Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: albatroz on September 05, 2007, 03:44:38 PM
-
I have noticed that the clamav installation inside SME server is giving me
some false positives. For instance when someone sends me several files inside
a zip file it is detected as a virus infected file.
Is someone else suffering the same issue?
Thanks in advance
-
Just adding more info about this issue:
the sender received when the email bounced
190.41.24.200 failed after I sent the message.
Remote host said: 552 Virus Found: Oversized.Zip
We are using SME 7.2
-
from a quick googling I've found:
Whenever a file exceeds ArchiveMaxCompressionRatio (see clamd.conf man page), it's considered a logic bomb and marked as Oversized.zip . Try increasing your ArchiveMaxCompressionRatio setting.
look for ArchiveMaxCompressionRatio, ArchiveMaxFileSize, ArchiveMaxFiles, ArchiveMaxRecursion in /etc/clamd.conf
and, of course, man clamd.conf ;-)
HTH
Ciao
Stefano
-
Are those files templated?
-
Are those files templated?
it's only one file: /etc/clamd.conf
yes, it's templated..
Ciao
Stefano
-
Are those files templated?
Please, see
http://wiki.contribs.org/DB_Variables_Configuration#Clam_AntiVirus_.28clamav.29
Also check if you have select some files under Ativirus - server-manager. Please, not check the last two zip files.