A prohibited archive has been detected
Автор
Precision Group
, сен 16 2008 10:27
9 ответов в этой теме
#1
Отправлено 16 Сентябрь 2008 - 10:27
Hello there
I have Linux VPS Server (CentOS 4.2) and running on Plesk 8.6. I used Qmail with DrWeb anti virus running on there. I just confused how to change the DrWeb configuration on the server. It needs to avoid this problem below:
-----Original Message-----
From: DrWeb-DAEMON [mailto:DrWEB-DAEMON@CENSORED.biz]
Sent: Thursday, 11 September, 2008 2:26 PM
To: System Administrator
Subject: A prohibited archive has been detected
Dear Postmaster,
the message with following attributes has not been delivered, because
contains an object which violates archive restrictions.
Sender = tony.wong@CENSORED.com
Recipients = alrain.f@CENSORED.biz
Subject = FW: CENSORED
Message-ID = <0A56383DF9BDD511BFF0009027B1157401575D05@FILESERVER>
--- Dr.Web report ---
Dr.Web detailed report:
127.0.0.1 [17735] drweb.tmp.LTFfYF - archive MAIL
127.0.0.1 [17735] drweb.tmp.LTFfYF/[text:plain] - archive MAIL
127.0.0.1 [17735] >drweb.tmp.LTFfYF/[text:plain]/Royal - Ok
127.0.0.1 [17735] drweb.tmp.LTFfYF/[text:plain] - Ok
127.0.0.1 [17735] drweb.tmp.LTFfYF/[text:html] - Ok
127.0.0.1 [17735] drweb.tmp.LTFfYF/image001.jpg - Ok
127.0.0.1 [17735] drweb.tmp.LTFfYF/RSK.zip - archive ZIP
127.0.0.1 [17735] >drweb.tmp.LTFfYF/RSK.zip/RSK.CSV - file too large, skipped
127.0.0.1 [17735] drweb.tmp.LTFfYF/RSK.zip - Ok
Dr.Web scanning statistic:
Archive restriction : 1
--- Dr.Web report ---
Based on this log, I must increase the "filesize" permission but I dont know how to do that. Please be advices.
Thanks
I have Linux VPS Server (CentOS 4.2) and running on Plesk 8.6. I used Qmail with DrWeb anti virus running on there. I just confused how to change the DrWeb configuration on the server. It needs to avoid this problem below:
-----Original Message-----
From: DrWeb-DAEMON [mailto:DrWEB-DAEMON@CENSORED.biz]
Sent: Thursday, 11 September, 2008 2:26 PM
To: System Administrator
Subject: A prohibited archive has been detected
Dear Postmaster,
the message with following attributes has not been delivered, because
contains an object which violates archive restrictions.
Sender = tony.wong@CENSORED.com
Recipients = alrain.f@CENSORED.biz
Subject = FW: CENSORED
Message-ID = <0A56383DF9BDD511BFF0009027B1157401575D05@FILESERVER>
--- Dr.Web report ---
Dr.Web detailed report:
127.0.0.1 [17735] drweb.tmp.LTFfYF - archive MAIL
127.0.0.1 [17735] drweb.tmp.LTFfYF/[text:plain] - archive MAIL
127.0.0.1 [17735] >drweb.tmp.LTFfYF/[text:plain]/Royal - Ok
127.0.0.1 [17735] drweb.tmp.LTFfYF/[text:plain] - Ok
127.0.0.1 [17735] drweb.tmp.LTFfYF/[text:html] - Ok
127.0.0.1 [17735] drweb.tmp.LTFfYF/image001.jpg - Ok
127.0.0.1 [17735] drweb.tmp.LTFfYF/RSK.zip - archive ZIP
127.0.0.1 [17735] >drweb.tmp.LTFfYF/RSK.zip/RSK.CSV - file too large, skipped
127.0.0.1 [17735] drweb.tmp.LTFfYF/RSK.zip - Ok
Dr.Web scanning statistic:
Archive restriction : 1
--- Dr.Web report ---
Based on this log, I must increase the "filesize" permission but I dont know how to do that. Please be advices.
Thanks
#2
Отправлено 16 Сентябрь 2008 - 10:41
Please, check MaxFileSizeToExtract setting (section Daemon) in drweb32.ini file.
#3
Отправлено 16 Сентябрь 2008 - 12:21
Based on the original configuration, MaxFileSizeToExtract = 40960 Kilobytes (It means = 40 MB rite?) And then I request to get the original files and send in to my Yahoo! mail and it just 12 MB.
So I think the problem is not from MaxFileSizeToExtract configuration. Please be advices.
So I think the problem is not from MaxFileSizeToExtract configuration. Please be advices.
#4
Отправлено 16 Сентябрь 2008 - 12:36
You mean, that size of RSK.zip/RSK.CSV file is 12 Mb? Strange.. Try to increase CompressionCheckThreshold and MaxCompressionRatio in Daemon section.
#5
Отправлено 16 Сентябрь 2008 - 12:46
I just change the "ArchiveRestriction = quarantine" to "ArchiveRestriction = pass" because my boss won't to change any configuration on the "drweb32.ini"
Thats true?
Thats true?
#6
Отправлено 16 Сентябрь 2008 - 12:50
seems yes.
#7
Отправлено 16 Сентябрь 2008 - 12:54
Danke comerade!
#8
Отправлено 17 Сентябрь 2008 - 10:00
Are DrWeb need to restarting after we change the configuration? If yes, how we can do that?
Please be advice
Please be advice
#9
Отправлено 17 Сентябрь 2008 - 10:03
np: just found that way by entering this following command
/etc/init.d/drwebd restart
/etc/init.d/drwebd restart
#10
Отправлено 17 Сентябрь 2008 - 10:07
Depends of changed settings type. For most settings you may just reload drwebd:
/etc/init.d/drwebd reload
but for some you need full restart:
/etc/init.d/drwebd restart
/etc/init.d/drwebd reload
but for some you need full restart:
/etc/init.d/drwebd restart
Читают тему: 0
0 пользователей, 0 гостей, 0 скрытых