I made some tests with havp-0.88 and clamav-0.93 and i think there is an issue with cab-Archives.
The new Version of havp handles zip, tar, tar.gz, tar.bz2 ... correctly and block them, if there was a virus detected. But tests with cab-archives failed!
For example eicar.cab is seen in the access.log as ok.
I found there another example for testvirus called motor.cab found in sourceforge from 2005:
https://sourceforge.net/mailarchive/message.php?msg_id=Pine.LNX.4.61.0509141522080.31135%40patascoy.ovsp.gov.cosometimes the file is dectet correctly, but is not blocked by havp!
I made tests on my debian server with amavis and clamav and the virus was detectet correctly and was blocked.
Is there any bug in the new version of havp?
I'm sending there a link, where any discussions around havp and clamav where happens:
http://www.ipcop-forum.de/forum/viewtopic.php?f=28&t=20948Best regards, karesmakro