You are not logged in.
Situation: I use clamav to scan incoming mails for virus's via amavisd.
Problem: Incoming mail where a zip file is encrypted (or password protected) get marked as a virus and quarantined.
Disabling archive scanning is not a solution. I have set the following setting in clamd.conf, ArchiveBlockEncrypted no
So now clamd reports it as this in the log file:
Mon Jul 28 20:37:00 2008 -> /var/amavis/amavis-20080728T202129-31174/parts/p004: Suspect.Zip FOUND
Mon Jul 28 20:37:31 2008 -> /var/amavis/amavis-20080728T202259-31187/parts/p004: Suspect.Zip FOUND
Mon Jul 28 20:40:22 2008 -> /var/amavis/amavis-20080728T204022-32376/parts/p004: Suspect.Zip FOUND
Mon Jul 28 20:42:31 2008 -> /var/amavis/amavis-20080728T204231-32391/parts/p004: Suspect.Zip FOUND
Mon Jul 28 20:48:52 2008 -> /var/amavis/amavis-20080728T204852-00712/parts/p004: Suspect.Zip FOUND
Mon Jul 28 20:52:31 2008 -> /var/amavis/amavis-20080728T205006-00713/parts/p004: Suspect.Zip FOUND
Mon Jul 28 20:52:31 2008 -> /var/amavis/amavis-20080728T205006-00703/parts/p004: Suspect.Zip FOUND
Mon Jul 28 20:52:31 2008 -> /var/amavis/amavis-20080728T205231-00710/parts/p004: Suspect.Zip FOUND
Mon Jul 28 20:52:31 2008 -> /var/amavis/amavis-20080728T205006-00695/parts/p004: Suspect.Zip FOUND
The problem is, it should not even say anything at all. From reading google it seems this was a bug back in 0.82 and somehow slipped back into 0.93.1 which arch currently has on the 64bit platform. As far as I know this should never have made its way back into the main clamd tree but somehow did.
Is this package going to be updated, I believe its in the extra repo or am I left making my own PKGBUILD?
Thank you,
T
Last edited by Tinuva (2008-08-18 12:24:24)
Offline
Noticed there was an update, which fixed the problem. Thank you.
Offline