No filetype checks on RAR-archives

Jerry Benton jerry.benton at mailborder.com
Wed Apr 15 08:22:05 UTC 2015 

Sigh … its 2015 not 1993.

https://s3.amazonaws.com/mailborder/releases/stable/4.1.0/unrar-4.2.3-1.el6.rf.i686.rpm <https://s3.amazonaws.com/mailborder/releases/stable/4.1.0/unrar-4.2.3-1.el6.rf.i686.rpm>


-
Jerry Benton
www.mailborder.com



> On Apr 15, 2015, at 4:19 AM, Volker Dose <vpdose at kirchenweg.de> wrote:
> 
> Hi,
> 
> Thanks a lot for the link, But I am using  a 32bit architektur, do you have a rpm for that also?
> 
> Best regards,
> 
> Volker
> 
> Volker Dose
> 
> Am 15.04.2015 um 09:42 schrieb Jerry Benton <jerry.benton at mailborder.com <mailto:jerry.benton at mailborder.com>>:
> 
>> https://s3.amazonaws.com/mailborder/releases/stable/4.1.0/unrar-4.2.3-1.el6.rf.x86_64.rpm <https://s3.amazonaws.com/mailborder/releases/stable/4.1.0/unrar-4.2.3-1.el6.rf.x86_64.rpm>
>> 
>> 
>> -
>> Jerry Benton
>> www.mailborder.com <http://www.mailborder.com/>
>> 
>> 
>> 
>>> On Apr 15, 2015, at 3:37 AM, Volker Dose <vpdose at kirchenweg.de <mailto:vpdose at kirchenweg.de>> wrote:
>>> 
>>> Hi,
>>>  
>>> I am using CentOS and afaik there is no rar-Support compiled in - at least no sign of "libclamavunrar":
>>>  
>>>  
>>> [root at mailscanner ~]# ldd /usr/bin/clamscan 
>>>         linux-gate.so.1 =>  (0x00748000) 
>>>         libclamav.so.6 => /usr/lib/libclamav.so.6 (0x008ef000) 
>>>         libxml2.so.2 => /usr/lib/libxml2.so.2 (0x001bf000) 
>>>         libz.so.1 => /lib/libz.so.1 (0x00f46000) 
>>>         libbz2.so.1 => /lib/libbz2.so.1 (0x00515000) 
>>>         libssl.so.10 => /usr/lib/libssl.so.10 (0x00659000) 
>>>         libcrypto.so.10 => /usr/lib/libcrypto.so.10 (0x0030a000) 
>>>         libm.so.6 => /lib/libm.so.6 (0x004d2000) 
>>>         libdl.so.2 => /lib/libdl.so.2 (0x00fce000) 
>>>         libpthread.so.0 => /lib/libpthread.so.0 (0x00526000) 
>>>         libc.so.6 => /lib/libc.so.6 (0x00749000) 
>>>         libgssapi_krb5.so.2 => /lib/libgssapi_krb5.so.2 (0x00541000) 
>>>         libkrb5.so.3 => /lib/libkrb5.so.3 (0x00af2000) 
>>>         libcom_err.so.2 => /lib/libcom_err.so.2 (0x004fc000) 
>>>         libk5crypto.so.3 => /lib/libk5crypto.so.3 (0x00581000) 
>>>         libresolv.so.2 => /lib/libresolv.so.2 (0x005ac000) 
>>>         /lib/ld-linux.so.2 (0x00e11000) 
>>>         libkrb5support.so.0 => /lib/libkrb5support.so.0 (0x00501000) 
>>>         libkeyutils.so.1 => /lib/libkeyutils.so.1 (0x0050d000) 
>>>         libselinux.so.1 => /lib/libselinux.so.1 (0x00bfc000)
>>>  
>>> When I check a zip-archiv it shows this:
>>>  
>>> [root at mailscanner ~]# clamscan putty.zip
>>> 
>>> putty.zip: Sanesecurity.Foxhole.Zip_exe.UNOFFICIAL FOUND
>>> 
>>> ----------- SCAN SUMMARY -----------
>>> Known viruses: 4478278
>>> Engine version: 0.98.6
>>> Scanned directories: 0
>>> Scanned files: 1
>>> Infected files: 1
>>> Data scanned: 0.00 MB
>>> Data read: 0.25 MB (ratio 0.00:1)
>>> Time: 16.959 sec (0 m 16 s)
>>> 
>>>  
>>>  
>>> [root at mailscanner ~]# clamscan putty.rar
>>> 
>>> putty.rar: OK
>>> 
>>> ----------- SCAN SUMMARY -----------
>>> 
>>> Known viruses: 4478278 
>>> Engine version: 0.98.6 
>>> Scanned directories: 0 
>>> Scanned files: 1 
>>> Infected files: 0 
>>> Data scanned: 0.22 MB 
>>> Data read: 0.22 MB (ratio 1.00:1) 
>>> Time: 17.652 sec (0 m 17 s)
>>> 
>>>  
>>>  
>>> But this is maybe just a side-problem, I was hoping to get the filetype recognition working in MS.
>>>  
>>> Here my Settings regarding rar/unrar  in MailScanner.conf:
>>>  
>>> Unrar Command = /usr/bin/unrar 
>>> Unrar Timeout = 50
>>>  
>>>  
>>> Best regards
>>> Volker
>>> 
>>> > Rick Cooper <rcooper at dwford.com <mailto:rcooper at dwford.com>> hat am 15. April 2015 um 02:03 geschrieben: 
>>> > 
>>> > 
>>> > Volker Dose wrote: 
>>> > > Hi, 
>>> > > 
>>> > > I have already configured the foxhole-stuff and it works brilliantly 
>>> > > on zip-files. But no effect on executables in rar-archives. 
>>> > > 
>>> > > I was reading, that clam has no support for opening and scanning 
>>> > > rar-archives because of license issues. I have the actual clamav 
>>> > > installed and even tried to compile from scratch, but no success 
>>> > > -rar-files are not scanned. 
>>> > 
>>> > ClamAv has had RAR capabilities since verion 0.90. 
>>> > Now, from what I remember Fedora does not include libunrar (even though it's 
>>> > free) and I think there version of the rpm uses the --disable-unrar switch 
>>> > as well. Don't remember if you are using fedora or not. 
>>> > 
>>> > 
>>> > Also you have to have unrar installed for MailScanner to unpack it. 
>>> > Look in the MailScanner.conf for 
>>> > 
>>> > MailScanner.conf:Unrar Command = /usr/bin/unrar 
>>> > 
>>> > And point it to your unrar binary 
>>> > 
>>> > 
>>> > -- 
>>> > MailScanner mailing list 
>>> > mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info> 
>>> > http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner> 
>>> > 
>>> 
>>> 
>>> -- 
>>> MailScanner mailing list
>>> mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info>
>>> http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner>
>> 
>> 
>> -- 
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info>
>> http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner>
>> 
> 
> 
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/listinfo/mailscanner
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150415/6573fb00/attachment-0001.html>

More information about the MailScanner mailing list