# Please don't modify this file as your changes might be overwritten with # the next update. # # You can modify 'local.d/antivirus.conf' to add and merge # parameters defined inside this section # # You can modify 'override.d/antivirus.conf' to strictly override all # parameters defined inside this section # # See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories # for details # # Module documentation can be found at https://rspamd.com/doc/modules/antivirus.html antivirus { # multiple scanners could be checked, for each we create a configuration block with an arbitrary name #clamav { # If set force this action if any virus is found (default unset: no action is forced) # action = "reject"; # message = '${SCANNER}: virus found: "${VIRUS}"'; # Scan mime_parts separately - otherwise the complete mail will be transferred to AV Scanner #scan_mime_parts = true; # Scanning Text is suitable for some av scanner databases (e.g. Sanesecurity) #scan_text_mime = false; #scan_image_mime = false; # If `max_size` is set, messages > n bytes in size are not scanned #max_size = 20000000; # symbol to add (add it to metric if you want non-zero weight) #symbol = "CLAM_VIRUS"; # type of scanner: "clamav", "fprot", "sophos" or "savapi" #type = "clamav"; # For "savapi" you must also specify the following variable #product_id = 12345; # You can enable logging for clean messages #log_clean = true; # servers to query (if port is unspecified, scanner-specific default is used) # can be specified multiple times to pool servers # can be set to a path to a unix socket # Enable this in local.d/antivirus.conf #servers = "127.0.0.1:3310"; # if `patterns` is specified virus name will be matched against provided regexes and the related # symbol will be yielded if a match is found. If no match is found, default symbol is yielded. #patterns { # symbol_name = "pattern"; # JUST_EICAR = '^Eicar-Test-Signature$'; #} #patterns_fail { # symbol_name = "pattern"; #CLAM_PROTOCOL_ERROR = '^unhandled response'; #} # `whitelist` points to a map of signature names. Hits on these signatures are ignored. #whitelist = "/etc/rspamd/antivirus.wl"; #} .include(try=true,priority=5) "${DBDIR}/dynamic/antivirus.conf" .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/antivirus.conf" .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/antivirus.conf" }