File Name Rule is triggered on HTML messages sent from Microsoft Exchange Server 2007 and above.

Article:TECH191437

Created: 2012-06-22

Updated: 2012-06-22

Article URL http://www.symantec.com/docs/TECH191437

Article Type
Technical Solution

Product(s)

Show all

Languages

Show all

Problem

A match list with *.HTML is used under File Name Rule.

Attach a HTML formatted mail message to a new message and attempt to send it through Microsoft Exchange Server 2007 and above. Notice the File Name Rule has been triggered on the attachment.

The problem cannot be reproduced under Microsoft Exchange Server 2003 environment.

Error

Error will be similar to the following:

"The attachment 'test' was Quarantined for the following reasons(s):

UNAUTHORIZED FILE was found in 273.html within test.eml.

Environment

Microsoft Exchange Server 2007 and above

Symantec Mail Security for Microsoft Exchange 6.x

Cause

For Microsoft Exchange 2007 onwards, Transport Agents have been used while for Microsoft Exchange 2003 SMTP sink has been used for real time scanning.

When a message which contains a MSG file as attachment is routed through Transpoort Agents, Microsoft Exchange 2007 and above returns MSG file as container (TNEF format). MSG is a multi-level container file and it contains an embedded HTML file due to HTML body. As a result the File Name Rule got triggered.

While on Microsoft Exchange 2003, message got routed through SMTP sink instead. Symantec Mail Security for Microsoft Exchange receives MSG file as flat file (MIME format). Hence it does not violate the File Name Rule.

Solution

The behavior is as expected and as per DESIGN.

Workaround:

Container scanning can be disabled under File Name Rule.

Under File Name Rule, uncheck the check box "Bypass scanning of container file(s)".

Be aware that once the check box is unchecked, this applies to all container file types.

Supplemental Materials

Source	ETrack
Value	2659932