When I test with the eicar_com.zip or eicarcom2.zip files, I get this entry in the mail log:
amavis[855]: (00855-01) (!)do_unzip: not a zip: AZ_FORMAT_ERROR (3) The non-zipped test files are recognized fine and handled properly. How can I fix this error? - FreeBSD 6.2-STABLE - amavisd-new-2.5.0,1 - postfix-2.4.1,1 Log file snippet: May 23 15:40:01 iguana amavis[743]: starting. /usr/local/sbin/amavisd at iguana.floco.com amavisd-new-2.5.0 (20070423), Unicode aware May 23 15:40:01 iguana amavis[743]: Perl version 5.008008 May 23 15:40:02 iguana amavis[746]: Module Amavis::Conf 2.086 May 23 15:40:02 iguana amavis[746]: Module Archive::Zip 1.18 May 23 15:40:02 iguana amavis[746]: Module BerkeleyDB 0.31 May 23 15:40:02 iguana amavis[746]: Module Compress::Zlib 2.004 May 23 15:40:02 iguana amavis[746]: Module Convert::TNEF 0.17 May 23 15:40:02 iguana amavis[746]: Module Convert::UUlib 1.08 May 23 15:40:02 iguana amavis[746]: Module DB_File 1.814 May 23 15:40:02 iguana amavis[746]: Module Digest::MD5 2.36 May 23 15:40:02 iguana amavis[746]: Module IO::Socket::INET6 2.51 May 23 15:40:02 iguana amavis[746]: Module MIME::Entity 5.420 May 23 15:40:02 iguana amavis[746]: Module MIME::Parser 5.420 May 23 15:40:02 iguana amavis[746]: Module MIME::Tools 5.420 May 23 15:40:02 iguana amavis[746]: Module Mail::Header 1.74 May 23 15:40:02 iguana amavis[746]: Module Mail::Internet 1.74 May 23 15:40:02 iguana amavis[746]: Module Mail::SpamAssassin 3.001008 May 23 15:40:02 iguana amavis[746]: Module Net::DNS 0.59 May 23 15:40:02 iguana amavis[746]: Module Net::Server 0.96 May 23 15:40:02 iguana amavis[746]: Module Net::Server::PreFork 0.96 May 23 15:40:02 iguana amavis[746]: Module Net::Server::PreForkSimple 0.96 May 23 15:40:02 iguana amavis[746]: Module Razor2::Client::Version 2.82 May 23 15:40:02 iguana amavis[746]: Module Time::HiRes 1.9707 May 23 15:40:02 iguana amavis[746]: Module URI 1.35 May 23 15:40:02 iguana amavis[746]: Module Unix::Syslog 0.100 May 23 15:40:02 iguana amavis[746]: Amavis::DB code loaded May 23 15:40:02 iguana amavis[746]: Amavis::Cache code loaded May 23 15:40:02 iguana amavis[746]: SQL base code NOT loaded May 23 15:40:02 iguana amavis[746]: SQL::Log code NOT loaded May 23 15:40:02 iguana amavis[746]: SQL::Quarantine NOT loaded May 23 15:40:02 iguana amavis[746]: Lookup::SQL code NOT loaded May 23 15:40:02 iguana amavis[746]: Lookup::LDAP code NOT loaded May 23 15:40:02 iguana amavis[746]: AM.PDP-in proto code loaded May 23 15:40:02 iguana amavis[746]: SMTP-in proto code loaded May 23 15:40:02 iguana amavis[746]: Courier proto code NOT loaded May 23 15:40:02 iguana amavis[746]: SMTP-out proto code loaded May 23 15:40:02 iguana amavis[746]: Pipe-out proto code NOT loaded May 23 15:40:02 iguana amavis[746]: BSMTP-out proto code NOT loaded May 23 15:40:02 iguana amavis[746]: Local-out proto code loaded May 23 15:40:02 iguana amavis[746]: OS_Fingerprint code NOT loaded May 23 15:40:02 iguana amavis[746]: ANTI-VIRUS code loaded May 23 15:40:02 iguana amavis[746]: ANTI-SPAM code loaded May 23 15:40:02 iguana amavis[746]: ANTI-SPAM-SA code loaded May 23 15:40:02 iguana amavis[746]: Unpackers code loaded May 23 15:40:02 iguana amavis[746]: Found $file at /usr/local/bin/file May 23 15:40:02 iguana amavis[746]: No $dspam, not using it May 23 15:40:02 iguana amavis[746]: No $altermime, not using it May 23 15:40:02 iguana amavis[746]: Internal decoder for .mail May 23 15:40:02 iguana amavis[746]: Internal decoder for .asc May 23 15:40:02 iguana amavis[746]: Internal decoder for .uue May 23 15:40:02 iguana amavis[746]: Internal decoder for .hqx May 23 15:40:02 iguana amavis[746]: Internal decoder for .ync May 23 15:40:02 iguana amavis[746]: Found decoder for .F at /usr/local/bin/unfreeze May 23 15:40:02 iguana amavis[746]: Found decoder for .Z at /usr/bin/uncompress May 23 15:40:02 iguana amavis[746]: Found decoder for .gz at /usr/bin/gzip -d May 23 15:40:02 iguana amavis[746]: Found decoder for .bz2 at /usr/bin/bzip2 -d May 23 15:40:02 iguana amavis[746]: Found decoder for .lzo at /usr/local/bin/lzop -d May 23 15:40:02 iguana amavis[746]: Found decoder for .rpm at /usr/local/bin/rpm2cpio.pl May 23 15:40:02 iguana amavis[746]: Found decoder for .cpio at /bin/pax May 23 15:40:02 iguana amavis[746]: Found decoder for .tar at /bin/pax May 23 15:40:02 iguana amavis[746]: Found decoder for .deb at /usr/bin/ar May 23 15:40:02 iguana amavis[746]: Internal decoder for .zip May 23 15:40:02 iguana amavis[746]: Found decoder for .7z at /usr/local/bin/7zr May 23 15:40:02 iguana amavis[746]: Found decoder for .rar at /usr/local/bin/unrar May 23 15:40:02 iguana amavis[746]: Found decoder for .arj at /usr/local/bin/arj May 23 15:40:02 iguana amavis[746]: Found decoder for .arc at /usr/local/bin/arc May 23 15:40:02 iguana amavis[746]: Found decoder for .zoo at /usr/local/bin/zoo May 23 15:40:02 iguana amavis[746]: Found decoder for .lha at /usr/local/bin/lha May 23 15:40:02 iguana amavis[746]: Found decoder for .cab at /usr/local/bin/cabextract May 23 15:40:02 iguana amavis[746]: No decoder for .tnef tried: tnef May 23 15:40:02 iguana amavis[746]: Internal decoder for .tnef May 23 15:40:02 iguana amavis[746]: Found decoder for .exe at /usr/local/bin/unrar; /usr/local/bin/lha; /usr/local/bin/arj May 23 15:40:02 iguana amavis[746]: Using primary internal av scanner code for ClamAV-clamd May 23 15:40:02 iguana amavis[746]: Found secondary av scanner ClamAV-clamscan at /usr/local/bin/clamscan May 23 15:40:02 iguana amavis[746]: Creating db in /var/amavis/db/; BerkeleyDB 0.31, libdb 4.1 Testing with eicar_com.zip: May 23 15:42:45 iguana postfix/pickup[821]: 0AA175CAB: uid=1001 from=<jdohanics> May 23 15:42:45 iguana postfix/cleanup[2153]: 0AA175CAB: message-id=<[EMAIL PROTECTED]> May 23 15:42:45 iguana postfix/qmgr[822]: 0AA175CAB: from=<[EMAIL PROTECTED]>, size=327, nrcpt=1 (queue active) May 23 15:42:45 iguana amavis[2057]: (02057-01) (!)do_unzip: not a zip: AZ_FORMAT_ERROR (3) May 23 15:42:46 iguana postfix/smtpd[2157]: connect from localhost[127.0.0.1] May 23 15:42:46 iguana postfix/smtpd[2157]: EE7935CAD: client=localhost[127.0.0.1] May 23 15:42:46 iguana postfix/cleanup[2153]: EE7935CAD: message-id=<[EMAIL PROTECTED]> May 23 15:42:46 iguana postfix/smtpd[2157]: disconnect from localhost[127.0.0.1] May 23 15:42:46 iguana postfix/qmgr[822]: EE7935CAD: from=<[EMAIL PROTECTED]>, size=758, nrcpt=1 (queue active) May 23 15:42:46 iguana amavis[2057]: (02057-01) Passed CLEAN, <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, Message-ID: <[EMAIL PROTECTED]>, mail_id: 462Rh88dBfcl, Hits: 0.102, size: 327, queued_as: EE7935CAD, 1734 ms May 23 15:42:46 iguana postfix/smtp[2155]: 0AA175CAB: to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.1, delays=0.22/0.16/0.01/1.7, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as EE7935CAD) May 23 15:42:46 iguana postfix/qmgr[822]: 0AA175CAB: removed May 23 15:42:47 iguana postfix/local[2159]: EE7935CAD: to=<[EMAIL PROTECTED]>, relay=local, delay=0.17, delays=0/0.1/0/0.07, dsn=2.0.0, status=sent (delivered to maildir) May 23 15:42:47 iguana postfix/qmgr[822]: EE7935CAD: removed Testing with eicar.com: May 23 16:14:56 iguana postfix/pickup[821]: E07425CAB: uid=1001 from=<jdohanics> May 23 16:14:56 iguana postfix/cleanup[2387]: E07425CAB: message-id=<[EMAIL PROTECTED]> May 23 16:14:56 iguana postfix/qmgr[822]: E07425CAB: from=<[EMAIL PROTECTED]>, size=383, nrcpt=1 (queue active) May 23 16:14:57 iguana postfix/smtpd[2391]: connect from localhost[127.0.0.1] May 23 16:14:57 iguana postfix/smtpd[2391]: 677BA5CAD: client=localhost[127.0.0.1] May 23 16:14:57 iguana postfix/cleanup[2387]: 677BA5CAD: message-id=<[EMAIL PROTECTED]> May 23 16:14:57 iguana postfix/smtpd[2391]: disconnect from localhost[127.0.0.1] May 23 16:14:57 iguana postfix/qmgr[822]: 677BA5CAD: from=<[EMAIL PROTECTED]>, size=1929, nrcpt=1 (queue active) May 23 16:14:57 iguana postfix/smtpd[2391]: connect from localhost[127.0.0.1] May 23 16:14:57 iguana postfix/smtpd[2391]: 7CACC5CAF: client=localhost[127.0.0.1] May 23 16:14:57 iguana postfix/cleanup[2387]: 7CACC5CAF: message-id=<[EMAIL PROTECTED]> May 23 16:14:57 iguana postfix/qmgr[822]: 7CACC5CAF: from=<[EMAIL PROTECTED]>, size=1051, nrcpt=1 (queue active) May 23 16:14:57 iguana postfix/smtpd[2391]: disconnect from localhost[127.0.0.1] May 23 16:14:57 iguana amavis[2056]: (02056-01) Blocked INFECTED (Eicar-Test-Signature), <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, quarantine: virus-9nJ7rIVPQlGn, Message-ID: <[EMAIL PROTECTED]>, mail_id: 9nJ7rIVPQlGn, Hits: -, size: 383, 623 ms May 23 16:14:57 iguana postfix/cleanup[2393]: 813295CB0: message-id=<[EMAIL PROTECTED]> May 23 16:14:57 iguana postfix/smtp[2389]: E07425CAB: to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.67, delays=0.02/0.01/0.01/0.63, dsn=2.7.0, status=sent (254 2.7.0 Ok, discarded, id=02056-01 - VIRUS: Eicar-Test-Signature) May 23 16:14:57 iguana postfix/qmgr[822]: E07425CAB: removed ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
