The Filetype plugin of fuglu handles it very well: https://fuglu.org/plugins-index.html#attachment-blocker
It can filter based on file extension and file type (recognized by Magic
Bytes... so Benny, mimedefang/clamav isn't necessary to block every ELF
or windows executable), even if the file is in an archive. By the way,
fuglu blocks it by default
deny self-extract No self-extracting archives
deny executable No programs allowed
deny ELF No programs allowed
deny Registry No Windows Registry files allowed
That plugin can read a database for exceptions to the default rules.
A mechanism doesn't exist yet of recipient exceptions in the virus
plugins (there are multiple). You could simply skip some plugins for
specific recipients. You could also create a plugin that will read the
result of previous plugins (spamassassin, anti-virus, spf...) and take
appropriate action based on domain or recipient... It's what we did.
On 24.09.21 14:21, Alex wrote: > Hi,
>> We use fuglu in production at work and it works very nicely. But it was
>> on a centos machine. I have it too on a debian raspberry pi and just
>> updated from gitlab. I had a domainmagic dependency missing too but
>> mentionned it to a dev, who's working on a fix. I have no experience
>> with gentoo though.
>> At work, we switched to the dockerized version of fuglu, maybe you could
>> consider it.
> I'm also interested in this, as I'm having problems with amavisd (and
> development has effectively stopped).
> Does anyone know how it compares? Is it possible to more specifically
> define the policies it applies to domains it processes? For example,
> the problem I'm currently having with amavisd is that things like
> virus/spam destiny, or banned filenames are limited to affecting all
> domains the amavisd instance processes. It would be good to have more
> flexibility there - one domain may wish to allow html files while
> another would like to block them.
> I've posted this on the amavisd list before, and it's gone unanswered.
> I'm hoping fuglu is a more modern replacement without too much
> difficulty in the conversion/replacement.
> I also like fuglu for it being coded in python - it's much easier to
> find python developers than perl developers these days.
>> But I doubt this mailing list is the best place to talk about fuglu.
> Yes, not strictly related, but I'm hoping it's closely related enough
> for someone to give me some pointers, given we're all using SA.
>> Best regards,
>> On 24.09.21 05:12, Benny Pedersen wrote:
>>> anyone using it ? :)
>>> i added it to ::fidonet gentoo overlay, it missed dev-python/pygeoip,
>>> dev-python/domainmagic in gentoo portage to work, with i found after i
>>> had created the first gentoo ebuild for fuglu 1.0.1, late night works,
>>> hehe :)
>>> if others is really using fuglu please share