Solved

How to allow ecrypted zip files without getting quarantined by AV

Posted on 2007-11-27
7
2,528 Views
Last Modified: 2013-12-09
I need to be able to allow encrypted, password-protected zip files to reside in as well as go in and out of email (Exchange 2003).  Currently, our Symantec Mail Security quarantines them because they are not scannable.  I don't want to turn off the quarantine feature for that since it will affect all files, but I can't seem to get any rule I create to override the quarantine setting.  How can I allow these zip files without allowing other file extensions the lowered permissions?
0
Comment
Question by:flames1100
7 Comments
 
LVL 10

Accepted Solution

by:
yasserd earned 500 total points
ID: 20364427
Hi,

To configure rules to address unscannable container files
1 In the console on the primary navigation bar, click Policies.
2 In the sidebar under General, click Exceptions.
3 In the list pane, select the rule that you want to view or modify.
4 In the preview pane, in the Action to take list, select the action to take when
an unscannable file is detected.

(from implementation guide)

Regards,
0
 
LVL 2

Author Comment

by:flames1100
ID: 20365642
Thanks for the reply.  I have looked at that, but that allows all file types that are unscannable to be logged only.  I only want zip files handled this way.
0
 
LVL 29

Expert Comment

by:mass2612
ID: 20369935
I don't think you will be able to do what you want but I'm mainly posting here so I have a record of this. The reason why I don't think you can set this up is a result of the fact that many viruses have been spread using password protected zip files in the past and that's why the option for handling password protected files is pretty much all or nothing.

Will be interesting to see if anyone has a solution though. Lets hope so.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 2

Author Comment

by:flames1100
ID: 20373408
That's sort of where I was at as well.  Thanks for the reply.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 20378798
I don't see your point, why not exclude all files that are unscannable, what do you fear?
0
 
LVL 2

Author Comment

by:flames1100
ID: 20382121
Well, I liken that to saying, "don't wear your seatbelt, because you have a low chance of being in a wreck".  It's the "what if" that we don't want.  Even if the risk is low, allowing all files that are unscannable would make it easier (however slim) for a malicious payload to come in and setup shop.   And it's just a good security practice to turn off what you don't need.  That's how I look at it anyway.
0
 
LVL 2

Author Comment

by:flames1100
ID: 20685479
Mass2612, you are correct.  Symantec doesn't allow any way around that for individual file types.  That stinks for our purposes, but that's what we've got.  I was going to have this refunded, but my bosses instead decided to do what yasserd suggested, which is what I had in mind anyway.  We just turned the log only feature on for those files and had it email us admins when it ran into one.  So, some days I get 30 emails, other days 200.  Might have to look at that in the future, but that's another issue.  At any rate, sorry for the delay on responding.  I thought I had all my stuff up to date and just saw that I hadn't finished this question.  My apologies for keeping everyone waiting!
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now