Hi Ralph,
yes, the tools on a particular platform are independent of amavis but
unfortunately I am currently also experiencing Problems with unrar and Amavis
and in
this case it seems that the problem lies on amavis side. I was running an older
version
of unrar (unrar-4.2.4-1.el7.x86_64) until a malware went through our system
because the
RARv5 archive containing the malware could not be unpacked. So I've tried to
upgrade the
unrar version in our systems in order to handle RARv5 archives. The problem is
that after
upgrading (to unrar-5.4.0-1.el7.x86_64) I am now getting another error, such as:
amavis[21724]: (21724-01) (!)do_unrar: can't parse info line for "" -rw-r--r--
68 72 105% 2020-04-15 15:01 6851CF3C eicar.com\n
I get this error when sending a test rar archive (created by me on my ubuntu
16.04 desktop
using rar version 2:5.3.b2-1) and which only contains the typical "eicar.com"
testfile. I've
confirmed that the rar archive is OK and I could even successfully unpack it on
the command
line directly on my amavis machine. Here is the output:
unrar x eicar.com.rar
UNRAR 5.40 freeware Copyright (c) 1993-2016 Alexander Roshal
Extracting from eicar.com.rar
Extracting eicar.com OK
All OK
However if I send this rar archive through amavis it fails with the error shown
above.
The amavis version running in our system is:
amavisd-new-2.11.1-1.el7.noarch
clamav-0.102.2-4.el7.x86_64
If I downgrade the unrar version to the previous version:
unrar-4.2.4-1.el7.x86_64
Than the test rar archive is unpacked correctly by amavis and the EICAR test is
recognized:
You can For details you can check my email sent to this mailing list on 25th
Mar. with subject:
"malware went through because RAR file fails to unpack".
----- Original Message -----
| From: "Ralph Seichter" <[email protected]>
| To: [email protected]
| Sent: Thursday, April 9, 2020 10:08:16 PM
| Subject: Re: amavisd and centos8 compatibility
| * [email protected]:
|
|> tools like unrar or cabextract is not available in centos8 with
|> epel-release and enabled PowerTools.
|
| Amavis searches the system it is running on for some well-known
| binaries. If CentOS uses different ones, you can manually change the
| list of binaries by modifying your amavisd.conf. Also, if you don't
| expect to receive .zoo or .cab archives, not having extractor utilities
| for them won't hurt much.
|
| What tools are available on a particular platform is not an Amavis
| issue, so I suggest you contact the CentOS package maintainers.
|
| -Ralph
