Solved

How to allow ecrypted zip files without getting quarantined by AV

Posted on 2007-11-27
7
2,570 Views
Last Modified: 2013-12-09
I need to be able to allow encrypted, password-protected zip files to reside in as well as go in and out of email (Exchange 2003).  Currently, our Symantec Mail Security quarantines them because they are not scannable.  I don't want to turn off the quarantine feature for that since it will affect all files, but I can't seem to get any rule I create to override the quarantine setting.  How can I allow these zip files without allowing other file extensions the lowered permissions?
0
Comment
Question by:flames1100
7 Comments
 
LVL 10

Accepted Solution

by:
yasserd earned 500 total points
ID: 20364427
Hi,

To configure rules to address unscannable container files
1 In the console on the primary navigation bar, click Policies.
2 In the sidebar under General, click Exceptions.
3 In the list pane, select the rule that you want to view or modify.
4 In the preview pane, in the Action to take list, select the action to take when
an unscannable file is detected.

(from implementation guide)

Regards,
0
 
LVL 2

Author Comment

by:flames1100
ID: 20365642
Thanks for the reply.  I have looked at that, but that allows all file types that are unscannable to be logged only.  I only want zip files handled this way.
0
 
LVL 29

Expert Comment

by:mass2612
ID: 20369935
I don't think you will be able to do what you want but I'm mainly posting here so I have a record of this. The reason why I don't think you can set this up is a result of the fact that many viruses have been spread using password protected zip files in the past and that's why the option for handling password protected files is pretty much all or nothing.

Will be interesting to see if anyone has a solution though. Lets hope so.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 2

Author Comment

by:flames1100
ID: 20373408
That's sort of where I was at as well.  Thanks for the reply.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 20378798
I don't see your point, why not exclude all files that are unscannable, what do you fear?
0
 
LVL 2

Author Comment

by:flames1100
ID: 20382121
Well, I liken that to saying, "don't wear your seatbelt, because you have a low chance of being in a wreck".  It's the "what if" that we don't want.  Even if the risk is low, allowing all files that are unscannable would make it easier (however slim) for a malicious payload to come in and setup shop.   And it's just a good security practice to turn off what you don't need.  That's how I look at it anyway.
0
 
LVL 2

Author Comment

by:flames1100
ID: 20685479
Mass2612, you are correct.  Symantec doesn't allow any way around that for individual file types.  That stinks for our purposes, but that's what we've got.  I was going to have this refunded, but my bosses instead decided to do what yasserd suggested, which is what I had in mind anyway.  We just turned the log only feature on for those files and had it email us admins when it ran into one.  So, some days I get 30 emails, other days 200.  Might have to look at that in the future, but that's another issue.  At any rate, sorry for the delay on responding.  I thought I had all my stuff up to date and just saw that I hadn't finished this question.  My apologies for keeping everyone waiting!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question