HOME LINKS SAL PUBLIC SOFTWARE SEARCH MADE UP

SAGATOR


Documentation (for latest development release)

README file
Scanners.txt - scanner documentation
SCANNER:SHORT DESCRIPTION:
add_header Add email headers.
add_listed Add one record into SQL list for a policy. [new in 0.8.0]
alternatives Alternative scanners.
b2f An alias for buffer2file() interscanner.
buffer2file Buffer to file converter.
buffer2mbox An alias for buffer2file(...,1) interscanner.
cache Cache return value of a scanner. [new in 0.7.0]
check_level Select scanner based on tested scanner return status. [new in 0.9.0]
custom_action Interscanner to set custom action. [new in 0.9.0]
decompress Scanner used to decompress archives (zip,rar,arj,zoo,tar,...).
deliver A scanner to force sending some viruses/spams to original recipients.
deliver_to Interscanner to send emails to admins.
drop Interscanner to drop viruses/spams. By default they are rejected.
f2b An alias for file2buffer() interscanner.
file2buffer File to buffer converter.
interscanner Default scanner used for building all other interscanners.
log Advanced logger interscanner.
log_cleanup Clean old records from SQL log database table. [new in 1.1.0]
log_sql SQL interscanner for python DB-API 2.0 compatible DB modules. [new in 0.7.0]
log_syslog Syslog logger interscanner to log via syslog.
match_all Returns a virus only if all scanners returns a virus.
match_any Match for any sub-scanner is required.
modify_header Modify email headers.
modify_subject Modify email Subject.
nothing This scanner does nothing. :-)
parsemail Email parser interscanner.
quarantine Quarantine into a directory.
recover Recover from an error.
regexp_find Recipient email address to index scanner, operating with regexp. [new in 0.9.0]
rename Interscanner to rewrite virus name returned by an scanner.
report Report any message to admin, user or anybody.
report_recipients Report any message to email recipients.
retry Retry scanner more times.
sql_find Recipient email address to index scanner, operating on SQL database. [new in 0.9.0]
status This interscanner can be used to collect some other statistics.
time_limit Interscanner to limit scanner execution time. [new in 0.7.0]
ascanner Default scanner user for building all other realscanners.
attach_name Attachment name scanner.
avgd AVG daemon realscanner.
bdc Bitdefender realscanner.
clamd ClamAV daemon realscanner for clamav-1.0 or higher.
clamd0 ClamAV daemon realscanner for clamav-0.103 or older.
clamscan ClamAV command line realscanner.
cmd A realscanner used to scan over command line programs.
cmd_bdc This scanner uses bdc command from BitDefender antivirus.
cmd_clamav This scanner uses clamscan command from clamav project.
cmd_drweb This scanner uses drweb command from DRWEB antivirus.
cmd_fprot This scanner uses f-prot command from FRISK F-Prot antivirus.
cmd_kavscanner This scanner uses kavscanner command from KasperskyLab kavscanner.
cmd_mks This scanner uses mks antivirus.
cmd_trendmicro This scanner uses trendmicro command from Trend Micro FileScanner.
cmd_uvscan This scanner uses uvscan command from McAfee AntiVirus.
cmd_vbuster This scanner uses vbuster command from VirusBuster.
const Realscanner to return a constant value (virus or clean).
dspam This realscanner uses dspam library.
dspam_classify Realscanner to classify emails for DSPAM.
esetspac ESETs scanner over it's preload library module. [new in 1.1.1]
file_magic File magic test (like "file -i command").
file_type Realscanner, which scans type of a file.
filesys Scanner which uses filesystem scanners. [new in 0.7.0]
kav Kaspersky Antivirus realscanner.
kavclient Kaspersky antivirus client realscanner.
libclam ClamAV realscanner - uses libclamavmodule python library.
max_file_size Realscanner to test email's size.
nod2 NOD2 scanner. Works with nod32lfs.
nod2pac NOD32lfs scanner over it's preload library module. [new in 0.8.0]
regexp_scan Primitive regexp pattern scanner.
remove_headers Remove email headers.
sanitize Sanitize (rename attachment filenames) an email.
savse Symantec antivirus scan engine scanner.
scanc Scanner daemon client. [new in 0.8.0]
sender_regexp Sender IP address regexp scanner.
smtp_comm Primitive regexp pattern scanner for SMTP communication.
sophie Sophie realscanner.
string_scan Primitive string pattern scanner.
trophie Trophie realscanner.
usrquota Check user quota for an recipient.
bogofilter BogoFilter scanner.
filter Filter a message through a command.
qsf Quick Spam Filter scanner.
spamassassind SpamAssassin daemon scanner.
auto_whitelist Whitelist IP addresses after sending some emails properly. [new in 0.8.0]
dns_check IP to domain (and back) resolving checker. [new in 0.8.0]
elisted SQL blacklist for a policy. Enhanced version. [new in 1.1.1]
geoip2_country GeoIP2 country match (using mmdb files). [new in 2.0.0]
geoip_country GeoIP country match. [new in 1.3.1]
greylist A greylist policy scanner. [new in 0.8.0]
list_cleanup Cleanup obsolete records from an SQL list. [new in 0.8.0]
listed SQL blacklist for a policy. [new in 0.8.0]
not_listed SQL whitelist for a policy. [new in 0.8.0]
policy_quota_auth_limit A policy quota for authorized users. [new in 1.3.0]
policy_quota_cleanup Clean old records from SQL policy database table. [new in 1.3.0]
rbl_check RBL (Real-time Blackhole list) checker. [new in 1.1.0]
set_action An interscanner to return a status to set an action to return. [new in 0.8.0]
spf_check SPF (Sender Permitted From) checker. [new in 0.8.0]
Services.txt - service documentation
NAME:SHORT DESCRIPTION:
chroot_execvp Execute an external command (or start an daemon). [new in 0.7.0]
chroot_execvpe Execute an external command (or start an daemon) and update variables. [new in 0.7.0]
collector Statistics collector service.
fusefs Fuse filesystem with antivirus checking. [new in 0.8.0]
http_proxy HTTP proxy service (experimental).
lmtpd LMTP daemon service. [new in 0.7.0]
milter Milter support service.
recipient_policy Virtual recipient policy. [new in 0.8.0]
reporter Reporter virtual service.
rlimit Resource limit virtual service.
scand Scanner daemon with a preload library ability. [new in 0.8.0]
sgfilterd A service to filter data sent by sgfilter command. [new in 0.7.0]
smtpd SMTP daemon service.
smtpd_policy SMTP policy service. [new in 0.8.0]
webq_jinja Web service for sagator's quaratine access. [new in 1.3.0]
Databases.txt - database connections for SAGATOR
NAME:SHORT DESCRIPTION:
MySQLdb MySQL database connection.
pg PostgreSQL support via pg python module.
pgdb PostgreSQL support via pgdb python module (psycopg).
psycopg PostgreSQL support via psycopg python module.
pymysql MySQL database connection.
sqlite SQLite database conenction.
Manual pages: FAQ
ChangeLog (for development release)
Slides (only in Slovak language)
Articles by David Zejda from root.cz (Czech language): Tecmint article by Gabriel Cánepa: Examples:
Documentation for developers: