Mirrors
/
rspamd
mirror of https://github.com/rspamd/rspamd.git
3
0
Fork 0
Code Releases Activity
Rapid spam filtering system https://rspamd.com/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22405 Commits
40 Branches
171 Tags
200 MiB
Tree: 64fc71440b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '64fc71440b'
${ noResults }
rspamd/conf/local.d/antivirus.conf.example

76 lines
2.2 KiB
Raw Normal View History

feat: Add MetaDefender antivirus scanner Co-authored-by: v <v@rspamd.com>
6 days ago
[Feature] Add symbol categories for MetaDefender and VirusTotal Implemented a category-based symbol system for hash lookup antivirus scanners (MetaDefender and VirusTotal) to replace dynamic scoring: - Added 4 symbol categories: CLEAN (-0.5), LOW (2.0), MEDIUM (5.0), HIGH (8.0) - Replaced full_score_engines with threshold-based categorization (low_category, medium_category) - Fixed symbol registration in antivirus.lua to use rule instead of config - Updated cache format to preserve symbol category across requests - Added backward compatibility for old cache format - Added symbols registration and metric score assignment - Updated configuration documentation with examples The new system provides: - Clear threat categorization instead of linear interpolation - Proper symbol weights applied automatically - Consistent behavior between MetaDefender and VirusTotal - Cache that preserves symbol categories Configuration example: metadefender { apikey = "KEY"; type = "metadefender"; minimum_engines = 3; low_category = 5; medium_category = 10; }
6 days ago
feat: Add MetaDefender antivirus scanner Co-authored-by: v <v@rspamd.com>
6 days ago
[Feature] Add symbol categories for MetaDefender and VirusTotal Implemented a category-based symbol system for hash lookup antivirus scanners (MetaDefender and VirusTotal) to replace dynamic scoring: - Added 4 symbol categories: CLEAN (-0.5), LOW (2.0), MEDIUM (5.0), HIGH (8.0) - Replaced full_score_engines with threshold-based categorization (low_category, medium_category) - Fixed symbol registration in antivirus.lua to use rule instead of config - Updated cache format to preserve symbol category across requests - Added backward compatibility for old cache format - Added symbols registration and metric score assignment - Updated configuration documentation with examples The new system provides: - Clear threat categorization instead of linear interpolation - Proper symbol weights applied automatically - Consistent behavior between MetaDefender and VirusTotal - Cache that preserves symbol categories Configuration example: metadefender { apikey = "KEY"; type = "metadefender"; minimum_engines = 3; low_category = 5; medium_category = 10; }
6 days ago
feat: Add MetaDefender antivirus scanner Co-authored-by: v <v@rspamd.com>
6 days ago
[Feature] Add symbol categories for MetaDefender and VirusTotal Implemented a category-based symbol system for hash lookup antivirus scanners (MetaDefender and VirusTotal) to replace dynamic scoring: - Added 4 symbol categories: CLEAN (-0.5), LOW (2.0), MEDIUM (5.0), HIGH (8.0) - Replaced full_score_engines with threshold-based categorization (low_category, medium_category) - Fixed symbol registration in antivirus.lua to use rule instead of config - Updated cache format to preserve symbol category across requests - Added backward compatibility for old cache format - Added symbols registration and metric score assignment - Updated configuration documentation with examples The new system provides: - Clear threat categorization instead of linear interpolation - Proper symbol weights applied automatically - Consistent behavior between MetaDefender and VirusTotal - Cache that preserves symbol categories Configuration example: metadefender { apikey = "KEY"; type = "metadefender"; minimum_engines = 3; low_category = 5; medium_category = 10; }
6 days ago
feat: Add MetaDefender antivirus scanner Co-authored-by: v <v@rspamd.com>
6 days ago
[Feature] Add symbol categories for MetaDefender and VirusTotal Implemented a category-based symbol system for hash lookup antivirus scanners (MetaDefender and VirusTotal) to replace dynamic scoring: - Added 4 symbol categories: CLEAN (-0.5), LOW (2.0), MEDIUM (5.0), HIGH (8.0) - Replaced full_score_engines with threshold-based categorization (low_category, medium_category) - Fixed symbol registration in antivirus.lua to use rule instead of config - Updated cache format to preserve symbol category across requests - Added backward compatibility for old cache format - Added symbols registration and metric score assignment - Updated configuration documentation with examples The new system provides: - Clear threat categorization instead of linear interpolation - Proper symbol weights applied automatically - Consistent behavior between MetaDefender and VirusTotal - Cache that preserves symbol categories Configuration example: metadefender { apikey = "KEY"; type = "metadefender"; minimum_engines = 3; low_category = 5; medium_category = 10; }
6 days ago
feat: Add MetaDefender antivirus scanner Co-authored-by: v <v@rspamd.com>
6 days ago
[Feature] Add symbol categories for MetaDefender and VirusTotal Implemented a category-based symbol system for hash lookup antivirus scanners (MetaDefender and VirusTotal) to replace dynamic scoring: - Added 4 symbol categories: CLEAN (-0.5), LOW (2.0), MEDIUM (5.0), HIGH (8.0) - Replaced full_score_engines with threshold-based categorization (low_category, medium_category) - Fixed symbol registration in antivirus.lua to use rule instead of config - Updated cache format to preserve symbol category across requests - Added backward compatibility for old cache format - Added symbols registration and metric score assignment - Updated configuration documentation with examples The new system provides: - Clear threat categorization instead of linear interpolation - Proper symbol weights applied automatically - Consistent behavior between MetaDefender and VirusTotal - Cache that preserves symbol categories Configuration example: metadefender { apikey = "KEY"; type = "metadefender"; minimum_engines = 3; low_category = 5; medium_category = 10; }
6 days ago
feat: Add MetaDefender antivirus scanner Co-authored-by: v <v@rspamd.com>
6 days ago
[Feature] Add symbol categories for MetaDefender and VirusTotal Implemented a category-based symbol system for hash lookup antivirus scanners (MetaDefender and VirusTotal) to replace dynamic scoring: - Added 4 symbol categories: CLEAN (-0.5), LOW (2.0), MEDIUM (5.0), HIGH (8.0) - Replaced full_score_engines with threshold-based categorization (low_category, medium_category) - Fixed symbol registration in antivirus.lua to use rule instead of config - Updated cache format to preserve symbol category across requests - Added backward compatibility for old cache format - Added symbols registration and metric score assignment - Updated configuration documentation with examples The new system provides: - Clear threat categorization instead of linear interpolation - Proper symbol weights applied automatically - Consistent behavior between MetaDefender and VirusTotal - Cache that preserves symbol categories Configuration example: metadefender { apikey = "KEY"; type = "metadefender"; minimum_engines = 3; low_category = 5; medium_category = 10; }
6 days ago
feat: Add MetaDefender antivirus scanner Co-authored-by: v <v@rspamd.com>
6 days ago
[Feature] Add symbol categories for MetaDefender and VirusTotal Implemented a category-based symbol system for hash lookup antivirus scanners (MetaDefender and VirusTotal) to replace dynamic scoring: - Added 4 symbol categories: CLEAN (-0.5), LOW (2.0), MEDIUM (5.0), HIGH (8.0) - Replaced full_score_engines with threshold-based categorization (low_category, medium_category) - Fixed symbol registration in antivirus.lua to use rule instead of config - Updated cache format to preserve symbol category across requests - Added backward compatibility for old cache format - Added symbols registration and metric score assignment - Updated configuration documentation with examples The new system provides: - Clear threat categorization instead of linear interpolation - Proper symbol weights applied automatically - Consistent behavior between MetaDefender and VirusTotal - Cache that preserves symbol categories Configuration example: metadefender { apikey = "KEY"; type = "metadefender"; minimum_engines = 3; low_category = 5; medium_category = 10; }
6 days ago
feat: Add MetaDefender antivirus scanner Co-authored-by: v <v@rspamd.com>
6 days ago
[Feature] Add symbol categories for MetaDefender and VirusTotal Implemented a category-based symbol system for hash lookup antivirus scanners (MetaDefender and VirusTotal) to replace dynamic scoring: - Added 4 symbol categories: CLEAN (-0.5), LOW (2.0), MEDIUM (5.0), HIGH (8.0) - Replaced full_score_engines with threshold-based categorization (low_category, medium_category) - Fixed symbol registration in antivirus.lua to use rule instead of config - Updated cache format to preserve symbol category across requests - Added backward compatibility for old cache format - Added symbols registration and metric score assignment - Updated configuration documentation with examples The new system provides: - Clear threat categorization instead of linear interpolation - Proper symbol weights applied automatically - Consistent behavior between MetaDefender and VirusTotal - Cache that preserves symbol categories Configuration example: metadefender { apikey = "KEY"; type = "metadefender"; minimum_engines = 3; low_category = 5; medium_category = 10; }
6 days ago
feat: Add MetaDefender antivirus scanner Co-authored-by: v <v@rspamd.com>
6 days ago
[Feature] Add symbol categories for MetaDefender and VirusTotal Implemented a category-based symbol system for hash lookup antivirus scanners (MetaDefender and VirusTotal) to replace dynamic scoring: - Added 4 symbol categories: CLEAN (-0.5), LOW (2.0), MEDIUM (5.0), HIGH (8.0) - Replaced full_score_engines with threshold-based categorization (low_category, medium_category) - Fixed symbol registration in antivirus.lua to use rule instead of config - Updated cache format to preserve symbol category across requests - Added backward compatibility for old cache format - Added symbols registration and metric score assignment - Updated configuration documentation with examples The new system provides: - Clear threat categorization instead of linear interpolation - Proper symbol weights applied automatically - Consistent behavior between MetaDefender and VirusTotal - Cache that preserves symbol categories Configuration example: metadefender { apikey = "KEY"; type = "metadefender"; minimum_engines = 3; low_category = 5; medium_category = 10; }
6 days ago
feat: Add MetaDefender antivirus scanner Co-authored-by: v <v@rspamd.com>
6 days ago
[Feature] Add symbol categories for MetaDefender and VirusTotal Implemented a category-based symbol system for hash lookup antivirus scanners (MetaDefender and VirusTotal) to replace dynamic scoring: - Added 4 symbol categories: CLEAN (-0.5), LOW (2.0), MEDIUM (5.0), HIGH (8.0) - Replaced full_score_engines with threshold-based categorization (low_category, medium_category) - Fixed symbol registration in antivirus.lua to use rule instead of config - Updated cache format to preserve symbol category across requests - Added backward compatibility for old cache format - Added symbols registration and metric score assignment - Updated configuration documentation with examples The new system provides: - Clear threat categorization instead of linear interpolation - Proper symbol weights applied automatically - Consistent behavior between MetaDefender and VirusTotal - Cache that preserves symbol categories Configuration example: metadefender { apikey = "KEY"; type = "metadefender"; minimum_engines = 3; low_category = 5; medium_category = 10; }
6 days ago
feat: Add MetaDefender antivirus scanner Co-authored-by: v <v@rspamd.com>
6 days ago
  1. # Example MetaDefender configuration
  2. # Copy relevant sections to local.d/antivirus.conf and customize
  4. metadefender {
  5. # Required: Your MetaDefender API key from https://metadefender.opswat.com/
  6. apikey = "YOUR_API_KEY_HERE";
  8. # Main symbol name (for compatibility, usually not used directly)
  9. symbol = "METADEFENDER";
  11. # Scanner type - must be "metadefender"
  12. type = "metadefender";
  14. # Scan MIME parts separately instead of full message (recommended: true)
  15. scan_mime_parts = true;
  17. # Don't scan text or image MIME parts (saves API quota)
  18. scan_text_mime = false;
  19. scan_image_mime = false;
  21. # Maximum file size to scan (20MB default)
  22. max_size = 20000000;
  24. # Log when files are clean (default: false to reduce noise)
  25. log_clean = false;
  27. # Minimum AV engines that must detect malware before flagging (default: 3)
  28. # Lower value = more sensitive, may have more false positives
  29. minimum_engines = 3;
  31. # Threshold for low category (default: 5)
  32. # Detections from minimum_engines to low_category-1 = LOW
  33. low_category = 5;
  35. # Threshold for medium category (default: 10)
  36. # Detections from low_category to medium_category-1 = MEDIUM
  37. # Detections >= medium_category = HIGH
  38. medium_category = 10;
  40. # HTTP request timeout in seconds
  41. timeout = 5.0;
  43. # Redis cache expiration (2 hours = 7200 seconds)
  44. # Longer cache reduces API calls but may miss new detections
  45. cache_expire = 7200;
  47. # Symbol categories with scores (can be customized)
  48. symbols = {
  49. clean = {
  50. symbol = "METADEFENDER_CLEAN";
  51. score = -0.5;
  52. description = "MetaDefender decided attachment to be clean";
  53. };
  54. low = {
  55. symbol = "METADEFENDER_LOW";
  56. score = 2.0;
  57. description = "MetaDefender found low number of threats (3-4 engines)";
  58. };
  59. medium = {
  60. symbol = "METADEFENDER_MEDIUM";
  61. score = 5.0;
  62. description = "MetaDefender found medium number of threats (5-9 engines)";
  63. };
  64. high = {
  65. symbol = "METADEFENDER_HIGH";
  66. score = 8.0;
  67. description = "MetaDefender found high number of threats (10+ engines)";
  68. };
  69. }
  71. # Optional: Force an action when malware is detected
  72. # action = "reject";
  74. # Optional: Custom message template
  75. # message = '${SCANNER}: virus found: "${VIRUS}"';
  76. }