Tuesday, 29 September 2015

Symantec: Unable to Catch or Scan Files Inside of Attachment Containers ( eg. ZIP Files ) with Symantec Mail Security for Microsoft Exchange ( SMSMSE )


<< Problem >>
A content filtering rule is created to scan against attachment names (e.g. *.doc).  However when the attachment is inside a container file, like zip file, the document is not quarantined.

<< Cause >>
Symantec Mail Security for Microsoft Exchange (SMSMSE) is working as expected. When the message part to scan is attachment name Mail Security does not evaluate the file names that are inside a container file.

<< Solution >>
There are two solutions to this problem. Choose the solution that best suits your needs.
Method 1: Create a Content Filtering rule and select Attachment Content as the message part to scan.
The following screen shows an example:

Method 2: Enable the File Filtering Rule File Name Rule.
1. Open the SMSMSE console.
2. Click on the Policies tab.
3. Click the Content Enforcement|File Filtering Rules View item.
4. Enable the File Name Rule.
5. Click the Select... button to select a match list.  If there is not an existing match list for the filenames to block then create a new match list and select it.
The following screenshot shows an example:

No comments:

Post a Comment