Problems with zips in 4.28.6-1

[Plant, Dean]

Julian Field wrote:
> I obviously should have done more testing with "Allow
> Password-Protected Archives = yes". Sorry about that. Apply this
> patch to Message.pm:
>

Julian,

The patch has fixed the problem with filename checks within zip
files but I am still unable to let encrypted zip files pass. This
seems to be a problem with the interaction of f-prot / MailScanner
as removing f-prot from my Virus Scanners lets encrypted zips pass

Here is the log file from a blocked mail with an encrypted zip.

Virus and Content Scanning: Starting
MailScanner[7733]: /var/spool/MailScanner/incoming/7733/i2BAfn4w007849/encrypted.zip->plugin-list  Not scanned (encrypted)
MailScanner[7733]: Virus Scanning: F-Prot found virus
MailScanner[7733]: Virus Scanning: F-Prot found 1 infections

This is my MailScanner.conf setting

# cat /etc/MailScanner/MailScanner.conf | grep Password-Pro
Allow Password-Protected Archives = yes

Here is the result if I run f-prot manually on the file

F-PROT ANTIVIRUS
Program version: 4.4.0
Engine version: 3.14.10

VIRUS SIGNATURE FILES
SIGN.DEF created 10 March 2004
SIGN2.DEF created 10 March 2004
MACRO.DEF created 8 March 2004

Search: ./encrypted.zip
Action: Report only
Files: "Dumb" scan of all files
Switches: -ARCHIVE -PACKED -SERVER

/var/spool/MailScanner/quarantine/20040311/i2BAfn4w007849/encrypted.zip->plugin-list  Not scanned (encrypted)

Results of virus scanning:

Files: 1
MBRs: 0
Boot sectors: 0
Objects scanned: 0

Any idea's?

Thanks

Dean.

--

Visit our website at www.roke.co.uk

Registered Office: Roke Manor Research Ltd, Siemens House, Oldbury, Bracknell,
Berkshire. RG12 8FZ

The information contained in this e-mail and any attachments is confidential to
Roke Manor Research Ltd and must not be passed to any third party without
permission. This communication is for information only and shall not create or
change any contractual relationship.