5.5 Whitelisting recipients of encrypted files

Page is obsolete

MetaDefender Email Gateway Security has out-of-the-box support for password protected attachments. For details see 4.7 Support for password protected attachments.

As a consequence, this page is obsolete and may be removed in the future.

With default settings MetaDefender Email Gateway Security (and the underlying MetaDefender Core) may block emails with encrypted contents.

The reason for this is that given by the nature of encryption it is not possible to tell whether an encrypted file is infected or not, whether it needs sanitization or not.

To allow encrypted files through MetaDefender Email Gateway Security for authorized recipients, follow these steps:

Step	Description	Sub- step	Description	Screenshots
1	Create a new rule in MetaDefender Core under Policy > Security rules	A	Limit to specified user agents: `mdemailsecurity` Visibility of scan result Role: Everybody Visibility: FULL DETAILS Restrict access to following roles: Everybody
		B	ADVANCED tab OVERRIDE SCAN RESULTS CLASSIFIED AS ALLOWED: enable Encrypted archive: enable
2	Create a new Core server profile in MetaDefender Email Gateway Security under Inventory > Server profiles	A	RULE: select the rule you created in the previous step
3	Create a new rule in MetaDefender Email Gateway Security under Policy > Security rules	A	DIRECTION: INBOUND RECIPIENT DOMAIN OR ADDRESS: list recipient addresses here who are granted to receive encrypted contents
		B	SCAN tab ALLOW SCAN: enable METADEFENDER CORE: select the profile you created in the previous step
		C	ACTIONS tab HANDLING OF THE EMAIL: DELIVER BLOCKED CONTENTS
4	Put the new rule in MetaDefender Email Gateway Security into the appropriate order