HOME LINKS SAL PUBLIC SOFTWARE SEARCH MADE UP

SAGATOR


FAQ

1. Where I can found new version and how are they announced?
2. Is it possible to avoid scan mail larger than a fixed size?
3. I need to add some special headers into email's header.
4. My MRTG for email count are empty and emails are passed through sagator. Why?
5. I have installed sagator but I get this message on startup: "Importing of libclamavmodule failed!".
6. I have no access from WebSagator to quarantine files. Why?
7. Some features or fixes are found in beta or release candidate version. How I can install/upgrade them?
8. I have a question, which not found in this document. What now?
9. How I can get today's statistics from SQL logs?


Q: Where I can found new version and how are they announced?
A: New versions are downloadable from sagator's web page (all releases)
   and from sourceforge.net Files section (only source files).
   There are also repositories for Fedora distributions and for Debian.
   Look at sagator's home page for more information.

   New releases are announced in sagator-users mailing list at sourceforge
   and via Freshmeat.net.

Q: Is it possible to avoid scan mail larger than a fixed size?
A: Yes! You can use max_file_size() scanner. For example:
   SCANNERS=[
    (const(1.0)-max_file_size(BYTES)) & ANY_SCANNER1()
   ]
   Where: BYTES = whole message bytes with message header and all
                  attachments encoded in 7bit (base64,uuencode,...)
          ANY_SCANNER1() = an sagator scanner

   How it works?
   max_file_size() scanner returns a virus, if a message size exceeds defined
   byte count. const(1.0) return's always a virus.
   Then returned levels are calculated.
   If size is larger:
     1.0 - 1.0 = 0.0
   if size is smaller:
     1.0 - 0.0 = 1.0
   The "and" operator is called over this value. Scanner after "&" is called,
   when returned level is >= 1.0.

Q: I need to add some special headers into email's header.
A: You can use add_header() scanner. For example:
     SCANNERS=[
       add_header('X-New-Header', 'Headers data ...', const(0.0, 'X')),
       ...
     ]

Q: My MRTG for email count are empty and emails are passed through sagator.
   Why?
A: MRTG counts average email count every 5 minuts. If your email traffic
   is smaller than 5 emails/minute, this count is truncated to zero.
   Use rrdtool, which can count also floating point values.

Q: I have installed sagator but I get this message on startup:
   "Importing of libclamavmodule failed!".
A: You have configured libclamav() scanner and this scanner can't
   import libclamav module for python. Install sagator-libclamav package
   or recompile sagator with clamav-devel package installed.

Q: I have no access from WebSagator to quarantine files. Why?
A: By default there is no access from apache (or another web server user)
   to default quarantine directory. You can try to add apache to vscan
   group, for example with command:
     usermod -G vscan apache
   Restart apache to apply group changes.

Q: Some features or fixes are found in beta or release candidate version.
   How I can install/upgrade them?
A: All versions (unstable too) of sagator are built for all officially
   supported Fedora and Debian versions. You can download them from
   download directory, or you can setup testing repository.

   Repository for Fedora Core (all releases):
     [sagator-test]
     name=Fedora Core $releasever - $basearch - Sagator - testing
     baseurl=http://www.salstar.sk/pub/sagator/fedora/testing/$releasever/$basearch

   Repository for Debian Sarge (replace sarge by woody for woody):
     deb http://www.salstar.sk/pub/sagator/debian sarge testing
     deb-src http://www.salstar.sk/pub/sagator/debian sarge testing

Q: I have a question, which not found in this document. What now?
A: You can use sagator-users(at)lists.sourceforge.net mailinglist
   or you can contact directly to author.

Q: How I can get today's statistics from SQL logs?
A: Use for example this SQL command:
   SELECT recipient, sum(1) AS count FROM log
     WHERE datetime>current_date
     GROUP BY 1
     ORDER BY count DESC;
   Try to replace recipient by sender or ip for more reports.