },
            "filterfile": {"default": "", "description": "only store messages which use filter..."},
        }
        self.logger = self._logger()
        self.filter = None

        self.boxtypemap = {"mbox": self.deliver_mbox, "maildir": self.deliver_maildir}
示例#12
0
 def __init__(self,config,section=None):
     ScannerPlugin.__init__(self,config,section)
     
     self.requiredvars={
         'path':{
             'default':'/usr/local/fuglu/deliver/${to_address}',
             'description':'Path to maildir / mbox file, supports templates',
         },
         #maybe we need to support our own locking later, for now we use python's built-ins
         #'locktype':{ 
         #    'default':'',
         #    'description':"flock, ...",
         #},
         'boxtype':{
             'default':'mbox',
             'description':"mbox, maildir",
         },
         #maybe we need to support various mbox types later, for now we use python's built-in module
         #'subtype':{
         #    'default':'',
         #    'description':"what type of mbox... ",
         #},
         'filterfile':{
             'default':'',
             'description':"only store messages which use filter...",
         },
                        
     }
     self.logger=self._logger()
     self.filter=None
     
     self.boxtypemap={
      'mbox':self.deliver_mbox,
      'maildir':self.deliver_maildir,               
     }
示例#13
0
 def __init__(self,config,section=None):
     ScannerPlugin.__init__(self,config,section)
     self.requiredvars={
             'privatekeyfile':{
              'description':"Location of the private key file. supports standard template variables plus additional ${header_from_domain} which extracts the domain name from the From: -Header",
              'default':"/etc/fuglu/dkim/${header_from_domain}.key",                  
             },
                        
             'canonicalizeheaders':{
              'description':"Type of header canonicalization (simple or relaxed)",
              'default':"relaxed",
             },
                        
             'canonicalizebody':{
              'description':"Type of body canonicalization (simple or relaxed)",
              'default':"relaxed",
             },
                        
             'selector':{
              'description':'selector to use when signing, supports templates',
              'default':'default',
             },
                        
             'signheaders':{
              'description':'comma separated list of headers to sign. empty string=sign all headers',
              'default':'',
             },
                        
             'signbodylength':{
               'description':'include l= tag in dkim header',
               'default':'False',                
             },
     }
示例#14
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            'privatekeyfile': {
                'description': "Location of the private key file. supports standard template variables plus additional ${header_from_domain} which extracts the domain name from the From: -Header",
                'default': "/etc/fuglu/dkim/${header_from_domain}.key",
            },

            'canonicalizeheaders': {
                'description': "Type of header canonicalization (simple or relaxed)",
                'default': "relaxed",
            },

            'canonicalizebody': {
                'description': "Type of body canonicalization (simple or relaxed)",
                'default': "relaxed",
            },

            'selector': {
                'description': 'selector to use when signing, supports templates',
                'default': 'default',
            },

            'signheaders': {
                'description': 'comma separated list of headers to sign. empty string=sign all headers',
                'default': 'From,Reply-To,Subject,Date,To,CC,Resent-Date,Resent-From,Resent-To,Resent-CC,In-Reply-To,References,List-Id,List-Help,List-Unsubscribe,List-Subscribe,List-Post,List-Owner,List-Archive',
            },

            'signbodylength': {
                'description': 'include l= tag in dkim header',
                'default': 'False',
            },
        }
示例#15
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.backend = None
     self.logger = self._logger()
     self.requiredvars = {
         'redis': {
             'default': 'localhost:6379:0',
             'description': 'redis config: host:port:db',
         },
         # commented, for now we only want the count
         # 'lowthreshold':{
         #     'default':'1',
         #     'description': 'threshold for adding <headername>: LOW',
         # },
         # 'highthreshold':{
         #     'default':'3',
         #     'description': 'threshold for adding <headername>: HIGH',
         # },
         'headername': {
             'default': 'X-FuZor',
             'description': 'header name',
         },
         'maxsize': {
             'default': '600000',
             'description':
             'maxsize in bytes, larger messages will be skipped'
         },
         'timeout': {
             'default': '2',
             'description': 'timeout in seconds'
         },
     }
示例#16
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            'template_blockedfile': {
                'default': '/etc/fuglu/templates/blockedfile.tmpl',
                'description': 'Mail template for the bounce to inform sender about blocked attachment',
            },

            'sendbounce': {
                'default': '1',
                'description': 'inform the sender about blocked attachments.\nIf a previous plugin tagged the message as spam or infected, no bounce will be sent to prevent backscatter',
            },

            'rulesdir': {
                'default': '/etc/fuglu/rules',
                'description': 'directory that contains attachment rules',
            },

            'blockaction': {
                'default': 'DELETE',
                'description': 'what should the plugin do when a blocked attachment is detected\nREJECT : reject the message (recommended in pre-queue mode)\nDELETE : discard messages\nDUNNO  : mark as blocked but continue anyway (eg. if you have a later quarantine plugin)',
            },

            'dbconnectstring': {
                'default': '',
                'description': 'sqlalchemy connectstring to load rules from a database and use files only as fallback. requires SQL extension to be enabled',
                'confidential': True,
            },

            'query': {
                'default': 'SELECT action,regex,description FROM attachmentrules WHERE scope=:scope AND checktype=:checktype ORDER BY prio',
                'description': "sql query to load rules from a db. #:scope will be replaced by the recipient address first, then by the recipient domain\n:check will be replaced 'filename','contenttype','archive-filename' or 'archive-contenttype'",
            },

            'checkarchivenames': {
                'default': '0',
                'description': "enable scanning of filenames within archives (zip,rar). This does not actually extract the files, it just looks at the filenames found in the archive."
            },

            'checkarchivecontent': {
                'default': '0',
                'description': 'extract compressed archives(zip,rar) and check file content type with libmagics\nnote that the files will be extracted into memory - tune archivecontentmaxsize  accordingly.\nfuglu does not extract archives within the archive(recursion)',
            },

            'archivecontentmaxsize': {
                'default': '5000000',
                'description': 'only extract and examine files up to this amount of (uncompressed) bytes',
            },

        }

        self.logger = self._logger()
        self.rulescache = None
        self.extremeverbosity = False

        #remember that the order is important here, if we support tar.gz and gz in the future make sure tar.gz comes first!
        self.supported_archive_extensions=['zip',]
        if RARFILE_AVAILABLE:
            self.supported_archive_extensions.append('rar')
示例#17
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.requiredvars = {
         'rbllist': {
             'default': '/etc/fuglu/rbllist.list',
             'description': "File which contains the used RBL lists",
         },
     }
示例#18
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.requiredvars = { # this defines the configuration options for a plugin
         'greeting': { # name of the config
             'default': 'hello world!', # default value, always use strings here
             'description': 'greeting message the plugin should log to the console', #  included as comment when generating default config files
         }
     }
示例#19
0
 def __init__(self,config,section=None):
     ScannerPlugin.__init__(self,config,section)
     self.requiredvars={
         'greeting':{
             'default':'hello world!',
             'description':'greeting the plugin should log to the console',
         }
     }
示例#20
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.logger = self._logger()

        self.whitelist = None

        self.requiredvars = {
            'whitelist_file': {
                'default':
                '/etc/fuglu/conf.d/ebl-whitelist.txt',
                'description':
                'path to file containing whitelisted sender domains',
            },
            'dnszone': {
                'default': 'ebl.msbl.org',
                'description':
                'the DNS zone to query. defaults to ebl.msbl.org',
            },
            'hash': {
                'default':
                'sha1',
                'description':
                'hash function used by DNS zone. Use one of md5, sha1, sha224, sha256, sha384, sha512'
            },
            'response': {
                'default': '127.0.0.2',
                'description': 'expected response of zone query',
            },
            'action': {
                'default':
                'dunno',
                'description':
                'action on hit (dunno, reject, defer, delete). if set to dunno will tag as spam. do not use reject/defer in after queue mode',
            },
            'messagetemplate': {
                'default': '${sender} listed by ${dnszone} : ${message}',
                'description': 'reject message template',
            },
            'maxlookups': {
                'default':
                '10',
                'description':
                'maximum number of email addresses to check per message',
            },
            'check_always': {
                'default':
                'False',
                'description':
                'set to True to check every suspect. set to False to only check mail that has not yet been classified as spam or virus',
            },
            'normalisation': {
                'default':
                'ebl',
                'description':
                'type of normalisation to be applied to email addresses before hashing. choose one of ebl (full normalisation according to ebl.msbl.org standard), low (lowercase only)'
            }
        }
示例#21
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.logger = self._logger()
     self.requiredvars = {
         'scriptdir': {
             'default': '/etc/fuglu/scriptfilter',
             'description': 'Dir that contains the scripts (*.fgf files)',
         }
     }
示例#22
0
文件: script.py 项目: jahlives/fuglu
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.logger = self._logger()
     self.requiredvars = {
         'scriptdir': {
             'default': '/etc/fuglu/scriptfilter',
             'description': 'Dir that contains the scripts (*.fgf files)',
         }
     }
示例#23
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.requiredvars = {
         'host': {
             'default': 'localhost',
             'description': 'hostname where the ICAP server runs',
         },
         'port': {
             'default': '1344',
             'description': "tcp port or path to unix socket",
         },
         'timeout': {
             'default': '10',
             'description': 'socket timeout',
         },
         'maxsize': {
             'default':
             '22000000',
             'description':
             "maximum message size, larger messages will not be scanned. ",
         },
         'retries': {
             'default':
             '3',
             'description':
             'how often should fuglu retry the connection before giving up',
         },
         'virusaction': {
             'default':
             'DEFAULTVIRUSACTION',
             'description':
             "action if infection is detected (DUNNO, REJECT, DELETE)",
         },
         'problemaction': {
             'default': 'DEFER',
             'description': "action if there is a problem (DUNNO, DEFER)",
         },
         'rejectmessage': {
             'default':
             'threat detected: ${virusname}',
             'description':
             "reject message template if running in pre-queue mode and virusaction=REJECT",
         },
         'service': {
             'default':
             'AVSCAN',
             'description':
             'ICAP Av scan service, usually AVSCAN (sophos, symantec)',
         },
         'enginename': {
             'default':
             'icap-generic',
             'description':
             "name of the virus engine behind the icap service. used to inform other plugins. can be anything like 'sophos', 'symantec', ...",
         },
     }
     self.logger = self._logger()
示例#24
0
    def __init__(self, section=None):
        ScannerPlugin.__init__(self, section)
        self.logger = self._logger()
        self.filelist = FileList(strip=True,
                                 skip_empty=True,
                                 skip_comments=True,
                                 lowercase=True,
                                 additional_filters=None,
                                 minimum_time_between_reloads=30)

        self.requiredvars = {
            'domainsfile': {
                'default':
                '/etc/fuglu/spearphish-domains',
                'description':
                'Filename where we load spearphish domains from. One domain per line. If this setting is empty, the check will be applied to all domains.',
            },
            'virusenginename': {
                'default': 'Fuglu SpearPhishing Protection',
                'description': 'Name of this plugins av engine',
            },
            'virusname': {
                'default': 'TRAIT.SPEARPHISH',
                'description': 'Name to use as virus signature',
            },
            'virusaction': {
                'default':
                'DEFAULTVIRUSACTION',
                'description':
                "action if spear phishing attempt is detected (DUNNO, REJECT, DELETE)",
            },
            'rejectmessage': {
                'default':
                'threat detected: ${virusname}',
                'description':
                "reject message template if running in pre-queue mode and virusaction=REJECT",
            },
            'dbconnection': {
                'default':
                "mysql://root@localhost/spfcheck?charset=utf8",
                'description':
                'SQLAlchemy Connection string. Leave empty to disable SQL lookups',
            },
            'domain_sql_query': {
                'default':
                "SELECT check_spearphish from domain where domain_name=:domain",
                'description':
                'get from sql database :domain will be replaced with the actual domain name. must return boolean field check_spearphish',
            },
            'check_display_part': {
                'default':
                'False',
                'description':
                "set to True to also check display part of From header (else email part only)",
            },
        }
示例#25
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.requiredvars = {  # this defines the configuration options for a plugin
         'greeting': {  # name of the config
             # default value, always use strings here
             'default': 'hello world!',
             # included as comment when generating default config files
             'description': 'greeting message the plugin should log to the console',
         }
     }
示例#26
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.logger = self._logger()
     self.requiredvars = {
         'actionrules': {
             'default': '/etc/fuglu/actionrules.regex',
             'description': 'Rules file',
         }
     }
     self.filter = None
示例#27
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.logger = self._logger()
     self.requiredvars = {
         'actionrules': {
             'default': '/etc/fuglu/actionrules.regex',
             'description': 'Rules file',
         }
     }
     self.filter = None
示例#28
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     FuzorMixin.__init__(self)
     self.logger = self._logger()
     self.requiredvars.update({
         'headername': {
             'default': 'X-FuZor',
             'description': 'header name',
         },
     })
示例#29
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.requiredvars = {
         'regex': {
             'default': '',
             'description': "regex to match",
         },
     }
     self.regex = None
     self.logger = self._logger()
示例#30
0
文件: icap.py 项目: sporkman/fuglu
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            'host': {
                'default': 'localhost',
                'description': 'hostname where the ICAP server runs',
            },

            'port': {
                'default': '1344',
                'description': "tcp port or path to unix socket",
            },

            'timeout': {
                'default': '10',
                'description': 'socket timeout',
            },

            'maxsize': {
                'default': '22000000',
                'description': "maximum message size, larger messages will not be scanned. ",
            },

            'retries': {
                'default': '3',
                'description': 'how often should fuglu retry the connection before giving up',
            },

            'virusaction': {
                'default': 'DEFAULTVIRUSACTION',
                'description': "action if infection is detected (DUNNO, REJECT, DELETE)",
            },

            'problemaction': {
                'default': 'DEFER',
                'description': "action if there is a problem (DUNNO, DEFER)",
            },

            'rejectmessage': {
                'default': 'threat detected: ${virusname}',
                'description': "reject message template if running in pre-queue mode and virusaction=REJECT",
            },

            'service': {
                'default': 'AVSCAN',
                'description': 'ICAP Av scan service, usually AVSCAN (sophos, symantec)',
            },

            'enginename': {
                'default': 'icap-generic',
                'description': "name of the virus engine behind the icap service. used to inform other plugins. can be anything like 'sophos', 'symantec', ...",
            },
        }
        self.logger = self._logger()
示例#31
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.requiredvars = {
         'dummy': {
             'default': 'bla',
             'description': 'blabla',
         },
         'dummy2': {
             'description': 'this var has to be defined',
         },
     }
示例#32
0
文件: vacation.py 项目: Caomhin/fuglu
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            "dbconnectstring": {
                "default": "",
                "description": "sqlalchemy connectstring to load vacations",
                "confidential": True,
            }
        }

        self.logger = self._logger()
        self.cache = None
示例#33
0
 def __init__(self,config,section=None):
     ScannerPlugin.__init__(self,config,section)
     self.requiredvars={             
         'dbconnectstring':{
             'default':'....todo',
             'description':'sqlalchemy connectstring to store the greylist',
             'confidential':True,
         },
     }
     
     self.logger=self._logger()
     self.cache=None
示例#34
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)

        self.requiredvars = {
            'host': {
                'default': 'localhost',
                'description': 'hostname where fpscand runs',
            },
            'port': {
                'default': '10200',
                'description': "fpscand port",
            },
            'timeout': {
                'default': '30',
                'description': "network timeout",
            },
            'networkmode': {
                'default':
                '0',
                'description':
                "if fpscand runs on a different host than fuglu, set this to 1 to send the message over the network instead of just the filename",
            },
            'scanoptions': {
                'default':
                '',
                'description':
                'additional scan options  (see `man fpscand` -> SCANNING OPTIONS for possible values)',
            },
            'maxsize': {
                'default': '10485000',
                'description': "maximum message size to scan",
            },
            'retries': {
                'default': '3',
                'description': "maximum retries on failed connections",
            },
            'virusaction': {
                'default': 'DEFAULTVIRUSACTION',
                'description': "plugin action if threat is detected",
            },
            'problemaction': {
                'default': 'DEFER',
                'description': "plugin action if scan fails",
            },
            'rejectmessage': {
                'default':
                'threat detected: ${virusname}',
                'description':
                "reject message template if running in pre-queue mode and virusaction=REJECT",
            },
        }

        self.pattern = re.compile('^(\d)+ <(.+)> (.+)$')
示例#35
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            'dbconnectstring': {
                'default': '',
                'description': 'sqlalchemy connectstring to load vacations',
                'confidential': True,
            },
        }

        self.logger = self._logger()
        self.cache = None
示例#36
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            'dbconnectstring': {
                'default': '',
                'description': 'sqlalchemy connectstring to load vacations',
                'confidential': True,
            },
        }

        self.logger = self._logger()
        self.cache = None
示例#37
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.logger = logging.getLogger('fuglu.plugin.DomainAction')

        self.requiredvars = {
            'blockedaddheader': {
                'default':
                '0',
                'description':
                'if set to non zero value a header will be added for blocked files and the message will be accepted\n1:\tonly filename appended as header\n2:\tfilename and details will be added as header\nany other string value will be added as-it-is to header',
            }
        }
示例#38
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            'dbconnectstring': {
                'default': '....todo',
                'description':
                'sqlalchemy connectstring to store the greylist',
                'confidential': True,
            },
        }

        self.logger = self._logger()
        self.cache = None
示例#39
0
 def __init__(self,config,section=None):
     ScannerPlugin.__init__(self,config,section)
     
     self.requiredvars={
         'imapcopyrules':{
             'default':'/etc/fuglu/imapcopy.regex',
             'description':'IMAP copy suspectFilter File',
         },
         'storeoriginal':{
             'default':'1',
             'description':"if true/1/yes: store original message\nif false/0/no: store message probably altered by previous plugins, eg with spamassassin headers",
         }
     }
     self.filter=None
     self.logger=self._logger()
示例#40
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            'host': {
                'default': 'localhost',
                'description': 'hostname where clamd runs',
            },

            'port': {
                'default': '3310',
                'description': "tcp port number or path to clamd.sock for unix domain sockets\nexample /var/lib/clamav/clamd.sock or on ubuntu: /var/run/clamav/clamd.ctl ",
            },

            'timeout': {
                'default': '30',
                'description': 'socket timeout',
            },

            'pipelining': {
                'default': '0',
                'description': "*EXPERIMENTAL*: Perform multiple scans over the same connection. May improve performance on busy systems.",
            },

            'maxsize': {
                'default': '22000000',
                'description': "maximum message size, larger messages will not be scanned.  \nshould match the 'StreamMaxLength' config option in clamd.conf ",
            },
            'retries': {
                'default': '3',
                'description': 'how often should fuglu retry the connection before giving up',
            },

            'virusaction': {
                'default': 'DEFAULTVIRUSACTION',
                'description': "action if infection is detected (DUNNO, REJECT, DELETE)",
            },

            'problemaction': {
                'default': 'DEFER',
                'description': "action if there is a problem (DUNNO, DEFER)",
            },

            'rejectmessage': {
                'default': 'threat detected: ${virusname}',
                'description': "reject message template if running in pre-queue mode and virusaction=REJECT",
            },
        }
        self.logger = self._logger()
示例#41
0
文件: fprot.py 项目: Caomhin/fuglu
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)

        self.requiredvars = {
            'host': {
                'default': 'localhost',
                'description': 'hostname where fpscand runs',
            },
            'port': {
                'default': '10200',
                'description': "fpscand port",
            },
            'timeout': {
                'default': '30',
                'description': "network timeout",
            },
            'networkmode': {
                'default': '0',
                'description': "if fpscand runs on a different host than fuglu, set this to 1 to send the message over the network instead of just the filename",
            },
            'scanoptions': {
                'default': '',
                'description': 'additional scan options  (see `man fpscand` -> SCANNING OPTIONS for possible values)',
            },
            'maxsize': {
                'default': '10485000',
                'description': "maximum message size to scan",
            },
            'retries': {
                'default': '3',
                'description': "maximum retries on failed connections",
            },
            'virusaction': {
                'default': 'DEFAULTVIRUSACTION',
                'description': "plugin action if threat is detected",
            },
            'problemaction': {
                'default': 'DEFER',
                'description': "plugin action if scan fails",
            },

            'rejectmessage': {
                'default': 'threat detected: ${virusname}',
                'description': "reject message template if running in pre-queue mode and virusaction=REJECT",
            },
        }

        self.pattern = re.compile('^(\d)+ <(.+)> (.+)$')
示例#42
0
文件: clamav.py 项目: gryphius/fuglu
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            'host': {
                'default': 'localhost',
                'description': 'hostname where clamd runs',
            },

            'port': {
                'default': '3310',
                'description': "tcp port number or path to clamd.sock for unix domain sockets\nexample /var/lib/clamav/clamd.sock or on ubuntu: /var/run/clamav/clamd.ctl ",
            },

            'timeout': {
                'default': '30',
                'description': 'socket timeout',
            },

            'pipelining': {
                'default': '0',
                'description': "*EXPERIMENTAL*: Perform multiple scans over the same connection. May improve performance on busy systems.",
            },

            'maxsize': {
                'default': '22000000',
                'description': "maximum message size, larger messages will not be scanned.  \nshould match the 'StreamMaxLength' config option in clamd.conf ",
            },
            'retries': {
                'default': '3',
                'description': 'how often should fuglu retry the connection before giving up',
            },

            'virusaction': {
                'default': 'DEFAULTVIRUSACTION',
                'description': "action if infection is detected (DUNNO, REJECT, DELETE)",
            },

            'problemaction': {
                'default': 'DEFER',
                'description': "action if there is a problem (DUNNO, DEFER)",
            },

            'rejectmessage': {
                'default': 'threat detected: ${virusname}',
                'description': "reject message template if running in pre-queue mode and virusaction=REJECT",
            },
        }
        self.logger = self._logger()
示例#43
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.logger = self._logger()
     self.skiplist = FileList(filename=None,
                              strip=True,
                              skip_empty=True,
                              skip_comments=True,
                              lowercase=True)
     self.requiredvars = {
         'skiplist': {
             'default':
             '',
             'description':
             'File containing a list of domains (one per line) which are not checked'
         },
     }
示例#44
0
    def __init__(self, section=None):
        ScannerPlugin.__init__(self, section)
        self.logger = self._logger()

        self.requiredvars = {
            'dbconnection': {
                'default':
                "mysql://root@localhost/spfcheck?charset=utf8",
                'description':
                'SQLAlchemy Connection string. Leave empty to rewrite all senders',
            },
            'domain_sql_query': {
                'default':
                "SELECT use_srs from domain where domain_name=:domain",
                'description':
                'get from sql database :domain will be replaced with the actual domain name. must return field use_srs',
            },
            'forward_domain': {
                'default': 'example.com',
                'description': 'the new envelope sender domain',
            },
            'secret': {
                'default':
                '',
                'description':
                'cryptographic secret. set the same random value on all your machines',
            },
            'maxage': {
                'default': '8',
                'description': 'maximum lifetime of bounces',
            },
            'hashlength': {
                'default': '8',
                'description': 'size of auth code',
            },
            'separator': {
                'default': '=',
                'description': 'SRS token separator',
            },
            'rewrite_header_to': {
                'default':
                'True',
                'description':
                'set True to rewrite address in To: header in bounce messages (reverse/decrypt mode)',
            },
        }
示例#45
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)

        self.requiredvars = {
            'archiverules': {
                'default': '/etc/fuglu/archive.regex',
                'description': 'Archiving SuspectFilter File',
            },
            'archivedir': {
                'default': '/tmp',
                'description': 'storage for archived messages',
            },
            'subdirtemplate': {
                'default': '${to_domain}',
                'description': 'subdirectory within archivedir',
            },
            'filenametemplate': {
                'default': '${id}.eml',
                'description': 'filename template for the archived messages',
            },
            'storeoriginal': {
                'default':
                '1',
                'description':
                "if true/1/yes: store original message\nif false/0/no: store message probably altered by previous plugins, eg with spamassassin headers",
            },
            'chown': {
                'default':
                '',
                'description':
                "change owner of saved messages (username or numeric id) - this only works if fuglu is running as root (which is NOT recommended)",
            },
            'chgrp': {
                'default':
                '',
                'description':
                "change group of saved messages (groupname or numeric id) - the user running fuglu must be a member of the target group for this to work",
            },
            'chmod': {
                'default': '',
                'description': "set file permissions of saved messages",
            },
        }

        self.filter = None
        self.logger = self._logger()
示例#46
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)

        self.requiredvars = {
            'imapcopyrules': {
                'default': '/etc/fuglu/imapcopy.regex',
                'description': 'IMAP copy suspectFilter File',
            },
            'storeoriginal': {
                'default':
                '1',
                'description':
                "if true/1/yes: store original message\nif false/0/no: store message probably altered by previous plugins, eg with spamassassin headers",
            }
        }
        self.filter = None
        self.logger = self._logger()
示例#47
0
文件: sssp.py 项目: sporkman/fuglu
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.requiredvars = {
         'host': {
             'default': 'localhost',
             'description': 'hostname where the SSSP server runs',
         },
         'port': {
             'default': '4010',
             'description': "tcp port or path to unix socket",
         },
         'timeout': {
             'default': '30',
             'description': 'socket timeout',
         },
         'maxsize': {
             'default':
             '22000000',
             'description':
             "maximum message size, larger messages will not be scanned. ",
         },
         'retries': {
             'default':
             '3',
             'description':
             'how often should fuglu retry the connection before giving up',
         },
         'virusaction': {
             'default':
             'DEFAULTVIRUSACTION',
             'description':
             "action if infection is detected (DUNNO, REJECT, DELETE)",
         },
         'problemaction': {
             'default': 'DEFER',
             'description': "action if there is a problem (DUNNO, DEFER)",
         },
         'rejectmessage': {
             'default':
             'threat detected: ${virusname}',
             'description':
             "reject message template if running in pre-queue mode and virusaction=REJECT",
         },
     }
     self.logger = self._logger()
示例#48
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.logger = logging.getLogger('fuglu.plugin.DomainAction')

        self.requiredvars = {
            'addheaderinfected': {
                'default':
                '0',
                'description':
                'if set to non zero value a header will be added for infected files\n1:\tonly virusname appended as header\n2:\tvirusname and details will be added as header\nany other string value will be added as-it-is to header',
            },
            'addheaderclean': {
                'default':
                '0',
                'description':
                'add header if message is clean\nany string value will be used as-it-is',
            }
        }
示例#49
0
 def __init__(self,config,section=None):
     ScannerPlugin.__init__(self,config,section)
     self.requiredvars={
         'template_blockedfile':{
             'default':'/etc/fuglu/templates/blockedfile.tmpl',
             'description':'Mail template for the bounce to inform sender about blocked attachment',
         },
         
         'sendbounce':{
             'default':'1',
             'description':'inform the sender about blocked attachments',
         },
                      
         'rulesdir':{
             'default':'/etc/fuglu/rules',
             'description':'directory that contains attachment rules',
         },
                        
         'blockaction':{
             'default':'DELETE',
             'description':'what should the plugin do when a blocked attachment is detected\nREJECT : reject the message (recommended in pre-queue mode)\nDELETE : discard messages\nDUNNO  : mark as blocked but continue anyway (eg. if you have a later quarantine plugin)',
         },
                        
         'dbconnectstring':{
             'default':'',
             'description':'sqlalchemy connectstring to load rules from a database and use files only as fallback. requires SQL extension to be enabled',
             'confidential':True,
         },
                        
         'query':{
             'default':'SELECT action,regex,description FROM attachmentrules WHERE scope=:scope AND checktype=:checktype ORDER BY prio',
             'description':"sql query to load rules from a db. #:scope will be replaced by the recipient address first, then by the recipient domain\n:check will be replaced by either 'filename' to get filename rules or 'contenttype' to get content type rules",
         },       
     }
     
     self.logger=self._logger()
     if MAGIC_AVAILABLE:
         if MAGIC_AVAILABLE==MAGIC_PYTHON_FILE:
             self.ms = magic.open(magic.MAGIC_MIME)
             self.ms.load()
     else:
         self.logger.warning('python-magic not available')
     self.rulescache=None
     self.extremeverbosity=False
示例#50
0
文件: sssp.py 项目: Caomhin/fuglu
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            'host': {
                'default': 'localhost',
                'description': 'hostname where the SSSP server runs',
            },

            'port': {
                'default': '4010',
                'description': "tcp port or path to unix socket",
            },

            'timeout': {
                'default': '30',
                'description': 'socket timeout',
            },

            'maxsize': {
                'default': '22000000',
                'description': "maximum message size, larger messages will not be scanned. ",
            },

            'retries': {
                'default': '3',
                'description': 'how often should fuglu retry the connection before giving up',
            },

            'virusaction': {
                'default': 'DEFAULTVIRUSACTION',
                'description': "action if infection is detected (DUNNO, REJECT, DELETE)",
            },

            'problemaction': {
                'default': 'DEFER',
                'description': "action if there is a problem (DUNNO, DEFER)",
            },

            'rejectmessage': {
                'default': 'threat detected: ${virusname}',
                'description': "reject message template if running in pre-queue mode and virusaction=REJECT",
            },
        }
        self.logger = self._logger()
示例#51
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)
        self.requiredvars = {
            'domainsfile': {
                'description': "File containing a list of domains (one per line) which must be DKIM and/or SPF authenticated",
                'default': "/etc/fuglu/auth_required_domains.txt",
            },
            'failaction': {
                'default': 'DUNNO',
                'description': "action if the message doesn't pass authentication (DUNNO, REJECT)",
            },

            'rejectmessage': {
                'default': 'sender domain ${header_from_domain} must pass DKIM and/or SPF authentication',
                'description': "reject message template if running in pre-queue mode",
            },
        }
        self.logger = self._logger()
        self.filelist=FileList(filename=None,strip=True, skip_empty=True, skip_comments=True,lowercase=True)
示例#52
0
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)

        self.requiredvars = {
            'archiverules': {
                'default': '/etc/fuglu/archive.regex',
                'description': 'Archiving SuspectFilter File',
            },

            'archivedir': {
                'default': '/tmp',
                'description': 'storage for archived messages',
            },
            'subdirtemplate': {
                'default': '${to_domain}',
                'description': 'subdirectory within archivedir',
            },
            'filenametemplate': {
                'default': '${id}.eml',
                'description': 'filename template for the archived messages',
            },
            'storeoriginal': {
                'default': '1',
                'description': "if true/1/yes: store original message\nif false/0/no: store message probably altered by previous plugins, eg with spamassassin headers",
            },
            'chown': {
                'default': '',
                'description': "change owner of saved messages (username or numeric id) - this only works if fuglu is running as root (which is NOT recommended)",
            },
            'chgrp': {
                'default': '',
                'description': "change group of saved messages (groupname or numeric id) - the user running fuglu must be a member of the target group for this to work",
            },
            'chmod': {
                'default': '',
                'description': "set file permissions of saved messages",
            },

        }

        self.filter = None
        self.logger = self._logger()
 def __init__(self,config,section=None):
     ScannerPlugin.__init__(self,config,section)
     
     self.requiredvars={
         'filterfile':{
             'default':'/etc/fuglu/headerwriter.regex',
             'description':'Suspectfilter File',
         },
                        
         'outputfile':{
             'default':'',
             'description':'Output File',
         },
                        
         'defaultlinetemplate':{
              'default':'${fieldname}: ${matchedvalue}',
             'description':'Default line output template if nothing is specified in filter config',                  
         }
         
     }
     self.filter=None
示例#54
0
文件: drweb.py 项目: Caomhin/fuglu
    def __init__(self, config, section=None):
        ScannerPlugin.__init__(self, config, section)

        self.requiredvars = {
            'host': {
                'default': 'localhost',
                'description': 'hostname where fpscand runs',
            },
            'port': {
                'default': '3000',
                'description': "DrWeb daemon port",
            },
            'timeout': {
                'default': '30',
                'description': "network timeout",
            },
            'maxsize': {
                'default': '22000000',
                'description': "maximum message size to scan",
            },
            'retries': {
                'default': '3',
                'description': "maximum retries on failed connections",
            },
            'virusaction': {
                'default': 'DEFAULTVIRUSACTION',
                'description': "plugin action if threat is detected",
            },
            'problemaction': {
                'default': 'DEFER',
                'description': "plugin action if scan fails",
            },

            'rejectmessage': {
                'default': 'threat detected: ${virusname}',
                'description': "reject message template if running in pre-queue mode and virusaction=REJECT",
            },
        }
        self.logger = self._logger()
        self.pattern = re.compile(r'(?:DATA\[\d+\])(.+) infected with (.+)$')
示例#55
0
    def __init__(self, section=None):
        ScannerPlugin.__init__(self, section)
        self.logger = self._logger()
        self.filelist = FileList(strip=True, skip_empty=True, skip_comments=True, lowercase=True,
                                 additional_filters=None, minimum_time_between_reloads=30)

        self.requiredvars = {
            'domainsfile': {
                'default': '/etc/fuglu/spearphish-domains',
                'description': 'Filename where we load spearphish domains from. One domain per line. If this setting is empty, the check will be applied to all domains.',
            },
            'virusenginename': {
                'default': 'Fuglu SpearPhishing Protection',
                'description': 'Name of this plugins av engine',
            },
            'virusname': {
                'default': 'TRAIT.SPEARPHISH',
                'description': 'Name to use as virus signature',
            },
            'virusaction': {
                'default': 'DEFAULTVIRUSACTION',
                'description': "action if spear phishing attempt is detected (DUNNO, REJECT, DELETE)",
            },
            'rejectmessage': {
                'default': 'threat detected: ${virusname}',
                'description': "reject message template if running in pre-queue mode and virusaction=REJECT",
            },
            'dbconnection':{
                'default':"mysql://root@localhost/spfcheck?charset=utf8",
                'description':'SQLAlchemy Connection string. Leave empty to disable SQL lookups',
            },
            'domain_sql_query':{
                'default':"SELECT check_spearphish from domain where domain_name=:domain",
                'description':'get from sql database :domain will be replaced with the actual domain name. must return boolean field check_spearphish',
            },
            'check_display_part': {
                'default': 'False',
                'description': "set to True to also check display part of From header (else email part only)",
            },
        }
示例#56
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.requiredvars = {
         "host": {"default": "localhost", "description": "hostname where the SSSP server runs"},
         "port": {"default": "4010", "description": "tcp port or path to unix socket"},
         "timeout": {"default": "30", "description": "socket timeout"},
         "maxsize": {
             "default": "22000000",
             "description": "maximum message size, larger messages will not be scanned. ",
         },
         "retries": {"default": "3", "description": "how often should fuglu retry the connection before giving up"},
         "virusaction": {
             "default": "DEFAULTVIRUSACTION",
             "description": "action if infection is detected (DUNNO, REJECT, DELETE)",
         },
         "problemaction": {"default": "DEFER", "description": "action if there is a problem (DUNNO, DEFER)"},
         "rejectmessage": {
             "default": "threat detected: ${virusname}",
             "description": "reject message template if running in pre-queue mode and virusaction=REJECT",
         },
     }
     self.logger = self._logger()
示例#57
0
 def __init__(self,config,section=None):
     ScannerPlugin.__init__(self,config,section)
     self.extractor=None
     
     self.logger=logging.getLogger('fuglu.plugin.URIExtract')
             
     self.requiredvars={       
         'domainskiplist':{
             'default':'/etc/fuglu/extract-skip-domains.txt',
             'description':'Domain skip list',
         },
             
         'maxsize':{
             'default':'10485000',
             'description':'Maximum size of processed mails. Larger mail will be skipped.',
         },
         'loguris':{
             'default':'no',
             'description':'print extracted uris in fuglu log',
         }
         
     }
示例#58
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.requiredvars = {
         'redis': {
             'default': 'localhost:6379:0',
             'description': 'redis config: host:port:db',
         },
         'ttl': {
             'default': '604800',
             'description': 'hash ttl in seconds',
         },
         'maxsize': {
             'default': '600000',
             'description':
                 'maxsize in bytes, larger messages will be skipped'
         },
         'timeout': {
             'default': '2',
             'description': 'timeout in seconds'
         },
     }
     self.backend = None
     self.logger = self._logger()
示例#59
0
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.logger=self._logger()
     self.requiredvars = {
         'identifier': {
             'default': 'CommandlineAV',
             'description': 'identifier used in the virus tag',
         },
         'exectemplate': {
             'default': '',
             'description': 'full path to the scan executable and arguments. ${suspectpath} will be replaced with the message file',
         },
         'timeout': {
             'default': '10',
             'description': "process timeout",
         },
         'viruspattern': {
             'default': '',
             'description': 'regular expression for infected messages. use virusname and filename groups',
         },
         'maxsize': {
             'default': '10485000',
             'description': "maximum message size to scan",
         },
         'virusaction': {
             'default': 'DEFAULTVIRUSACTION',
             'description': "plugin action if threat is detected",
         },
         'problemaction': {
             'default': 'DEFER',
             'description': "plugin action if scan fails",
         },
         'rejectmessage': {
             'default': 'threat detected: ${virusname}',
             'description': "reject message template if running in pre-queue mode and virusaction=REJECT",
         },
     }
示例#60
0
文件: killer.py 项目: sporkman/fuglu
 def __init__(self, config, section=None):
     ScannerPlugin.__init__(self, config, section)
     self.logger = self._logger()