From: Tim Weippert (weititopf-sicret.org)
Date: Wed Jan 04 2006 - 00:19:21 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On Tue, Jan 03, 2006 at 08:36:01PM +0100, Vlada Macek wrote:
> Today I experienced a queue stucked mail. Amavis was unable to unpack a
> gzipped attachment:
>
> -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
> 366C29C0A5 71028 Tue Jan 3 16:27:13 EMAIL1
> (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing,
> id=17863-06, decoding2-get-file-types FAILED: 'file' utility
> (/usr/bin/file) failed, status=255 (65280 ) at /usr/sbin/amavisd-new
> line 3853. (in reply to end of DATA command))
> EMAIL2

this is an known Problem with file + Debian Sarge. I think there is also
an bug report on http://bugs.debian.org/.

As a Workaround do the following:

# don't trust this file type or corresponding unpacker for this file
# type,
# keep both the original and the unpacked file for a virus checker to
# see
# (lookup key is what file(1) utility returned):
#
$keep_decoded_original_re = new_RE(
  qr'^MAIL$', # retain full original message for virus checking
  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
  qr'^gzip compressed data',
);

Add gzip compressed data to $keep_decoded_original_re . With this the
attached Virusscanner gets both original and decoded files and have to
look on this on his own.

HTH,

        tim

--

Interpunktion und Orthographie dieser Email ist frei erfunden.
Eine Übereinstimmung mit aktuellen oder ehemaligen Regeln
wäre rein zufällig und ist nicht beabsichtigt.

Tim Weippert <weititopf-sicret.org>
http://www.topf-sicret.org/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]