Can't send encrypted PDFs through Zimbra 8.5

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
bjquinn
Advanced member
Advanced member
Posts: 179
Joined: Fri Sep 12, 2014 10:00 pm

Can't send encrypted PDFs through Zimbra 8.5

Postby bjquinn » Thu Oct 02, 2014 2:40 pm

I've unchecked global settings -> as/av -> block encrypted archives, I've confirmed that zmprov gcf zimbraVirusBlockEncryptedArchive returns false, and I've changed


%%uncomment VAR:zimbraVirusBlockEncryptedArchive%%ArchiveBlockEncrypted yes


to


%%comment VAR:zimbraVirusBlockEncryptedArchive%%ArchiveBlockEncrypted yes


in /opt/zimbra/conf/clamd.conf.in.



I've restarted Zimbra since all these changes, and yet I still get the following in /var/log/zimbra.log when I try to send an email with an encrypted PDF --


Oct  2 12:49:47 mail amavis[31934]: (31934-08) Blocked INFECTED (Heuristics.Encrypted.PDF) {DiscardedInternal,Quarantined}, ORIGINATING/MYNETS LOCAL [x.x.x.x]:20375 <xxxxx@xxxxx.com> -> <xxxxx@xxxxx.com>, quarantine: xxxxx@xxxxx.com, Queue-ID: 482B7450048D, Message-ID: <01cfde69$Blat.v2.6.1$49bbd460$13004c307c6b@xxxxx.com>, mail_id: Vrhfa13wMLMv, Hits: -, size: 8223, 216 ms


EDIT:  I should mention that the above combination of settings worked fine on 8.0.6.



bjquinn
Advanced member
Advanced member
Posts: 179
Joined: Fri Sep 12, 2014 10:00 pm

Can't send encrypted PDFs through Zimbra 8.5

Postby bjquinn » Thu Oct 02, 2014 3:00 pm

Ok, there's nothing like solving your own problem right after posting it on the forums!

For posterity, it appears that making the change in /opt/zimbra/conf/clamd.conf.in had the effect of not allowing Zimbra's zimbraVirusBlockEncryptedArchive variable to have an effect either way (basically we're commenting out letting the Zimbra variable write to that ClamAV setting on startup, at least that's the way I read it). The version of ClamAV bundled in earlier versions of Zimbra must have defaulted to *NOT* blocking encrypted archives, but Zimbra's zimbraVirusBlockEncryptedArchive value itself defaulted to true. By commenting out the Zimbra variable in clamd.conf.in, it went back to ClamAV's default. Must be that the new version of ClamAV in Zimbra 8.5 defaults to block encrypted archives, even though it says "Default: no" right before the setting.

Anyway, setting the correct Zimbra variable combined with leaving clamd.conf.in alone and a zmclamdctl restart fixed my problem.



EDIT: I don't seem to be able to mark my own post as an answer, but this is definitely the solution to my problem.

User avatar
tonster
Zimbra Employee
Zimbra Employee
Posts: 313
Joined: Fri Feb 21, 2014 10:14 am
Location: Ypsilanti, MI
ZCS/ZD Version: Release 8.7.0_GA_1659.RHEL6_64_2016

Can't send encrypted PDFs through Zimbra 8.5

Postby tonster » Thu Oct 02, 2014 9:17 pm

Yes, you should really never modify the .conf.in files. Changing the value and either waiting a bit for zmconfigd to bounce the AV service or restarting amavisd would have accomplished the same thing, and it would have taken effect.
rhoward
Zimbra Alumni
Zimbra Alumni
Posts: 63
Joined: Tue Jul 08, 2003 12:59 pm

Can't send encrypted PDFs through Zimbra 8.5

Postby rhoward » Fri Oct 03, 2014 12:45 am

[quote user="bjquinn"]I don't seem to be able to mark my own post as an answer[/quote]


Yeah, we have the forums setup so the post author chooses if it is a discussion or a question. If it is posted as a discussion there is no answer workflow. 


I think the plan is once we move to these to their permanent home we're going to setup the technical forums as Q/A. Answered questions get boosted in search too.


Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 16 guests