Hi there,
I have a quite weird problem here.
Before I start: My boss _really_ wants to send and receive exe files, and I couldn't convince him otherwise, so, as much as I would like to just let my users host their files somewhere on the internet and only mail a link, that is not possible.
So, I made sure that amavis doesn't ban .exe extensions and mailed some of them around to make sure it works.
So today, I got an angry mail in my inbox, saying that he wasn't able to send around .exe files. He attached the error message:
Code:
VIRUS ALERT
Our content checker found
virus: Encrypted.Zip
in an email to you from probably faked sender:
?@[79.224.xxx.xxx]
claiming to be: <xxx@xxxx.de>
Content type: Virus
Our internal reference code for your message is 14233-07/XxeEgH3XtiP3
First upstream SMTP client IP address: [79.224.xxx.xxx]
pxxxxxxxx.xxx.t-dialin.net
According to a 'Received:' trace, the message apparently originated at:
[79.224.xxx.xxx], [192.168.xxx.xxx] pxxxxxxx.xxx.t-dialin.net [79.224.xxx.xxx]
Return-Path: <xxx@xxxx.de>
From: "xxxxxxxxxxxxxx" <xxx@xxxx.de>
Message-ID: <4B560C94.8070101@xxxx.de>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5)
Gecko/20091204 Thunderbird/3.0
Subject: fsfsdfsd
The message has been quarantined as: virus-XxeEgH3XtiP3
Please contact your system administrator for details. Weird... It wasn't a zip file.
And I am perfectly able to send around exe files using the Zimbra web client.
Does this make any sense to you? Maybe there is something wrong with his mail client?
thanks,
Pascal
Bugzilla
Wiki
Source
ZCS 6.0.4: ClamAV detects virus in clean .exe, but only sometimes? 
Linear Mode
