Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to allow ecrypted zip files without getting quarantined by AV

Posted on 2007-11-27
7
Medium Priority
?
2,619 Views
Last Modified: 2013-12-09
I need to be able to allow encrypted, password-protected zip files to reside in as well as go in and out of email (Exchange 2003).  Currently, our Symantec Mail Security quarantines them because they are not scannable.  I don't want to turn off the quarantine feature for that since it will affect all files, but I can't seem to get any rule I create to override the quarantine setting.  How can I allow these zip files without allowing other file extensions the lowered permissions?
0
Comment
Question by:flames1100
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 10

Accepted Solution

by:
yasserd earned 1500 total points
ID: 20364427
Hi,

To configure rules to address unscannable container files
1 In the console on the primary navigation bar, click Policies.
2 In the sidebar under General, click Exceptions.
3 In the list pane, select the rule that you want to view or modify.
4 In the preview pane, in the Action to take list, select the action to take when
an unscannable file is detected.

(from implementation guide)

Regards,
0
 
LVL 2

Author Comment

by:flames1100
ID: 20365642
Thanks for the reply.  I have looked at that, but that allows all file types that are unscannable to be logged only.  I only want zip files handled this way.
0
 
LVL 29

Expert Comment

by:mass2612
ID: 20369935
I don't think you will be able to do what you want but I'm mainly posting here so I have a record of this. The reason why I don't think you can set this up is a result of the fact that many viruses have been spread using password protected zip files in the past and that's why the option for handling password protected files is pretty much all or nothing.

Will be interesting to see if anyone has a solution though. Lets hope so.
0
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

 
LVL 2

Author Comment

by:flames1100
ID: 20373408
That's sort of where I was at as well.  Thanks for the reply.
0
 
LVL 56

Expert Comment

by:McKnife
ID: 20378798
I don't see your point, why not exclude all files that are unscannable, what do you fear?
0
 
LVL 2

Author Comment

by:flames1100
ID: 20382121
Well, I liken that to saying, "don't wear your seatbelt, because you have a low chance of being in a wreck".  It's the "what if" that we don't want.  Even if the risk is low, allowing all files that are unscannable would make it easier (however slim) for a malicious payload to come in and setup shop.   And it's just a good security practice to turn off what you don't need.  That's how I look at it anyway.
0
 
LVL 2

Author Comment

by:flames1100
ID: 20685479
Mass2612, you are correct.  Symantec doesn't allow any way around that for individual file types.  That stinks for our purposes, but that's what we've got.  I was going to have this refunded, but my bosses instead decided to do what yasserd suggested, which is what I had in mind anyway.  We just turned the log only feature on for those files and had it email us admins when it ran into one.  So, some days I get 30 emails, other days 200.  Might have to look at that in the future, but that's another issue.  At any rate, sorry for the delay on responding.  I thought I had all my stuff up to date and just saw that I hadn't finished this question.  My apologies for keeping everyone waiting!
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question