[Mimedefang] Problem scanning ZIP archives with CLAMAV
Alain DESEINE
alain at cabinfo.com
Fri Feb 13 04:18:02 EST 2004
Hi,
I got a problem using CLAMAV and MIMEDefang when scanning zip files
containing viruses ...
When i send a virus file in an email MIMEDefang/CLAMAV intercept it well,
but when i send the same virus in an archive file (ZIP file)
MIMEDefang/CLAMAV don't intercept it ! I've tried to save the archive file
on the server and scan it using both clamscan and the clamd
daemon (by issueing a telnet session and a SCAN command), both find the
virus in the ZIP testfile. I use both EICAR and MyDOOM viruses
for my tests. I've also test scanning my mailbox with the clamscan -m
option, and again, the virus is found in the zip archive ...
So the problem is apparently only when scanning ZIP archives attachments.
If anybody got an idea ...
My configuration :
MIMEDefang 2.38
Sendmail 8.12.10
Clamav 0.65
Clamav.conf :
===========
LogFile /var/log/clamd.log
LogFileMaxSize 2M
LogTime
LogSyslog
LogVerbose
PidFile /var/run/clamd/clamd.pid
DataDirectory /opt/clamav/share/clamav
TCPSocket 3310
TCPAddr 127.0.0.1
MaxConnectionQueueLength 30
StreamSaveToDisk
StreamMaxLength 100M
MaxThreads 30
ThreadTimeout 360
MaxDirectoryRecursion 15
User clamav
ScanMail
ScanArchive
ArchiveMaxFileSize 100M
ArchiveMaxRecursion 5
ArchiveMaxFiles 1000
ClamukoScanOnOpen
ClamukoScanOnClose
ClamukoScanOnExec
ClamukoIncludePath /home
ClamukoMaxFileSize 1M
ClamukoScanArchive
Thanks for responses.
Best regards,
Alain Deseine.
More information about the MIMEDefang
mailing list