SpamScope v1.5.5

Highlights

• Upgraded requirements: Apache Tika, Streamparse and Shodan
• Resolved bug JsonSerializer in Shodan report. Issue #368 Streamparse
• Resolved bug in Elasticsearch template to manage Shodan report
• Added .editorconfig to setup editor for SpamScope

SpamScope v1.5.3

Highlights

• Auto build docker images with Travis.
• Changed function to make base64 decode.
• Manage incorrect padding errors for base64 attachments and report in results.

SpamScope v1.5.2

Highlights

• Upgraded elasticsearch template.
• Manage HTTPError in Zemana integration.

SpamScope v1.5.1

Highlights

• Upgraded requirements: streamparse and elasticsearch.
• analisys_date field in attachments analysis.
• Bugfixes.

SpamScope v1.5.0

Highlights

• Added new network bolt: now it's possible to analyze the sender ip address.
• Updated Apache Storm version (1.1.0).
• Mark mail as phishing only if there are urls.
• Fixed Thug analysis for files in archive.
• Fixed attachments filter function.

⚠️ Breaking Changes ⚠️

• New flag for attachments: with_raw_attachments. If true mail has attachments.
  If with_attachments is true the mail has attachments that are not filtered.

⚠️ New configuration sections ⚠️

• Added two new fields to tokenizer bolt, to filter analysis of sender ip address:

+    # If True the same ip address is filtered and not analyzed.
 +    filter_network: True
 +
 +    # Max number of hashes saved for filter function
 +    maxlen_network: 1000000

• New section for network bolt:

+# Network bolt configuration
 +network:
 +    shodan:
 +        enabled: False
 +        api_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 +
 +    virustotal:
 +        enabled: False
 +        api_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

SpamScope v1.4.10

Highlights

• Fixed bug Redis client: issue push messages empty.
• Fixed report Zeman: report Zemana only in attachments documents.

SpamScope v1.4.9

Highlights

• Fixed bug template Elasticsearch, to manage geoip and draw sender spam map.

SpamScope v1.4.8

Highlights

• Fixed bug topology Redis. Now it's possible use SpamScope with logstash.

SpamScope v1.4.7

Highlights

• Upgraded requirements: new version of mail-parser.
• Fixed bugs: now more stable.
• New Zemana AntiMalware integration: post processing attachments. New configuration section in attachments bolt.

+    zemana:
 +        enabled: False
 +
 +        PartnerId: xxxxx
 +        UserId: xxxxx
 +        ApiKey: xxxxx
 +        useragent: SpamScope

SpamScope v1.4.6

Highlights

• Upgraded requirements: new versions of mail-parser and tika-app.
• Fixed bugs: now more stable.
• More attachments processes: upgraded parallelism for attachment bolt.