Jonathan, > It seems that amavisd isn't properly looking inside of "rar" attachments > in our configuration. The unrar binary is detected on startup as the > application to deal with rar archives, but nothing is (seemingly) done > with these archives when a message passes through the system. > > I can successfully unrar stuff using the binary on the command line > (unrar e <filename>), and other archive utilities seem to be working > well. Problem seems to occur with numerous versions of amavisd-new > (2.3.2, 2.5.2, 2.6.1).
> Log snippit from message containing test.rar (which contains a (banned) > .exe file): > Oct 23 13:31:23 iscan1 amavis[22296]: [ID 702911 local1.info] (22296-01) > p002 1/2 Content-Type: application/octet-stream, size: 64622 B, name: > test.rar So the p002 part is of interest here. Let's see what the file(1) utility makes of it: > Oct 23 13:31:24 iscan1 amavis[22296]: [ID 702911 local1.info] (22296-01) > run_command: [22336] /usr/bin/file p001 p002 </dev/null 2>&1 > Oct 23 13:31:24 iscan1 amavis[22296]: [ID 702911 local1.info] (22296-01) > result line from file(1): p002:\t\tdata It says 'data', not 'RAR archive data'. So either the part is not a recognizable RAR archive, or your file(1) utility is broken. RAR decoding would only be invoked on parts which the file(1) utility recognizes as a RAR archive. (with the exception of executables which are tested for being self-extracting archives). Mark ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/