Fast Advanced Spam Analysis Tool
debug-iter-topology
in makefile
to debug running topologyiter-files-mails
, that uses generator to send mails to topology. It's memory safe and stablemail-parser
and streamparse
.dialect
section in main configuration filemail-parser
and Apache Tika
modulesstore_samples
attachments post processing, to store samples on filesystem.list
key, so they are automatically loaded:# Attachments bolt configuration
attachments:
# The lists of all components must be under lists keyword to load them
# automatically
commons:
lists:
blacklist_content_types:
# All content types to remove from results
# Example in content_types/blacklist/generic.example.yml
generic: /path/to/generic_content_types
custom: /path/to/custom_content_types
not_extract_content_types:
# All content types that you don't want extract from archive
# Example: application/java-archive (jar), you can save the jar
# but do not extract the class inside.
generic: /path/to/generic_content_types
custom: /path/to/custom_content_types
heartbeat timeout
when using Thug, getting custom header now not raise pystorm/serializers/json_serializer.py
and you can avoid to set blacklist or whitelist in configuration.waiting.sleep
in configuration spout file to avoid Apache Storm timeout.Thug
section has more important options.debug
environment in config.json
.docker-compose
example for debug use.requirements
in optional
and not
.os.kill
with raise
. Added more options.mail-parser
Apache Tika
support to 1.16
versionspamscope-elasticsearch
can be used in the cases where Elasticsearch is behind a reverse proxy. You can use RFC-1738 formatted URLs.Outlook
mail (msg format). Enable flag outlook: True
in mailboxes main configuration for folders that have this mail format.headers:
list in mailboxes main configuration (see configuration example in this repository).mail-parser
and streamparse
.receiveds
in main output.phishing
bolt.binary
attachments have a flag binary
.zip
attachments.quoted-printable
headers mail.