On Wed, 29 Apr 2015, jose-marcio martins da cruz wrote: > On 04/29/2015 06:20 PM, René Bellora wrote: >> El 29/04/15 a las 13:04, jose-marcio martins da cruz escibió: >>> >>> Hello, >>> >>> I'm getting different results when scanning a infected email message. >>> >>> On a Sparc Solaris 10 (32 bits compiled), clamdscan tels me that the >>> message is infected : "Heuristics.Encrypted.RAR FOUND" >>> >>> Testing it on two 64 bits linux boxes (fedora and ubuntu), both tels >>> me that the message is clean. >> >> >> >> linux 32bits also report the message clean (with "ArchiveBlockEncrypted >> yes" in clamd.conf) > > Hmmm... > > On the Solaris boxes, there are libclamunrar* libraries, while there aren't at > Linux boxes... > > Clamav on Solaris boxes were compiled and installed from sources, while at > Linux boxes they come from distros... > > If I remember, there is a kind of licence problem with rar libraries...
Debian has put the rar support in the "libclamunrar6" package in the "non-free" section of the repository. The clamav package doesn't even mention libclamunrar6 as a dependency or a recommended package. I guess that a formal dependancy on the non-free "libclamunrar6" package would have made clamav "non-free" too. I didn't check ubuntu but most likely ubuntu has a "libclamunrar6" package too as ubuntu is derived from debian. And I don't know anything about clamav in fedora. Regards, Kees Theunissen. -- Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724 Dutch Institute For Fundamental Energy Research (DIFFER) e-mail address: c.j.theunis...@differ.nl postal address: PO Box 1207, 3430 BE Nieuwegein, NL visitors address: Edisonbaan 14, 3439 MN Nieuwegein, NL _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
