CONFIGURATION

Virge requires "/etc/virge.conf" file to exist in order to function.
This path can be changed in the source code.

It is important to note that configuration parsing routine is not very
clever, and I advise that you follow simple rule - each keyword has to
be defined in following manner:

<directive>: <value>

For example:

--
log_virus: virus.log
runas_user: mail
etc...
--

Empty lines and lines beginning with '#' are not processed.



#######################################################################
                 OVERVIEW OF CONFIGURATION KEYWORDS
#######################################################################

=======================================================================
KEYWORD: virge_dir

This is the main (base) Virge directory. It is good idea to create a
directory where all Virge related files will be stored (logs, isolated
files, etc.)

By default, 'virge_dir' is set to "/virge"

If directory does not exist, Virge will try to create it first time it
is started.

=======================================================================
KEYWORD: log_dir

Directory where logs will be stored.

If no leading slash ("/") is given, it is assumed that directory name
is relative to 'virge_dir'

If directory does not exist, Virge will try to create it first time it
it is started.

By default, 'log_dir' is set to "/virge/log"

=======================================================================
KEYWORD: log_virge

Virge logfile. Delivery details are stored in it.

If no leading slash ("/") is given, it is assumed that filename is
relative to 'log_dir'

If file does not exist, Virge will try to create it first time it is
started.

By default, 'log_virge' is set to "/virge/log/virge.log"

=======================================================================
KEYWORD: log_error

Virge error log, where errors are reported.

If no leading slash ("/") is given, it is assumed that filename is
relative to 'log_dir'

If file does not exist, Virge will try to create it first time it is
started.

By default, 'log_error' is set to "/virge/log/error.log"

=======================================================================
KEYWORD: log_action

Virge action log, where "actions" are reported (removal/isolation of
files, virus notification, and similar).

If no leading slash ("/") is given, it is assumed that filename is
relative to 'log_dir'

If file does not exist, Virge will try to create it first time it is
started.

By default, 'log_action' is set to "/virge/log/action.log"

=======================================================================
KEYWORD: log_virus

Virus log, where details about found viruses are stored.

If no leading slash ("/") is given, it is assumed that filename is
relative to 'log_dir'

If file does not exist, Virge will try to create it first time it is
started.

By default, 'log_virus' is set to "/virge/log/virus.log"

=======================================================================
KEYWORD: log_debug

Debug log, where details about Virge execution are stored.

If no leading slash ("/") is given, it is assumed that filename is
relative to 'log_dir'

If file does not exist, Virge will try to create it first time it is
started.

By default, 'log_debug' is set to "/virge/log/debug.log"

=======================================================================
KEYWORD: isolate_dir

Directory where isolated mail bodies for mails, that were infected or
had forbidden attachments, are stored.

Permissions are set in such a way that only owner of the directory can
access to files in subdirectories.

Mail bodies are stored in subdirectories in format of:

virge_root_dir/isolate_dir/recipient/date/message_id/mail_body

Message ID consists of string that represents the time at which mail
was checked, and proces id (example: 23:51:22.26125)

If no leading slash ("/") is given, it is assumed that directory name
is relative to 'virge_dir'

If directory does not exist, Virge will try to create it first time it
it is started.

By default, 'isolate_dir' is set to "/virge/isolated"

=======================================================================
KEYWORD: etc_dir

Directory where "extensions" and "allow.users" files are stored.

If no leading slash ("/") is given, it is assumed that directory name
is relative to 'virge_dir'

If directory does not exist, Virge will try to create it first time it
it is started.

By default, 'etc_dir' is set to "/virge/etc"

=======================================================================
KEYWORD: temp_dir

Directory where temporary files/subdirectories are stored.

This is the directory where mail bodies are initally copied, and
attachments unpacked. File operations are *hopefully* secure enough
to prevent any kind of misuse by anyone.

If no leading slash ("/") is given, it is assumed that directory name
is relative to 'virge_dir'

If directory does not exist, Virge will try to create it first time it
it is started.

By default, 'temp_dir' is set to "/virge/temp"

=======================================================================
KEYWORD: scan_avp

Boolean value (1 or 0) that tells Virge to perform (or not) scanning
using AVPDaemon scanner.

You need AVPDaemon ( http://www.avp.ch ) in order to use this feature.

By default, 'scan_avp' is set to "0"

=======================================================================
KEYWORD: scan_sophie

Boolean value (1 or 0) that tells Virge to perform (or not) scanning
using Sophie scanner.

You need Sophie ( http://www.vanja.com/tools/ ) and Sophos LIBSAVI
library in order to use this feature.

By default, 'scan_sophie' is set to "0"

=======================================================================
KEYWORD: scan_sophie_socket

Location of the socket created by Sophie, which is used for information
exchange between Sophie and Virge.

By default, 'scan_sophie_socket' is set to "/var/run/sophie"

Is 'scan_sophie' is set to '0', this option is ignored.

=======================================================================
KEYWORD: scan_trophie

Boolean value (1 or 0) that tells Virge to perform (or not) scanning
using Trophie scanner.

You need Trophie ( http://www.vanja.com/tools/ ) and TrendMicro VSAPI
library in order to use this feature.

By default, 'scan_trophie' is set to "0"

=======================================================================
KEYWORD: scan_trophie_socket

Location of the socket created by Trophie, which is used for
information exchange between Trophie and Virge.

By default, 'scan_trophie_socket' is set to "/var/run/trophie"

If 'scan_trophie' is set to '0', this option is ignored.

=======================================================================
KEYWORD: defer_on_fail

Virge can be configured to not deliver the mail if the virus scanners
are not reachable. Setting this to "1" will enable this feature.

By default, 'defer_on_fail' is set to "0"

=======================================================================
KEYWORD: save_isolated

By default, Virge will perform 'isolate' (save in directory) files
which were infected with virus, or which did not pass attachment
checks. Setting this to "0" will disable file saving (and save hard
disk space for sites with huge email traffic :-).

By default, 'save_isolated' is set to "1"

=======================================================================
KEYWORD: virge_dir_mode

Sets the permissions on directories created by Virge. Octal value is
expected.

By default, 'virge_dir_mode' is set to "00700"

WARNING: When changing permissions, make sure that owner has write/access
         permissions (003xx or 007xx, at least). Otherwise, Virge might
         not be able to create directories, and mails will get lost.

For more information on modes, please refer to the sample configuration
file, or "chmod" (for example) manual page.

=======================================================================
KEYWORD: isolated_mode

This sets the permissions for mail bodies that are being isolated.
Permissions are set while open()ing output files, and Virge expects
octal value.

By default, 'isolated_mode' is set to "00400"

For more information on modes, please refer to the sample configuration
file, or "chmod" (for example) manual page.

=======================================================================
KEYWORD: runas_user

Soon after it is started, Virge will drop root privileges. 'runas_user'
contains the username of user on the system Virge is going to run as.

We suggest that value "mail" is used. Otherwise, procmail will insert
additional "From:" header to all incoming mails. Refer to procmail
manual page for more details (section: "MISCELLANEOUS")

By default, 'runas_user' is set to "mail"

=======================================================================
KEYWORD: extensions_file

Filename which contains list of filenames/extensions which are not
allowed to pass through the mailserver.

For more information, refer to 'extensions.txt' and 'regex.txt' files.

If no leading slash ("/") is given, it is assumed that directory name
is relative to 'etc_dir'

By default, 'extensions_file' is set to "/virge/etc/extensions"

=======================================================================
KEYWORD: allowusers_file

Filename which contains list of *local* usernames for which the mail
should be delivered directly, without any checking. File format is
simple - one username per line.

If no leading slash ("/") is given, it is assumed that directory name
is relative to 'etc_dir'

By default, 'allowusers_file' is set to "/virge/etc/allow.users"

=======================================================================
KEYWORD: mail_body

Filename (without the path) to which the mail bodies of isolated mails
will be saved.

By default, 'mail_body' is set to "mail_body"

=======================================================================
KEYWORD: deliver_loadavg

Load (as calculated by OS - output od "uptime" command, for example,
contains the load values) at which Virge will stop checking mails and
start delivering directly.

In case of big loads on the machine (which might, or might not, be a
result of heavy virus scanning, for example), Virge can be configured
to stop checking mails (and adding to the load), and just deliver them.

In our experience, Virge and AVPDaemon/Sophie are very light on system
resources, so in case of big loads on the machine fact that Virge does
not check mails anymore won't bring much benefit. However, the option
is included for convenience.

By default, 'deliver_loadavg' is set to "4"

=======================================================================
KEYWORD: procmail

Location of procmail binary on the filesystem.

By default, 'procmail' is set to "/usr/bin/procmail"

NOTE: Procmail must be setuid root in order for Virge to function
      properly (since Virge drops root privileges, it does not have
      permissions to deliver mails - we *think* it is safer to have
      procmail setuid root since there is very little chance that
      outsiders can pass any dangerous data to procmail, even if
      some root hole is found at some later stage)

=======================================================================
KEYWORD: sendmail

Location of sendmail binary on the filesystem.

By default, 'sendmail' is set to "/usr/sbin/sendmail"

=======================================================================
KEYWORD: notify_sender_virus

Boolean value (1 or 0) that tells Virge to send (or not) a mail to the
sender of the mail infected with the virus.

By default, 'notify_sender_virus' is set to "1"

=======================================================================
KEYWORD: notify_sender_attachment

Boolean value (1 or 0) that tells Virge to send (or not) a mail to the
sender of the mail with attachment that is not allowed.

By default, 'notify_sender_attachment' is set to "0"

=======================================================================
KEYWORD: notify_rcpt_virus

Boolean value (1 or 0) that tells Virge to send (or not) a mail to the
recipient of the mail infected with the virus.

By default, 'notify_rcpt_virus' is set to "1"

=======================================================================
KEYWORD: notify_use_header_rcpt

By default, Virge is using (when sending out notifications) recipient
mail address supplied via SMTP protocol ("RCPT TO: <email>"). By
setting 'notify_use_header_rcpt' to "1", Virge will use the email
address supplied in "To: <email>" header of the message, if the header
is present. If not, if will fall back to usual "RCPT TO: <email>" address.

For example, if notify_use_header_rcpt is set to "1", Virge will try to
extract email address from header that looks like:

To: "FirstName SecondName" <email@address>

This email address (without the "To: " part) will be included in the
notification mail sent to the original sender of the virus.

This could be useful in case some email address are later 'expanded'
(like aliases), or simply forwarded.

Boolean value (1 or 0) that tells Virge to use (or not) email found
in "To:" header, when sending notification mails out

By default, 'notify_sender_attachment' is set to "0"

=======================================================================
KEYWORD: admin

Administrator's email account (or alias for more administrators) where
Virge will send notifications.

By default, 'admin' is set to "root@localhost"

NOTE: Please, modify this to your own account if you wish to receive
      Virge notifications.

=======================================================================
KEYWORD: virge_from

Email address that will appear in "From:" header in mails that are sent
out by Virge (notifications).

By default, 'virge_from' is set to "virge@localhost"

=======================================================================
KEYWORD: template_notify_sender_virus

Text template, which defines the layout, can be specified, and will be
used by Virge when sending out notification mails. This template is
used for defining layout of the mail which is sent to the sender of the
mail which was infected by the virus (if that feature it enabled).

By default, 'template_notify_sender_virus' is set to
"template_virus_sender.txt". This means that Virge expects this file to
be located in the 'etc_dir' of Virge instalation

=======================================================================
KEYWORD: template_notify_rcpt_virus

Text template, which defines the layout, can be specified, and will be
used by Virge when sending out notification mails. This template is
used for defining layout of the mail which is sent to the recipient of
the mail which was infected by the virus (if that feature it enabled).

By default, 'template_notify_rcpt_virus' is set to
"template_virus_rcpt.txt". This means that Virge expects this file to
be located in the 'etc_dir' of Virge instalation

=======================================================================
KEYWORD: template_notify_sender_attachment

Text template, which defines the layout, can be specified, and will be
used by Virge when sending out notification mails. This template is
used for defining layout of the mail which is sent to the sender of the
mail which contained forbidden attachments (if that feature it enabled).

By default, 'template_notify_sender_attachment' is set to
"template_attach_sender.txt". This means that Virge expects this file
to be located in the 'etc_dir' of Virge instalation

=======================================================================
KEYWORD: virge_timeout

Timeout after which Virge will terminate. In case Virge gets into some
loop and start taking up CPU time (or just hanging), it is possible to
make it terminate itself, and notify admin (through syslog).

'virge_timeout' is number of seconds after which Virge will terminate
if it could not check/deliver the mail.

By defaulty, 'virge_timeout' is set to "120" (120 seconds - 2 minutes).

NOTE: Please, if you ever encounter problem with Virge hanging and/or
      taking up too much CPU time, try to find as much details as you
      can about the issue, and send them to me.

=======================================================================
KEYWORD: debug

Debug mode.

0 = no debugging
1 = stderr
2 = syslog

By default, 'debug' is set to "0"

=======================================================================
KEYWORD: debug_level

Debugging level (amount of information).

0 = none
1 = normal
2 = 1 + errors
3 = 2 + more details
4 = 3 + details of mail contents and similar

By default, 'debug_level' is set to "0"

=======================================================================
