Hi everyone, I've experienced today the same problem as described here:
https://lists.amavis.org/pipermail/amavis-users/2016-May/004334.html i.e. malware went through amavis because the RAR archive containing the malware could not be unpacked: extract from logfile: amavis[4629]: (04629-01) (!)Decoding of p002 (RAR archive data, v2d, flags: Commented, Solid, os: OS/2) failed, leaving it unpacked: do_unrar: /var/spool/amavisd/tmp/amavis-20200323T174309-04629-o4cSZwti/parts/p002 is not RAR archive at (eval 133) line 1056. if it helps, the malware which hit this problem is already referenced at virustotal.com: https://www.virustotal.com/gui/file/2c8d19479b892ef10c1f7a87a97b41b27d8436388be337ebdbf36e76da91732f/detection Is it somehow possible to let amavis rather treat this as "quarantine" case, i.e. to not let the email go through if unrar fails? Any help is greatly appreciated. Best regards Jan
