Thanks Mickaël. If a .zip file is corrupt though, would it also be un-zip-able? And would therefore not pose a threat?
Could you share the unzip/Unpackers line with us that you use in your amavisd.conf file please? Thanks, Patrick. From: Mickaël Maillot [mailto:[email protected]] Sent: Friday, May 13, 2016 5:17 AM To: Maurizio Marini <[email protected]> Cc: Kirchner, Patrick <[email protected]>; [email protected] Subject: Re: Can't Block .js files inside of .zip Email Attachments I just want to warn you because 7zip cannot decode corruption zip and will not even list files in it. It's why i switch back to unzip to decode zip. 2016-05-10 20:04 GMT+02:00 Maurizio Marini <[email protected]<mailto:[email protected]>>: On Fri, 6 May 2016 15:24:10 +0000 "Kirchner, Patrick" <[email protected]<mailto:[email protected]>> wrote: > An infected .js file in a .zip file that made its way through the email > server was luckily blocked by antivirus on my wife's Mac, so I'd really like > to be able to block such files. I can provide an sample of one of the .js > files if it would be helpful. Hello Patrick I had the same issue, you have to raise log level, then you can check if zip file is unzipped; js are blocked, but ziped files should be opened I solved by installing p7zip this is not enough, you should configure amavis to use it whan you receive zip attachments I used this unshift(@decoders, ['zip', \&Amavis::Unpackers::do_7zip, ['7z','7za'] ], ); I am not an expert at all, I am very lame and I can't say this is the proper solution, what I note was that after this configuration zipped attachments were correctly opened -m
