# Please don't modify this file as your changes might be overwritten with
# the next update.
#
# You can modify 'local.d/antivirus.conf' to add and merge
# parameters defined inside this section
#
# You can modify 'override.d/antivirus.conf' to strictly override all
# parameters defined inside this section
#
# See https://rspamd.com/doc/faq.html#what-are-the-locald-and-overrided-directories
# for details
#
# Module documentation can be found at  https://rspamd.com/doc/modules/antivirus.html

antivirus {
  # multiple scanners could be checked, for each we create a configuration block with an arbitrary name
  #clamav {
    # If set force this action if any virus is found (default unset: no action is forced)
    # action = "reject";
    # message = '${SCANNER}: virus found: "${VIRUS}"';
    # Scan mime_parts separately - otherwise the complete mail will be transferred to AV Scanner
    #scan_mime_parts = true;
    # Scanning Text is suitable for some av scanner databases (e.g. Sanesecurity)
    #scan_text_mime = false;
    #scan_image_mime = false;
    # If `max_size` is set, messages > n bytes in size are not scanned
    #max_size = 20000000;
    # symbol to add (add it to metric if you want non-zero weight)
    #symbol = "CLAM_VIRUS";
    # type of scanner: "clamav", "fprot", "sophos" or "savapi"
    #type = "clamav";
    # For "savapi" you must also specify the following variable
    #product_id = 12345;
    # You can enable logging for clean messages
    #log_clean = true;
    # servers to query (if port is unspecified, scanner-specific default is used)
    # can be specified multiple times to pool servers
    # can be set to a path to a unix socket
    # Enable this in local.d/antivirus.conf
    #servers = "127.0.0.1:3310";
    # if `patterns` is specified virus name will be matched against provided regexes and the related
    # symbol will be yielded if a match is found. If no match is found, default symbol is yielded.
    #patterns {
      # symbol_name = "pattern";
    #  JUST_EICAR = '^Eicar-Test-Signature$';
    #}
    #patterns_fail {
      # symbol_name = "pattern";
      #CLAM_PROTOCOL_ERROR = '^unhandled response';
    #}
    # `whitelist` points to a map of signature names. Hits on these signatures are ignored.
    #whitelist = "/etc/rspamd/antivirus.wl";
  #}

  .include(try=true,priority=5) "${DBDIR}/dynamic/antivirus.conf"
  .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/antivirus.conf"
  .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/antivirus.conf"
}