Mark,

>> My current thinking is that it's something weird with amavis unpacking
> the
>> zip file into its constituent parts?  I know that amavisd-new will
> unpack
>> archives into a temp folder and scan the files individually, though does
> it
>> scan the archive as a whole (meaning that my md5 hash will match the zip
>> file itself)?

> If archive unpacking is successful (no errors or unexpected warnings
> from dearchiver), the archive is deleted and only its members retained
> for AV scanning.
> 
> That is so, UNLESS @keep_decoded_original_maps tells otherwise:
> 
> @keep_decoded_original_maps = (new_RE(
>   qr'^MAIL$',   # retain full original message for virus checking
>   qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if undecipherable
>   qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
>   qr'^Zip archive data',     # don't trust Archive::Zip
> ));
> 
> 
> amavisd-new-20021116 release notes:
> 


Excellent!  That is exactly what I was looking for.  Sending the file
through as an attachment is now triggering ClamAV and the file is being
blocked as intended.


Thank you very much for your help - I wish commercial software companies
were as efficient and responsive as you are!



Thanks


Richard






------------------------------------------------------------------------------
SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada.
The future of the web can't happen without you.  Join us at MIX09 to help
pave the way to the Next Web now. Learn more and register at
http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net 
https://lists.sourceforge.net/lists/listinfo/amavis-user 
 AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 
 AMaViS-HowTos:http://www.amavis.org/howto/ 

Reply via email to