ClamAVModule Oversized.Zip

Dan Farmer dan.farmer at
Wed Apr 25 21:47:29 IST 2007

Hello all,

I've got an issue with Oversized.Zip infections that I'm trying to  
disable and can't seem to nail down the correct settings. I've been  
using clamav for our virus scanning for longer than I care to recall  
and just this morning switched the setting over to clamavmodule to  
reduce the load on our relay. It reduced the load and everything is  
working but we get a lot of zip files (artwork) that compress very  
well and they are getting detected as viruses (Oversized.Zip)

I've searched the Mailscanner list and the ClamAV list and tried the  

ArchiveMaxCompressionRatio 0

ClamAVmodule Maximum Compression Ratio = 0

installed versions (i know they're a bit behind):
0.17    Mail::ClamAV

I reloaded MailScanner, start/stopped it, and finally rebooted the  
machine each time, to no avail. I created a 1MB file that zips to 4k  
and it gets detected everytime. Virus scanning doesn't get cached  
like SA results, so I figure I don't have to keep changing the file  
each test.

Is there a way to determine what config file clamavmodule is using  
and/or what current settings are? Where else should I be looking?


More information about the MailScanner mailing list