File name rule configured to block attachments with .msg or .eml extension fails to take action.
|Article:TECH122849|||||Created: 2010-01-29|||||Updated: 2014-01-08|||||Article URL http://www.symantec.com/docs/TECH122849|
The file name rule has been configured to filter attachments, but it is not taking action against .msg or .eml attachments. What can be done?
The file name rule works successfully for all configured attachments, except *.eml and *.msg
Symantec Mail Security for Microsoft Exchange (SMSMSE) cannot determine whether a .eml or .msg file is an attachment or a message body during Exchange transport (if attached using certain email clients), and as a result will not take action to avoid quarantining legitimate message bodies.
This problem is fixed in Symantec Mail Security 6.0.10 for Microsoft Exchange and later, including version 6.5. To learn how to obtain the latest version, read Where to download the latest version of Symantec Mail Security for Microsoft Exchange.
In previous versions, as a workaround, SMSMSE can be configured to scan these attachments. However, be aware that this workaround could cause the rule to quarantine the entire message body instead of just the violating attachment.
To configure the scanning of embedded attachments
- Open the registry editor (Start -> Run -> Regedit)
- Navigate to HKEY_LOCAL_MACHINE\Software\Wow6432Node\Symantec\SMSMSE\6.5\Server\Components\SMTP
- Create a new DWORD value called RecursionEnabled
- Set the value to 1
- Exit the registry editor.
- Restart the Microsoft Exchange Transport service and the Symantec Mail Security for Microsoft Exchange service.
- Without workaround: Embedded attachments with the extension .msg or .eml will not be scanned for content filtering violations.
- With workaround: Embedded attachments will be scanned, but if a violation is found, in certain circumstances SMSMSE will quarantine the message body in addition to the attachment that violated the rule.
Article URL http://www.symantec.com/docs/TECH122849