Re: Encrypted archives and 7z on Debian Jessie (amavis 2.10.1)

2016-09-21 Thread Hoyer-Reuther, Christian 
I use a new workaround now. I replaced sub do_7zip in /usr/sbin/amavisd-new 
with sub from 2.11.0.

Encrypted archives are properly detected now when 7z is used and the subject is 
modified.

> -Original Message-
> From: amavis-users [mailto:amavis-users-bounces+christian.hoyer-reuther=cac-
> chem...@amavis.org] On Behalf Of Hoyer-Reuther, Christian
> Sent: Wednesday, September 14, 2016 2:11 PM
> To: amavis-users@amavis.org
> Subject: Encrypted archives and 7z on Debian Jessie (amavis 2.10.1)
> 
> Hello,
> 
> our mailserver run amavisd-new-2.10.1 on Debian Jessie. Regarding encrypted
> archives I configured $undecipherable_subject_tag = '+++Virus scan failed+++
> ' so the recipient is notified that the archive could not be scanned.
> 
> But when 7z or 7za is used as decoder of an encrypted archive then the
> subject is not modified.
> 
> According to the release notes this problem seems to be fixed in amavisd-
> new-2.11.0 ("updated decoder for 7z archives to improve handling of
> encrypted content; based on a patch by Markus Benning").
> 
> I don't know if 2.11.0 will be available on Jessie (or at least the fix for
> 7z), but for the moment I use the internal decoder for zip files as a
> workaround. Then it works and the subject is modified.

Re: Encrypted archives and 7z on Debian Jessie (amavis 2.10.1)

2016-09-20 Thread Hoyer-Reuther, Christian 
Using the internal decoder for 7z archives doesn't work.

I created unencrypted 7z archives with 7-Zip [64] 16.02 (Windows version) with 
4 different compression methods (lzma2, lzma, ppmd, bzip2).

Here are the results:

Test 7z-file with internal decoder (lzma2)
amavis[5901]: (05901-01) p002 1/2 Content-Type: application/x-7z-compressed, 
size: 318239 B, name: calc_lzma2.7z
amavis[5901]: (05901-01) (!)do_unzip: not a zip: AZ_FORMAT_ERROR (3)

Test 7z-file with internal decoder (lzma)
amavis[5902]: (05902-01) p002 1/2 Content-Type: application/x-7z-compressed, 
size: 318080 B, name: calc_lzma.7z
amavis[5902]: (05902-01) (!)do_unzip: not a zip: AZ_FORMAT_ERROR (3)

Test 7z-file with internal decoder (ppmd)
amavis[5901]: (05901-01) p002 1/2 Content-Type: application/x-7z-compressed, 
size: 318239 B, name: calc_lzma2.7z
amavis[5901]: (05901-01) (!)do_unzip: not a zip: AZ_FORMAT_ERROR (3)

Test 7z-file with internal decoder (bzip2)
amavis[5910]: (05910-01) p002 1/2 Content-Type: application/x-7z-compressed, 
size: 392934 B, name: calc_bzip2.7z
amavis[5910]: (05910-01) (!)do_unzip: not a zip: AZ_FORMAT_ERROR (3)

From: amavis-users 
[mailto:amavis-users-bounces+christian.hoyer-reuther=cac-chem...@amavis.org] On 
Behalf Of Dino
Sent: Thursday, September 15, 2016 9:00 PM
To: amavis-users@amavis.org
Subject: Re: Encrypted archives and 7z on Debian Jessie (amavis 2.10.1)

So what happens when you try to extract a unencrypted 7z archive using the 
internal decoder? Does that work?

Re: Encrypted archives and 7z on Debian Jessie (amavis 2.10.1)

2016-09-16 Thread Dino 
So what happens when you try to extract a unencrypted 7z archive using 
the internal decoder? Does that work?


On 9/14/2016 8:10 AM, Hoyer-Reuther, Christian wrote:

Hello,

our mailserver run amavisd-new-2.10.1 on Debian Jessie. Regarding encrypted 
archives I configured $undecipherable_subject_tag = '+++Virus scan failed+++ ' 
so the recipient is notified that the archive could not be scanned.

But when 7z or 7za is used as decoder of an encrypted archive then the subject 
is not modified.

According to the release notes this problem seems to be fixed in amavisd-new-2.11.0 
("updated decoder for 7z archives to improve handling of encrypted content; based on 
a patch by Markus Benning").

I don't know if 2.11.0 will be available on Jessie (or at least the fix for 
7z), but for the moment I use the internal decoder for zip files as a 
workaround. Then it works and the subject is modified.

I would like to know if there are any drawbacks when I use the internal decoder 
instead of 7z for zip files.

Regards,

Christian

A few details follow:

Debian Jessie package versions:
ii  amavisd-new1:2.10.1-2~deb8u1   all
ii  p7zip-full 9.20.1~dfsg.1-4.1+deb8u2amd64

Test with 7z:
amavis[6356]: (06356-01) (!!)collect_results from [6416] (/usr/bin/7z): exit 2 
\n7-Zip [64] 9.20  Copyright (c) 1999-2010 Igor Pavlov  2010-11-18\np7zip 
Version 9.20 (locale=C,Utf16=off,
HugeFiles=on,8 CPUs)\n\nProcessing archive: 
/var/lib/amavis/tmp/amavis-20160914T130733-06356-PkD36RYR/parts/p002\n\nExtracting
  eicar.txt\nEnter password (will not be echoed) : CRC Failed in encrypted
file. Wrong password?\n\nSub items Errors: 1\n\n

Test with 7za:
amavis[6566]: (06566-01) (!!)collect_results from [6610] (/usr/bin/7za): exit 2 
\n7-Zip (A) [64] 9.20  Copyright (c) 1999-2010 Igor Pavlov  2010-11-18\np7zip 
Version 9.20 (locale=C,
Utf16=off,HugeFiles=on,8 CPUs)\n\nProcessing archive: 
/var/lib/amavis/tmp/amavis-20160914T131036-06566-OSv3L3u_/parts/p002\n\nExtracting
  eicar.txt\nEnter password (will not be echoed) : CRC Failed in
encrypted file. Wrong password?\n\nSub items Errors: 1\n\n

Test with internal decoder:
amavis[6804]: (06804-01) do_unzip: p002, 1 members are encrypted, none 
extracted, archive retained

decoders and subject tag settings in /etc/amavis/conf.d/50-user:
$gzip   = 'gzip';
$bzip2  = 'bzip2';
$lzop   = 'lzop';
$rpm2cpio   = ['rpm2cpio.pl','rpm2cpio'];
$cabextract = ['7z', 'cabextract'];
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze   = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc= ['nomarch', 'arc'];
$unarj  = ['arj', 'unarj'];
$unrar  = ['rar', 'unrar'];
$zoo= 'zoo';
$lha= 'lha';
$pax= 'pax';
$cpio   = 'cpio';
$ar = 'ar';
$ripole = 'ripole';
$dspam  = 'dspam';
unshift(@decoders,
   # ['zip', \&Amavis::Unpackers::do_7zip, ['7z','7za'] ],
   ['zip', \&Amavis::Unpackers::do_unzip],
);
$undecipherable_subject_tag = '+++Virus scan failed+++ ';

decoders log at amavis startup:
amavis[6803]: Internal decoder for .zip
amavis[6803]: Internal decoder for .mail
amavis[6803]: No ext program for   .F, tried: unfreeze, freeze -d, melt, fcat
amavis[6803]: Found decoder for.Zat /bin/uncompress
amavis[6803]: Found decoder for.gz   at /bin/gzip -d
amavis[6803]: Internal decoder for .gz   (backup, not used)
amavis[6803]: Found decoder for.bz2  at /bin/bzip2 -d
amavis[6803]: Found decoder for.xz   at /usr/bin/xz -dc
amavis[6803]: Found decoder for.lzma at /usr/bin/xz -dc --format=lzma
amavis[6803]: Found decoder for.lrz  at /usr/bin/lrzip -q -k -d -o -
amavis[6803]: Found decoder for.lzo  at /usr/bin/lzop -d
amavis[6803]: Found decoder for.lz4  at /usr/bin/lz4c -d
amavis[6803]: Found decoder for.rpm  at /usr/bin/rpm2cpio
amavis[6803]: Found decoder for.cpio at /bin/pax
amavis[6803]: Found decoder for.tar  at /bin/pax
amavis[6803]: Found decoder for.deb  at /usr/bin/ar
amavis[6803]: Found decoder for.rar  at /usr/bin/unrar
amavis[6803]: Found decoder for.arj  at /usr/bin/arj
amavis[6803]: Found decoder for.arc  at /usr/bin/nomarch
amavis[6803]: Found decoder for.zoo  at /usr/bin/zoo
amavis[6803]: Found decoder for.doc  at /usr/bin/ripole
amavis[6803]: Found decoder for.cab  at /usr/bin/7z
amavis[6803]: Internal decoder for .tnef
amavis[6803]: Found decoder for.zip  at /usr/bin/7za (backup, not used)
amavis[6803]: Found decoder for.kmz  at /usr/bin/7za
amavis[6803]: Internal decoder for .zip  (backup, not used)
amavis[6803]: Internal decoder for .kmz  (backup, not used)
amavis[6803]: Found decoder for.7z   at /usr/bin/7za
amavis[6803]: Found decoder for.gz   at /usr/bin/7za (backup, not used)
amavis[6803]: Found decoder for.bz2  at /usr/bin/7za (backup, not used)
amavis[6803]: Found decoder for.Zat /usr/bin/7za (backup, not used)
amavis[6803]: Found decoder for.tar  at /usr/bin/7za (b