4.7 Support for password protected attachments
Problem
Communicating parties apply encryption to maintain confidentiality of their communiquès.
Given by the nature of encryption, real - potentially malicious - contents of an encrypted file are hidden from MetaDefender Email Gateway Security, thus encrypted files are blocked by default.
Solution
Marking emails with password protected attachments
Emails with password protected attachments are blocked by default. If Email Gateway Security is set accordingly, then these emails will then put into the quarantine.
Blocked emails, where the blocking reason was that attachments were password protected, are marked with a padlock icon in the RESULT column in the quarantine.
Rescan and provide password
When rescanning an email that has password protected attachments, password for the encrypted items is requested by Email Gateway Security. For details about rescan see the Rescan section in 4.3 Quarantine.
Rescan may be initiated by two parties:
-
Email Gateway Security administrators
-
Recipients of the email
For administrators
Administrators who are authorized to rescan on the Web Management Console, can initiate to rescan any blocked email under Dashboard > Quarantine. In this case administrators need to enter the password for the encrypted attachments.
To initiate a rescan move your mouse over the email which needs to be rescanned and click on the Rescan icon ( ).
Clicking on the Rescan will display a pop-up window where you can enter passwords for each supported password protected attachments. You have to prodive the correct password for each attachment and click the Rescan Email button when finished.
If every password were correct and the attachments were not blocked by MetaDefender Core then you will see the Email rescanned successfully message and your email will be sent to the original recipients and in the meantime it will be removed from the quarantine.
If one of the passwords was wrong or MetaDefender Core blocked one or more of the attachments you will see a Failed to rescan email error message and the email will be kept in quarantine.
For recipients
Recipients of the blocked email may receive a notification (for details see 4.2 Security rules) about the fact that the email was blocked, and a link where rescanning can be initiated.
The link, where rescanning can be initiated, has a limited availability that can be configured under Settings > Global settings. For details see the Notification and report settings section in 3.4 General settings.
Rescan link visibility
Please note that if the Public Server Address is not set under Settings > Global settings then the rescan link won't be included in the notification email.
A notification email for the recipients with the public rescan link should look like this:
By clicking on the link the recipient should see a page where she can provide the password for the attachments
If every password were correct and the attachments were not blocked by MetaDefender Core then you will see the The email has successfully been rescanned message and your email will be sent to the original recipients and in the meantime it will be removed from the quarantine.
If one of the passwords was wrong or MetaDefender Core blocked one or more of the attachments you will see a Failed to rescan email error message and the email will be kept in quarantine.
When opening a rescan link with expired link availability you should see the following error:
When opening the rescan link for an email which have been already rescanned you should see the following error:
Specialities
Multiple recipients
Case |
Who is to provide the passwords? |
Recipients are matched by the same rule under Policy > Security rules |
Only one of the recipients need to provide the passwords. If the rescan succeeds, then all original recipients will receive the email after the rescan. (This behavior can be overwritten by turning on "SEND UNIQUE RESCAN LINK FOR EVERY RECIPIENT" option in the Security rules.) |
Recipients are matched by different rules under Policy > Security rules |
All recipients need to provide the passwords. Only that recipient receives the email after the successful rescan, that provided the correct passwords. |
Software requirements
File type category to process |
MetaDefender Core side engine required |
Archive files |
Archive engine |
Limitations
Supported file types
MetaDefender Email Gateway Security supports the following file types as password protected attachments
Email Gateway Security version |
MetaDefender Core version |
Supported file type category |
Examples |
Notes |
4.2.0 |
|
Archive files |
.zip, .rar, .7z |
|
4.6.1 |
4.14.3 (or newer) |
Portable Document Format |
|
Core 4.14.3 required Rescanning Portable Document Format and Microsoft Office documents is only supported when MetaDefender Core version 4.14.3 (or newer) is in use. |
Microsoft Office |
.docx |
Depth
MetaDefender Email Gateway Security supports root elements only as password protected attachments.
Examples
Archive structure |
Status |
|
Supported |
|
Not supported |