This repository has been archived by the owner on May 30, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 5
/
amavisvt_example.cfg
64 lines (47 loc) · 2.31 KB
/
amavisvt_example.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
[DEFAULT]
# Your Virustotal public API key. You can find it after registration on virustotal.com under "My API key"
# api-key =
# Number of positive scans required to consider this file as infected
# hits-required = 5
# Expiration dates. Will be passed to memcached so be aware of memcached exceptions about the expire time
# (expire times greater than 30 days will be treated as a timestamp!).
# Number of seconds to cache positive results (results with more than `hits-required` positive scans).
# Defaults to 21 days
# positive-expire = 1814400
# Number of seconds to cache negative results (results with less than `hits-required` positive scans).
# Defaults to 12 hours
# negative-expire = 43200
# Number of seconds to cache results without a scan result. Defaults to 12 hours.
# unknown-expire = 43200
# HTTP Request timeout in seconds
# timeout = 10
# URL to the Virustotal API for file scan reports
# api-url = https://www.virustotal.com/vtapi/v2/file/report
# URL to the Virustotal API to scan files
# report-url = https://www.virustotal.com/vtapi/v2/file/scan
# Path to the AmavisVT database
# database-path = /var/lib/amavisvt/amavisvt.sqlite3
# Filename pattern detection - creates a history of filenames scanned through AmavisVT
# and flags suspicious attachments as possibly infected.
# You will need python with sqlite support to use this feature
#
# WARNING - WARNING - WARNING - WARNING - WARNING - WARNING - WARNING - WARNING - WARNING
#
# DO NOT enable this features if
# - you receive a lot of mails with the same or similar attachment names
# - the attachments have a high risk of false-positive
#
# WARNING - WARNING - WARNING - WARNING - WARNING - WARNING - WARNING - WARNING - WARNING
# Enable this feature (default: false)
# filename-pattern-detection = false
# minimum number of filename patterns required (default: 20)
# min-filename-patterns = 20
# percent of mails identified as infected within a pattern before flagging the mail (default: 0.4)
# infected-percent = 0.7
# automatically report files to Virustotal if filename pattern matches (default: false)
# WARNING: This will send the actual content of the attachments to Virustotal. DO NOT enable this setting if
# a legitimate attachment may be caught by the pattern detection!
# auto-report = false
[daemon]
# Socket path
# socket-path = /run/amavisvtd.sock