Spamscope

Highlights
- Added `debug-iter-topology` in `makefile` to debug running topology
- Added more stable topologies with `iter-files-mails`, the uses generator to send mails to topology. It's memory safe and stable
- Fixed many bug to avoid topology restarts
- Added three new topologies that use new spout

Highlights
- Resolved many bugs
- Getting only main headers fields from mails. This number can grow very fast.
- Added a field headers with all headers.
- Upgraded `mail-parser` and `streamparse`.
- Disabled Zemana integration from code (deprecated).

Highlights
- Added module that analyze **SMTP dialects**. Added `dialect` section in main configuration file
- Upgraded `mail-parser` and `Apache Tika` modules
- Resolved many bugs

Highlights
- Resolved many bug
- Performance improvement
- Added persistent store for RAM runtime filter. Now SpamScope saves the filter stores, so it can reload lists after a reboot
- Upgraded `mail-parser` library, now SpamScope stores all mail headers
- Added more logs
- Added filter for size for attachments

Highlights
- New documentation, with more details about configuration and installation.
- Added Ansible playbooks to install Apache Storm and SpamScope.
- Added priority for post processing.
- Added timeout for long time analysis function.

Highlights
- Fixed Travis CI configuration.
- New `store_samples` attachments post processing, to store samples on filesystem.
- Splitted Elasticsearch template for attachments and mails.
- Many fix to Elasticsearch template to upgrade at 6.x.
- Added whitelist to VirusTotal post processing.
- Storing analyzed mails in daily folders.
- Fixed many bugs.

:warning: Breaking Changes :warning:
- Changed main configuration file. All lists are under `list` key, so they are automatically loaded:


Attachments bolt configuration
attachments:
The lists of all components must be under lists keyword to load them
automatically
commons:
lists:
blacklist_content_types:
All content types to remove from results
Example in content_types/blacklist/generic.example.yml
generic: /path/to/generic_content_types
custom: /path/to/custom_content_types

not_extract_content_types:
All content types that you don't want extract from archive
Example: application/java-archive (jar), you can save the jar
but do not extract the class inside.
generic: /path/to/generic_content_types
custom: /path/to/custom_content_types