Which virus scanner you are using? If it is clamav then check for<br>ArchiveMaxRecursion <br><br>in /etc/clamd.conf<br><br>I am just guessing this could be a problem. Its not bad to give it a try.<br><br><br><div><span class="gmail_quote">
On 7/21/06, <b class="gmail_sendername">David Nalley</b> <<a href="mailto:firstname.lastname@example.org">email@example.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
><br>> My main query, I guess is that:<br>><br>> Jul 21 14:27:58 postbox MailScanner: Files hidden in<br>> very deeply nested archive in E084A13FB1A.22FE1<br>><br>> doesn't really give me a hint as to whether I should be
<br>> changing the setting to 0/disabling it, or whether 5, 50 or<br>> 500 will be better.<br>><br>I think the issue is that if you allow it to unzip continuously it could<br>lead to a situation where the virus scanner would time out and then pass
<br>on a potentially harmful attachment. In addition it would burn CPU<br>cycles.<br><br>Realistically, I think that you could open the zip files (assuming that<br>they are legitimate) and determine depth and use depth+n to make it a
<br>non-issue. Unfortunately I don't really see a way of gunzip telling how<br>deeply nested the file is, other than it is nested at least once more<br>than the limit specified, and thus it has no way of giving you a hint.
<br>--<br>MailScanner mailing list<br><a href="mailto:firstname.lastname@example.org">email@example.com</a><br><a href="http://lists.mailscanner.info/mailman/listinfo/mailscanner">http://lists.mailscanner.info/mailman/listinfo/mailscanner
</a><br><br>Before posting, read <a href="http://wiki.mailscanner.info/posting">http://wiki.mailscanner.info/posting</a><br><br>Support MailScanner development - buy the book off the website!<br></blockquote></div><br><br clear="all">