Blocking password protected attachments using Symantec™ Mail Security 4.x for Microsoft Exchange
|Article:TECH82034|||||Created: 2004-01-05|||||Updated: 2004-01-05|||||Article URL http://www.symantec.com/docs/TECH82034|
Some viruses can arrive in a password protected ZIP file or other archive. An example is the W32.Beagle virus and its variants. You want to block attachments that are password protected. Symantec Mail Security 4.x for Microsoft Exchange is set up.
Setting up the Encrypted File Rule in Symantec Mail Security 4.x for Microsoft Exchange is a means of blocking password protected attachments. To set it up, use the following steps:
- Do one of the following:
Click Start > Programs > Symantec MS for Microsoft Exchange > Symantec Mail Security for Exchange.
In the left pane click on a server group. (Click on the server group you want to block password protected attachments on).
- In the left pane, click Policies > Standard Policy > Exception Subpolicy.
- In the right pane, click Edit for Encrypted File Rule.
- Under the section, "When an encrypted or protected file is detected," select one of the following actions:
WARNING: Messages and attachments deleted using any "Delete" option are not recoverable.
"Delete entire message"
"Quarantine attachment/message body, replace with text description"
- Under the section Email Alerts, uncheck alerts not needed.
Note: Check Enable,"To Administrators", when you want to know when SMS for Exchange blocks encrypted attachments.
- Click Save.
The following is a partial list of common viruses which use password protected zips:
Article URL http://www.symantec.com/docs/TECH82034