This is way long overdue that I promised to write a blog for a good dear friend on his python mail scanner daemon. And today, finally got my spare time to review Fuglu . First, what is Fuglu?
Fuglu is a mail scanner daemon written in Python. Installed as a postfix before-queue or after-queue filter fuglu can be used to filter spam, viruses, unwanted attachments etc.
As I'm not a mail admin, so this article will skip some mail related features. Let's install fuglu by cloning from the github repository .
$ git clone https://github.com/gryphius/fuglu.git $ cd fuglu/fuglu $ sudo python setup.py installIf the installation is successful, then we go to the basic configuration. Running fuglu --lint
root@localhost:/etc/fuglu# fuglu --lint Could not drop privileges to nobody/nobody : Can not drop privileges, user nobody or group nobody does not exist Fuglu 0.6.6-2-ge18e56b ---------- LINT MODE ---------- Checking dependencies... sqlalchemy: not installed Optional dependency, required if you want to enable any database lookups BeautifulSoup: V4 installed magic: not installed Optional dependency, without python-file or python-magic the attachment plugin's automatic file type detection will easily be fooled Loading extensions... fuglu.extensions.sql: disabled (sqlalchemy not installed) Loading plugins... Plugin loading complete Linting main configuration OK Linting Plugin Archive Config section: ArchivePlugin SuspectFilter file not found: /etc/fuglu/archive.regex ERROR Linting Plugin Attachment Blocker Config section: FiletypePlugin python libmagic bindings (python-file or python-magic) not available. Will only do content-type checks, no real file analysis ERROR Linting Plugin Debugger Config section: debug OK Linting Plugin Plugin Skipper Config section: PluginSkipper SuspectFilter file not found: /etc/fuglu/skipplugins.regex ERROR 3 plugins reported errors. WARNING: Skipping logging configuration check because I could not switch to user 'nobody' earlier. please re-run fuglu --lint as privileged user (problems in the logging configuration could prevent the fuglu daemon from starting up) root@localhost:/etc/fuglu#You should really fix the above lint error before continue to get a good setup for the incoming features. The solution is different for each lint error output above but for mine, I did the following.
root@localhost:/etc/fuglu# cp archive.regex.dist archive.regex root@localhost:/etc/fuglu# cp fuglu_mrtg.cfg.dist fuglu_mrtg.cfg root@localhost:/etc/fuglu# cp logging.conf.dist logging.conf root@localhost:/etc/fuglu# cp skipplugins.regex.dist skipplugins.regex root@localhost:/etc/fuglu# apt-get install python-sqlalchemy python-magic root@localhost:/etc/fuglu# groupadd nobodyRun again the fuglu lint command
root@localhost:/etc/fuglu# fuglu --lint Fuglu 0.6.6-2-ge18e56b ---------- LINT MODE ---------- Checking dependencies... sqlalchemy: installed BeautifulSoup: V4 installed magic: found python-file/libmagic bindings (http://www.darwinsys.com/file/) Loading extensions... fuglu.extensions.sql: enabled (available) Loading plugins... Plugin loading complete Linting main configuration OK Linting Plugin Archive Config section: ArchivePlugin OK Linting Plugin Attachment Blocker Config section: FiletypePlugin Found python-file/libmagic bindings (http://www.darwinsys.com/file/) No database configured. Using per user/domain file configuration from /etc/fuglu/rules rarfile library not found, RAR support disabled Archive scan, available file extensions: ['z', 'zip'] OK Linting Plugin Debugger Config section: debug OK Linting Plugin Plugin Skipper Config section: PluginSkipper OK 0 plugins reported errors. Checking logging configuration.... OKPerfect! Everything is OK. We are ready to move on. As for fuglu postfix configuration, you can refer here .This I will skip for the aforementioned reason. To start fuglu, just run the command fuglu and fuglu will run in the background. Give -f if you want to quickly test it.
root@localhost:~# fuglu root@localhost:~# root@localhost:~# tail -F /var/log/fuglu/fuglu.log 2016-06-23 20:44:15,178 root : INFO FuGLU Version 0.6.6-2-ge18e56b starting up 2016-06-23 20:44:15,289 fuglu.MainController: INFO Init Stat Engine 2016-06-23 20:44:15,290 fuglu.MainController: INFO Init Threadpool 2016-06-23 20:44:15,290 fuglu.MainController: INFO Starting interface sockets... 2016-06-23 20:44:15,291 fuglu.MainController: INFO starting connector smtp/10025 2016-06-23 20:44:15,291 fuglu.incoming.10025: INFO SMTP (After Queue) Server running on port 10025 2016-06-23 20:44:15,291 fuglu.MainController: INFO starting connector smtp/10099 2016-06-23 20:44:15,292 fuglu.incoming.10099: INFO SMTP (After Queue) Server running on port 10099 2016-06-23 20:44:15,292 fuglu.MainController: INFO starting connector smtp/10888 2016-06-23 20:44:15,292 fuglu.incoming.10888: INFO SMTP (After Queue) Server running on port 10888 2016-06-23 20:44:15,293 fuglu.control.fuglu_control.sock: INFO Control/Info Server running on port /tmp/fuglu_control.sock 2016-06-23 20:44:15,293 fuglu.MainController: INFO Startup completeStarted okay. Now let us print out some fuglu status.
$ sudo fuglu_control stats Fuglu statistics --------------- Uptime: 0:00:20.218391 Avg scan time: 0 Total msgs: 0 Ham: 0 Spam: 0 Virus: 0 $ sudo fuglu_control workerlist Total 2 Threads [1]: waiting for task ******* [2]: waiting for taskThe response is fast and yet the statistics are simple to understand. If you are a mail admin, I suggest you also setup fuglu so that statistics can be plotted into mrtg. Fuglu comes support with mrtg natively, you can find out how here .
To take a step further, mail admin should really read on the plugin page . It contains all various goodies you will required and if you want more, you can actually write your plugin and integrate to fuglu. You can read it here as the example given on how to write the plugin.
Last but not least, if you have question, you can reach the author in many different medium. You can find it here .
If you are mail admin, consider fuglu your mail scanner daemon!