SAGATOR is an email antivirus/antispam gateway. It is an interface to any smtpd, which runs an antivirus and/ or spam checker.
Its modular architecture can use any combination of antivirus/spam checker according to configuration. It currently supports clamav, nod32d, AVG, sophos, TrendMicro AV, Symantec AV, spamassassin, bogofilter, and quickspamfilter.
It has some internal checkers (string_scanner and regexp_scanner). SAGATOR project can parse MIME mails and decompress archives.
Features:
- simple chroot support
- modular antivirus/spamchecker support:
- you can attach an intrascanner to another intrascanner or realscanner
- you can combine intrascanners
- you can combine realscanners
- virus/spam level based scanners
- database support:
- SQL logging
- dynamic scanner (antivirus/antispam) configuration
- daily reports for users
- web quarantine accessible for all users
- you don't need any perl modules or any other modules, only python
- you can return any quarantined mail to mailq/user mailbox
- mailbox/maildir scanning and cleaning
- nice statistics via WWW or MRTG
- easy installation and configuration
What is new in this release:
- removed support for upstream unsupported clamav
What is new in version 1.2.1:
- This is a bugfix release. This release can be compiled on clamav 0.96. Fixed a bug in webq (update required, if you use webq with users in non-view table), cracklib error string was fixed, added "Suspect" to default DROP pattern.
What is new in version 1.2.0:
- python-2.6 compatibility
- clamav-0.95rc1 compatibility
- decode_email_alt removed (obsolete in python-2.6 and not used)
- SIMPLE_SCANNERS configuration removed
- rpm dependency change: smtpdaemon to server(smtp)
- added "exit 0" to mkchroot.sh to avoid deb update problems
- reinicialization of random number generator after fork()
- log_sql.FORMAT can be easyly extended by other columns: log_sql.FORMAT.extend('subject', '%(SUBJECT)s')
- better spam/virus recognition for logwatch script
- python-kid replaced by python-genshi. At least genshi>=0.4.0 required. RPM package should update dependency automatically, for deb package please install python-genshi manually.
- rrdtool create data source type changed from COUNTER to DERIVE. Remove sagator.rrd file to apply this change.
- logwatch output shows count/bytes percentage, changed ordering
- ebuild updates
- deb package split into parts: sagator, sagator-base, sagator-webq, ...
- mkchroot.sagator from deb postinst moved to init script
- filter out 250-STARTTLS, sagator can't hadle TLS connections
- viruses removed from test/ directory and added download_viruses.sh shell script
- default parameters for avgd() changed
- remount /var/lib/clamav into chroot (do not need to copy or symlink)
- rbl_check() now using getaddrinfo instead of obsolete gethostbyname
- updated documentation for spamassassind() and check_level()
- display warning message when an obsolete clamav limit is used
- added "/etc/init.d/sagator kill" parameter to kill all sagator processes
- added CLAMAV_H and LIBDSPAM_OBJECTS_H definitions into Makefile
- proper symlinks for special datadirs
- update FascistCheck to support also latest version
- sa_user configuration option for spamassassind() scanner
- Broken pipe traceback shown for debug level 3 (temporary additional debugging)
- Greylist checks for IntegrityError
- configure_postfix scripts adds sagator service to limit number of connections
- new script log/analyzer.py to analyze log files
- separate database connection for log_sql() (significant speed improvemnt for high-load servers with more than 10000 emails/day)
- filesys() scanner ignores empty output for 5 seconds (avoids "Can't decode virname" messages)
- greylist speed improvements, see default config file for examples, how to configure greylist for high load servers
- update chroot before restart (not inside) to speed up restart process
- MySQLdb connection defaults to UTF-8 charset
- smtptest and policytest replaced by new smtptest.py
- increased max_children for ServiceTCPServer to allow more smtpd_policy instances
- do not remove permanent greylist entries (last_update==-1)
- load crypt() libraries before chroot to allow webq login
What is new in version 1.1.1:
- selinux updates
- better clamav autodetection
- deb package conflict added to automatically remove sagator-libclamav
- mkchroot update for /tmp/quarantine owner/group
- sgfilter update for exim, which sends mailbox content to procmail
- added pyformat style emulation for sqlite (fixed sqlite logging)
- now() changed to CURRENT_TIMESTAMP, works with current sqlite too
- updated XFORWARD pattern to match alternate syntax
- simulate rowcount for DB, which does not support it (sqlite)
- clamav 0.94 compatibility updates
- new rpm package sagator-core (sagator is now only to install dependencies)
- accept connection without HELO with milter()
- some changes for filetype.py to avoid problems running sagator, file_type() scanner has been maked obsolete, use file_magic() instead
- milter greylist fixes
- does not break DATA connection, break it before DATA and send QUIT when closing connection
- close all fds before fork, enable autorestart in deb scripts
- new scanner elisted()
- enhanced listed scanner
- increased timeout for spamd connection
- symlink /var/tmp -> /tmp fixed in chroot
- updates for esets-3.0
- display exact error when unable to rotate log file
- fix cyclic symlink for non-standard path when creating sagator chroot
Comments not found