clamav 0.75 Oversized Zip

Dustin Baer dustin.baer at IHS.COM
Fri Aug 13 16:21:44 IST 2004

Hi All,

Sendmail 8.13.0
Solaris 2.9

I've been using Sophos, but have also just installed ClamAV 0.75 and am
having the Oversized Zip problem.  There are a few past threads in the
list concerning this in older version of ClamAV.   With 0.75, there is
an option in clamav.conf, which is supposed to take care of the problem:

    # Mark potential archive bombs as viruses (0 disables the limit)
    ArchiveMaxCompressionRatio 200

When I set this to "0" the files is still found to have Oversized Zip.

Before I write to the Clam list, I'll ask here...does MailScanner use
clamav.conf?  I think not, since moving clamav.conf out of the way
doesn't break anything else.

I've also uncommented the following line in lib/clamav-wrapper, with no

# Uncomment next line if you need to disable Clam's DoS protection
ExtraScanOptions="--max-files=0 --max-space=0 --max-recursion=0

Here is the output of a test

$ /opt/MailScanner/lib/clamav-wrapper /usr/local "13-aug-2004 08-25.pra"

08-25.pra: Oversized.Zip FOUND

----------- SCAN SUMMARY -----------
Known viruses: 23388
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
I/O buffer size: 131072 bytes
Time: 4.645 sec (0 m 4 s)

Can anybody clue me into how I can stop the ClamAV checks that find
"Oversized.Zip FOUND"



------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ ( and
the archives (

More information about the MailScanner mailing list