Hi Alex, The Filetype plugin of fuglu handles it very well: https://fuglu.org/plugins-index.html#attachment-blocker
It can filter based on file extension and file type (recognized by Magic Bytes... so Benny, mimedefang/clamav isn't necessary to block every ELF or windows executable), even if the file is in an archive. By the way, fuglu blocks it by default /etc/fuglu/rules/default-filetypes.conf: [...] deny self-extract No self-extracting archives deny executable No programs allowed deny ELF No programs allowed deny Registry No Windows Registry files allowed That plugin can read a database for exceptions to the default rules. A mechanism doesn't exist yet of recipient exceptions in the virus plugins (there are multiple). You could simply skip some plugins for specific recipients. You could also create a plugin that will read the result of previous plugins (spamassassin, anti-virus, spf...) and take appropriate action based on domain or recipient... It's what we did. Best, Laurent On 24.09.21 14:21, Alex wrote: > Hi, > >> We use fuglu in production at work and it works very nicely. But it was >> on a centos machine. I have it too on a debian raspberry pi and just >> updated from gitlab. I had a domainmagic dependency missing too but >> mentionned it to a dev, who's working on a fix. I have no experience >> with gentoo though. >> >> At work, we switched to the dockerized version of fuglu, maybe you could >> consider it. > > I'm also interested in this, as I'm having problems with amavisd (and > development has effectively stopped). > > Does anyone know how it compares? Is it possible to more specifically > define the policies it applies to domains it processes? For example, > the problem I'm currently having with amavisd is that things like > virus/spam destiny, or banned filenames are limited to affecting all > domains the amavisd instance processes. It would be good to have more > flexibility there - one domain may wish to allow html files while > another would like to block them. > > I've posted this on the amavisd list before, and it's gone unanswered. > I'm hoping fuglu is a more modern replacement without too much > difficulty in the conversion/replacement. > > I also like fuglu for it being coded in python - it's much easier to > find python developers than perl developers these days. > >> But I doubt this mailing list is the best place to talk about fuglu. > > Yes, not strictly related, but I'm hoping it's closely related enough > for someone to give me some pointers, given we're all using SA. > > Thanks, > Alex > > >> >> Best regards, >> Laurent >> >> On 24.09.21 05:12, Benny Pedersen wrote: >>> >>> anyone using it ? :) >>> >>> i added it to ::fidonet gentoo overlay, it missed dev-python/pygeoip, >>> dev-python/domainmagic in gentoo portage to work, with i found after i >>> had created the first gentoo ebuild for fuglu 1.0.1, late night works, >>> hehe :) >>> >>> if others is really using fuglu please share >>> >>
