[SOLVED] 8.6_P6 on CentOS 6. How to stop wsf/js files in rar archives

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
liverpoolfcfan
Elite member
Elite member
Posts: 1096
Joined: Sat Sep 13, 2014 12:47 am

[SOLVED] 8.6_P6 on CentOS 6. How to stop wsf/js files in rar archives

Post by liverpoolfcfan »

Release 8.6.0_GA_1153.RHEL6_64_20141215151155 RHEL6_64 FOSS edition, Patch 8.6.0_P6.

Recently we have been receiving quite a lot of .js and .wsf files wrapped in zip archives. Amavisd has been doing a good job qyuarantining all of these.

This morning, however, I received a similar email but this time the wrapper is a .rar archive. Amavisd did not quarantine this one.

I am guessing that my server does not have a utility loaded that can open a .rar file but, it may also be that the default amavisd configuration does not look for these.

Can alyone tell me what I need to install/configure so that the server can scan inside .rar and .7z extensions in the same way it does with .zip files. I would prefer not to block the extensions entirely.

Thanks
Last edited by liverpoolfcfan on Fri Sep 30, 2016 10:34 am, edited 1 time in total.
liverpoolfcfan
Elite member
Elite member
Posts: 1096
Joined: Sat Sep 13, 2014 12:47 am

Re: 8.6_P6 on CentOS 6. How to stop wsf/js files in rar archives

Post by liverpoolfcfan »

I will answer my own question.

unrar is available from the repoforge respoitory (pkgs.repoforge.org). The original repository is down at present but it in the process of being made available again - see this thread for the temporary location of the repository https://github.com/repoforge/rpms/issues/375

Note: Do NOT install unrar 5 with zimbra 8.6 - The output format of the archive listings is incompatible with the version of amavisd shipped in zimbra 8.6 so the files will come through marked as "** UNCHECKED **". I installed the latest release of unrar 4 from the list and it is working as expected. wsf and js files within the archive cause it to be quarantined.

In researching this issue I also found that amavisd looks for 7zip to open some archives. I took the opportunity to add that to the server also. In this case it was available from the CentOS epel repository using "yum install p7zip"
Post Reply