(Posting this again as it seem not to have reached the list) I encountered some behavior that was not as I expected with some zip files and clamscan (I'm not saying it is a bug - it may be by design).
One of our clients attempted to send us a zipfile or data which had been compressed down to around 1.5% of its original size. Not surprisingly this triggered the oversize zip rule which in turn caused it to be rejected by MailScanner. Or response to this was to advise the client to password protect it (so that clam could not unzip it) - but this still triggered the oversize warning. Thinking more on this I'm guessing that clam does the equivalent of running zipinfo to work out the compression ratio and/or unzipped size before attempting to unpack (?). Since clam will be unable to unpack encrypted files within an archive should it really apply the oversize tests to them? I know that zipinfo is able to determine that a file is encrypted, so I presume this information should be available to clam. BMRB International http://www.bmrb.co.uk +44 (0)20 8566 5000 _________________________________________________________________ This message (and any attachment) is intended only for the recipient and may contain confidential and/or privileged material. If you have received this in error, please contact the sender and delete this message immediately. Disclosure, copying or other action taken in respect of this email or in reliance on it is prohibited. BMRB International Limited accepts no liability in relation to any personal emails, or content of any email which does not directly relate to our business. ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
