SMSMSE attempts to virus scan the attachments.  If it cannot decompose them properly it flags those as "unscannable" and quarantines them.  You should be able to release them from quarantine and open them.  If you are in fact finding the attachments are corrupted in the quarantine then you should open a support case for that issue.

Here is our main KB article on unscannable files: http://www.symantec.com/docs/TECH79940.  Basically it says a list of reasons for unscannable and then a workaround which is to log instead of quarantine.

It would be helpful to have the errors from the Windows Application Event log.  You can then search the KB for those errors to see if they are known issues: http://www.symantec.com/business/support/index?pag...

Here are some known issues:

Unscannable error "Scan Engine Error: CSAPI DEC result 0x11. Decomposer failed to open the container" when scanning PPS or PPT files

PowerPoint Documents Called Unscannable by Symantec Mail Security for Microsoft Exchange (SMSMSE) 6.5.5 with Decomposer Result 0x11

If the error messages/codes are not documented we would like to get samples of the files.  If we can reproduce the issue we can submit them to the Engineering group and get improvements in the scanning capabilities in later versions. 

So both Symantec and Google see issues with these files. Can you explain what leads you to believe that these are false reports? It sounds like the files are broken before we even see them.

Exchange only hands us a copy of the attachment, so if we don't take any actions, we don't touch the file but tell Exchange to deliver as normal.

It looks like this should be have been addressed in 6.5.5: PDF Files Marked Unscannable by Symantec Mail Security for Microsoft Exchange (SMSMSE) 6.5 or higher

But maybe there are still instances of issues.  If you send me a sample I can see if I can reproduce the issue.

I get the following error when I try to open it.

I did not get any scanning errors.  I looked at the differences between the files in a hex editor.  I can see that the second file DuarteAna_mar2011.pdf is a valid PDF file.  However the first file just contains NULLs the whole file. 

If you turn of SMSMSE services and pass the file through exchange to a mailbox are you able to open it?  I would be very surprised if SMSMSE is changing the contents of the file as that is not something it does.

If you are still having an issue I would open a support case and someone can walk through the issue with you in a webex and troubleshoot.

Ben

I would lean toward suspecting a firewall scanning smtp traffic

Please include the file and the Windows Application Event log that shows the specific error message when the file is scanned.

To rule SMS for Exchange out of the problem I'd probably configure an SMTP client like(Outlook Express) to send a mail with a working copy of the attachment directly to the Exchange server and see what comes through to the user mailbox.  If you can replicate the issue I'd then report to Support and get them to follow the same steps.

Kevin

In my lab I was able to send the DOC file without errors through Exchange with SMSMSE.

As others have mentioned it may be possible that other software is changing the attachments before they get to SMSMSE.  One way to tell is to quarantine the email on unscannable.  Then release the attachment from quarantine.  Then try to open it.  If you can't open it then the file is corrupt.  And it was likely corrupted before it got to SMSMSE.

You can open a support case and we can help you track this down.

There is probably something else blocking it before it gets to SMSMSE.

It is very clear that SMSMSE is ignoring the files, the error message explicitly states that.

I've finally found the problem.

I had our internal firewall scanning all SMTP traffic, blocking MS Office files with macros.

I disabled our firewall on SMTP traffic and making SMSE the only one scanning that information and we received the full e-mail without any problem.

Thank you for all your help!

Best regards.