0.1.0 • Public • Published

Build Status Coverage Status Code Climate

Haraka Content Scanning Server

An email scanning service for MTAs, exposed via a HTTP API.

How it works

  1. accepts a HTTP request (params in HTTP headers, email message in HTTP body)
  2. runs that message past as many content scanners as are requested (default: all) or as many are configured.
  3. Returns a JSON result with the scan results from each scanner


  • Haraka would need only a very simple data_post plugin
  • Scan the message against many scanners concurrently (default: 1 per CPU). This would be faster than Haraka plugins which execute serially, or SMTP pipelines.
  • Other MTAs could use this
  • Faster and more efficient: rather than streaming the message via TCP to each content scanner (once for SA, once for ClamAV, once for ....), this would stream the content once via TCP, and then this little server would use the file system or Unix Domain Sockets to pass the message to each content scanner.
  • Haraka could load balance requests to a pool of these scanning hosts.

Planned Initial Content Scanner Support

  • ClamAV
  • AVG
  • ESET
  • Kaspersky
  • SpamAssassin

Potential Future Additions

  • dcc
  • messagesniffer
  • dspam
  • VirusTotal (see also #1124)

Package Sidebar


npm i haraka-content-scanning-server

Weekly Downloads






Last publish


  • dexus1985
  • jomaar
  • msergeant
  • tnpi