HOME LINKS SAL PUBLIC SOFTWARE SEARCH MADE UP

SAGATOR


Documentation (for latest development release)

README file

Scanners.txt - scanner documentation
SCANNERSHORT DESCRIPTIONNEW IN
add_headerAdd email headers.
add_listedAdd one record into SQL list for a policy.0.8.0
alternativesAlternative scanners.
b2fAn alias for buffer2file() interscanner.
buffer2fileBuffer to file converter.
buffer2mboxAn alias for buffer2file(...,1) interscanner.
cacheCache return value of a scanner.0.7.0
check_levelSelect scanner based on tested scanner return status.0.9.0
custom_actionInterscanner to set custom action.0.9.0
decompressScanner used to decompress archives (zip,rar,arj,zoo,tar,...).
deliverA scanner to force sending some viruses/spams to original recipients.
deliver_toInterscanner to send emails to admins.
dropInterscanner to drop viruses/spams. By default they are rejected.
f2bAn alias for file2buffer() interscanner.
file2bufferFile to buffer converter.
interscannerDefault scanner used for building all other interscanners.
logAdvanced logger interscanner.
log_cleanupClean old records from SQL log database table.1.1.0
log_sqlSQL interscanner for python DB-API 2.0 compatible DB modules.0.7.0
log_syslogSyslog logger interscanner to log via syslog.
match_allReturns a virus only if all scanners returns a virus.
match_anyMatch for any sub-scanner is required.
modify_headerModify email headers.
modify_subjectModify email Subject.
nothingThis scanner does nothing. :-)
parsemailEmail parser interscanner.
quarantineQuarantine into a directory.
recoverRecover from an error.
regexp_findRecipient email address to index scanner, operating with regexp.0.9.0
renameInterscanner to rewrite virus name returned by an scanner.
reportReport any message to admin, user or anybody.
report_recipientsReport any message to email recipients.
retryRetry scanner more times.
sql_findRecipient email address to index scanner, operating on SQL database.0.9.0
statusThis interscanner can be used to collect some other statistics.
time_limitInterscanner to limit scanner execution time.0.7.0
ascannerDefault scanner user for building all other realscanners.
attach_nameAttachment name scanner.
avgdAVG daemon realscanner.
bdcBitdefender realscanner.
clamdClamAV daemon realscanner for clamav-1.0 or higher.
clamd0ClamAV daemon realscanner for clamav-0.103 or older.
clamscanClamAV command line realscanner.
cmdA realscanner used to scan over command line programs.
cmd_bdcThis scanner uses bdc command from BitDefender antivirus.
cmd_clamavThis scanner uses clamscan command from clamav project.
cmd_drwebThis scanner uses drweb command from DRWEB antivirus.
cmd_fprotThis scanner uses f-prot command from FRISK F-Prot antivirus.
cmd_kavscannerThis scanner uses kavscanner command from KasperskyLab kavscanner.
cmd_mksThis scanner uses mks antivirus.
cmd_trendmicroThis scanner uses trendmicro command from Trend Micro FileScanner.
cmd_uvscanThis scanner uses uvscan command from McAfee AntiVirus.
cmd_vbusterThis scanner uses vbuster command from VirusBuster.
constRealscanner to return a constant value (virus or clean).
dspamThis realscanner uses dspam library.
dspam_classifyRealscanner to classify emails for DSPAM.
esetspacESETs scanner over it's preload library module.1.1.1
file_magicFile magic test (like "file -i command").
file_typeRealscanner, which scans type of a file.
filesysScanner which uses filesystem scanners.0.7.0
kavKaspersky Antivirus realscanner.
kavclientKaspersky antivirus client realscanner.
libclamClamAV realscanner - uses libclamavmodule python library.
max_file_sizeRealscanner to test email's size.
nod2NOD2 scanner. Works with nod32lfs.
nod2pacNOD32lfs scanner over it's preload library module.0.8.0
regexp_scanPrimitive regexp pattern scanner.
remove_headersRemove email headers.
sanitizeSanitize (rename attachment filenames) an email.
savseSymantec antivirus scan engine scanner.
scancScanner daemon client.0.8.0
sender_regexpSender IP address regexp scanner.
smtp_commPrimitive regexp pattern scanner for SMTP communication.
sophieSophie realscanner.
string_scanPrimitive string pattern scanner.
trophieTrophie realscanner.
usrquotaCheck user quota for an recipient.
bogofilterBogoFilter scanner.
filterFilter a message through a command.
qsfQuick Spam Filter scanner.
spamassassindSpamAssassin daemon scanner.
auto_whitelistWhitelist IP addresses after sending some emails properly.0.8.0
dns_checkIP to domain (and back) resolving checker.0.8.0
elistedSQL blacklist for a policy. Enhanced version.1.1.1
geoip2_countryGeoIP2 country match (using mmdb files).2.0.0
geoip_countryGeoIP country match.1.3.1
greylistA greylist policy scanner.0.8.0
list_cleanupCleanup obsolete records from an SQL list.0.8.0
listedSQL blacklist for a policy.0.8.0
not_listedSQL whitelist for a policy.0.8.0
policy_quota_auth_limitA policy quota for authorized users.1.3.0
policy_quota_cleanupClean old records from SQL policy database table.1.3.0
rbl_checkRBL (Real-time Blackhole list) checker.1.1.0
set_actionAn interscanner to return a status to set an action to return.0.8.0
spf_checkSPF (Sender Permitted From) checker.0.8.0

Services.txt - service documentation
SERVICESHORT DESCRIPTIONNEW IN
chroot_execvpExecute an external command (or start an daemon).0.7.0
chroot_execvpeExecute an external command (or start an daemon) and update variables.0.7.0
collectorStatistics collector service.
fusefsFuse filesystem with antivirus checking.0.8.0
http_proxyHTTP proxy service (experimental).
lmtpdLMTP daemon service.0.7.0
milterMilter support service.
recipient_policyVirtual recipient policy.0.8.0
reporterReporter virtual service.
rlimitResource limit virtual service.
scandScanner daemon with a preload library ability.0.8.0
sgfilterdA service to filter data sent by sgfilter command.0.7.0
smtpdSMTP daemon service.
smtpd_policySMTP policy service.0.8.0
webq_jinjaWeb service for sagator's quaratine access.1.3.0

Databases.txt - database connections for SAGATOR
DATABASESHORT DESCRIPTIONNEW IN
MySQLdbMySQL database connection.
pgPostgreSQL support via pg python module.
pgdbPostgreSQL support via pgdb python module (psycopg).
psycopgPostgreSQL support via psycopg python module.
pymysqlMySQL database connection.
sqliteSQLite database conenction.

Manual pages: FAQ
ChangeLog (for development release)
Slides (only in Slovak language)
Articles by David Zejda from root.cz (Czech language): Tecmint article by Gabriel Cánepa: Examples:
Documentation for developers: