## Sagator configuration example for NOD32/esets usage.
## (c) 2010 Jan ONDREJ (SAL) <ondrejj|a|salstar.sk>

# Debugging level, 0=errors only, 1=return status, init messages,
#   2=smtp server communication, 3=detailed smtp server communication,
#   4=tracebacks, 5=smtp client communication
#   Do not use debug level higher than 9!
DEBUG_LEVEL=3

# Where is new root path. For example '/var/spool/vscan'
CHROOT='/var/spool/vscan'

# Logfile (use logfile in chroot to allow rotating)
LOGFILE=CHROOT+'/var/log/sagator/sagator.log'

# User and group, under which this program runs.
USER,GROUP='vscan','vscan'

# SMTP server host and port. You must define this smtp server
# in postfix without filtering.
SMTP_SERVER=('127.0.0.1',26)

# Scanners
from scanners import *

# Define scanners
CLAMAV = libclam()

SCANNERS=[
  scanc(),
  #ESET(prefix='/tmp/scand/', logfile='/var/log/messages'),
  b2f(CLAMAV)
]

LOCAL_IPS='^(192\.168|172\.16)\.'

# Hack for esetspac, which can't load mysql libraries
if 'LD_PRELOAD' in os.environ:
  DB_ENGINE=db.sqlite()
else:
  DB_ENGINE=db.MySQLdb(host='127.0.0.1',port=3306,dbname='sagator',
                       dbuser='sagator',dbpasswd='BrqtwgyP1S')

SCANNERS_SRV=[
  log(1,log.SUMMARY_REPORT,
    log_sql(DB_ENGINE, log_sql.FORMAT,
      status("Virus",
        report(['vir-report@salstar.sk','krivosbj@central.medic.upjs.sk'],report.MSG_TMPL,
          quarantine('/tmp/quarantine/%Y%m/%d','',
            drop(drop.DEFAULT,
              buffer2mbox(CLAMAV),
              scanc(),
            )
          )
        ).ifscan(sender_regexp({'LOCAL_IP':[LOCAL_IPS]}))
      ),
      status("Spam",
        quarantine('/tmp/quarantine/%Y%m/%d','',
          drop('.', # drop all spams
            spamassassind(['localhost',783]),
          )
        )
      )
    )
  )
]

POLICY_SCANNERS=[
  status('Greylist',
    not_listed('W') &
      rbl_check(
        'bl.spamcop.net.',
        'zen.spamhaus.org.'
      ) &
        greylist(600)
  ),
  ## return "dunno" to leave postfix's other restriction to effect
  set_action('dunno')
]

CLEANUP = {
  DB_ENGINE: [
    list_cleanup(),
    auto_whitelist(),
    log_cleanup()
  ]
}

from srv import *
SRV=[
  # scanner daemon
  scand(
    esetspac(logfile='/var/log/messages'),
    # for 32bit systems
    #'/usr/lib/libesets_pac.so'
    # for 64bit systems
    '/usr/lib64/libesets_pac.so'
  ),
  # statistics collector
  collector(),
  # resource limits
  rlimit(AS=700*MB),
  ## SMTP daemon policy (can be used as postfix policy scanner)
  smtpd_policy(POLICY_SCANNERS, DB_ENGINE, '127.0.0.1', 29),
  # SMTP daemon (for posfix etc.)
  smtpd(SCANNERS_SRV,'localhost', 27, 2),
  webq_jinja('127.0.0.1', 88, DB_ENGINE, scanner=b2f(CLAMAV))
]