Hello everyone, I seem to be having a problem that I can only replicate on Solaris 8, and I wanted to see if anyone else might know a solution.
I am running Solaris 8 with Exim + Exiscan + ClamAV as an email and antivirus solution. When I compiled clam, zlib support was linked into the it, and running clamscan from the command line confirms that clam can unzip .zip archives and scan the contents. The problem begins when I use ClamD. Exim is currently handing off all attatchments to clam to be scanned before forwarding the emails to the local boxes. However, it ALWAYS fails to unzip the archive and therefore always fails. Here are the Exim Logs and Clam Logs. EXIM LOGS: 2004-01-22 15:23:47 exim 4.30 daemon started: pid=28833, -q1h, listening for SMTP on port 25 (IPv4) 2004-01-22 15:28:22 Start queue run: pid=28849 2004-01-22 15:28:22 1Aj20V-00005l-E3 == [EMAIL PROTECTED] R=localuser T=local_delivery defer (-52): Retry time not yet reached 2004-01-22 15:28:22 End queue run: pid=28849 2004-01-22 15:28:29 1AjmNJ-0007VL-Jw malware acl condition: clamd: ClamAV returned /var/spool/exim/scan/1AjmNJ-0007VL-Jw/1AjmNJ-0007VL-Jw-00000.com: Zip module failure. ERROR 2004-01-22 15:28:29 1AjmNJ-0007VL-Jw H=ares.spg.more.net [150.199.21.156] F=<[EMAIL PROTECTED]> temporarily rejected after DATA Basically, the error exim receives from clam is: /var/spool/exim/scan/1AjmNJ-0007VL-Jw/1AjmNJ-0007VL-Jw-00000.com: Zip module failure. ERROR CLAMAV LOGS: # /etc/init.d/clamd start Starting Clam daemon LibClamAV debug: Loading databases from /usr/local/share/clamav LibClamAV debug: Loading /usr/local/share/clamav/main.cvd LibClamAV debug: /usr/local/share/clamav/main.cvd: CVD file detected LibClamAV debug: in cli_cvdload() LibClamAV debug: MD5(.tar.gz) = 0fbc6ba7124a69b5db9593b10279c608 LibClamAV debug: Decoded signature: 0fbc6ba7124a69b5db9593b10279c608 LibClamAV debug: Digital signature is correct. LibClamAV debug: in cli_untgz() LibClamAV debug: Unpacking /tmp/e6ed2808feabe7a0/COPYING LibClamAV debug: Unpacking /tmp/e6ed2808feabe7a0/viruses.db LibClamAV debug: Loading databases from /tmp/e6ed2808feabe7a0 LibClamAV debug: Loading /tmp/e6ed2808feabe7a0/viruses.db LibClamAV debug: Initializing trie. LibClamAV debug: Loading /usr/local/share/clamav/daily.cvd LibClamAV debug: /usr/local/share/clamav/daily.cvd: CVD file detected LibClamAV debug: in cli_cvdload() LibClamAV debug: MD5(.tar.gz) = 1095ab2c3f04c90cac0aca844ce4b81d LibClamAV debug: Decoded signature: 1095ab2c3f04c90cac0aca844ce4b81d LibClamAV debug: Digital signature is correct. LibClamAV debug: in cli_untgz() LibClamAV debug: Unpacking /tmp/e4dc6fff5b4354ba/COPYING LibClamAV debug: Unpacking /tmp/e4dc6fff5b4354ba/viruses.db2 LibClamAV debug: Loading databases from /tmp/e4dc6fff5b4354ba LibClamAV debug: Loading /tmp/e4dc6fff5b4354ba/viruses.db2 LibClamAV debug: Stat()ing files in /usr/local/share/clamav LibClamAV debug: Stat()ing files in /usr/local/share/clamav LibClamAV debug: Scanning /var/spool/exim/scan/1AjmNJ-0007VL-Jw/1AjmNJ-0007VL-Jw.eml LibClamAV debug: Starting scanmail() LibClamAV debug: in mbox() LibClamAV debug: Deal with header Received: from ares.spg.more.net ([150.199.21.156]) LibClamAV debug: parseMimeHeader: cmd='Received:', arg='from ares.spg.more.net ([150.199.21.156])' LibClamAV debug: Add argument 'by doink with esmtp (Exim 4.30)' LibClamAV debug: Add argument 'id 1AjmNJ-0007VL-Jw' LibClamAV debug: Add argument 'for [EMAIL PROTECTED]' LibClamAV debug: Add argument 'Thu, 22 Jan 2004 15' LibClamAV debug: Add argument '28' LibClamAV debug: Add argument '29 -0600' LibClamAV debug: Deal with header Received: by ares.spg.more.net (Postfix, from userid 1000) LibClamAV debug: parseMimeHeader: cmd='Received:', arg='by ares.spg.more.net (Postfix, from userid 1000)' LibClamAV debug: Add argument 'id B12441C71B64' LibClamAV debug: Add argument 'Thu, 22 Jan 2004 15' LibClamAV debug: Add argument '26' LibClamAV debug: Add argument '32 -0600 (CST)' LibClamAV debug: Deal with header To: [EMAIL PROTECTED] LibClamAV debug: parseMimeHeader: cmd='To:', arg='[EMAIL PROTECTED]' LibClamAV debug: Deal with header Message-Id: <[EMAIL PROTECTED]> LibClamAV debug: parseMimeHeader: cmd='Message-Id:', arg='<[EMAIL PROTECTED]>' LibClamAV debug: Deal with header Date: Thu, 22 Jan 2004 15:26:32 -0600 (CST) LibClamAV debug: parseMimeHeader: cmd='Date:', arg='Thu, 22 Jan 2004 15:26:32 -0600 (CST)' LibClamAV debug: Deal with header From: [EMAIL PROTECTED] (Sean Tempesta) LibClamAV debug: parseMimeHeader: cmd='From:', arg='[EMAIL PROTECTED] (Sean Tempesta)' LibClamAV debug: Deal with header LibClamAV debug: End of header information LibClamAV debug: in insert(nBlobs = 0) LibClamAV debug: Parsing mail file LibClamAV debug: mimeType = 0 LibClamAV debug: Add argument 'filename=textportion' LibClamAV debug: blobSetFilename: textportion LibClamAV debug: Saving main message, encoded with scheme 0 LibClamAV debug: Saving attachment in /tmp/18a450d97c902c55/textportion LibClamAV debug: Attachment saved as /tmp/18a450d97c902c55/textportionPRaOu4 (529 bytes long) LibClamAV debug: blobDestroy LibClamAV debug: insert() returning 1 LibClamAV debug: cli_mbox returning 0 LibClamAV debug: Scanning /tmp/18a450d97c902c55/textportionPRaOu4 LibClamAV debug: Starting scanzip() LibClamAV debug: Zip -> Not supported file format ?. LibClamAV debug: zzip_dir_fdopen() return code: -4122 LibClamAV debug: Scanning /var/spool/exim/scan/1AjmNJ-0007VL-Jw/1AjmNJ-0007VL-Jw-00000.com LibClamAV debug: Starting scanzip() LibClamAV debug: Zip -> Not supported file format ?. LibClamAV debug: zzip_dir_fdopen() return code: -4122 Can anyone help me track down what is wrong? Thank You! Sean Tempesta ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
