We used Symantec messaging Gateway Appliances with version 10.xx, One of our user recivied One Email with attachment (.ZIP) and and got infected with Malware.
kindly help me to find out this issue.
Open an incident, but they need the sample.
In the meantime block these kind of files, eg exe, js, etc
In addition, add an additional malware-scanner
If the Messaging Gateway missed the threat, and the Endpoint client also missed the threat, we need a sample submitted so we can detect it in the future.
Please submit the sample here: https://submit.symantec.com/websubmit/basic.cgi
Hi,
in SMG, it is enabled by default? or we need to add additional rule to block this kind of email?
any help will be appreciate, thanks!
The 'Virus: Clean message" rule is the default for malware, so unless anything was changed that should still be in effect.
Hi Davis,
Thank for your response,
I am able to find this Virus: Clean message (default)" under Malware Policy, it is enabled and apply to default policy group.
but when tested, the virus email still go through
Does this message belong to SMG?
This message has been processed by Symantec AntiVirus.
Invoice Copy.ace was infected with the malicious virus Infostealer.Limitail and has been deleted because the file cannot be cleaned
No, that clearly states Symantec AntiVirus, which is a very old product