5.5. Password protected attachments

Problem

Communicating parties apply encryption to maintain the confidentiality of their communiquès.

Given by the nature of encryption, real - potentially malicious - contents of an encrypted file are hidden from MetaDefender Email Gateway Security, thus encrypted files are blocked by default.

Solution

Marking emails that have password protected attachments

If Email Gateway Security is set accordingly, then emails with password protected attachments will be put into the Quarantine and marked with a padlock icon (for details see 5.3. Quarantine).

images/download/attachments/4658327/image-20200312-073608.png

Initiate rescan and provide password

When rescanning an email that has password protected attachments, password for the encrypted items is requested by Email Gateway Security. For details about rescanning see the Rescan section in 5.3. Quarantine.

Rescan may be initiated by two parties:

  1. Administrators with Quarantine access (for details see 5.3. Quarantine)

  2. Recipients of the email

Administrators with quarantine access

Administrators who are authorized to rescan on the Web Management Console, can initiate rescanning any blocked email on the Quarantine page. In this case the administrator need to enter the password for the encrypted attachments.

To initiate a rescan:

  1. Select the email which needs to be rescanned and click the Rescan button.
    images/download/attachments/4658327/image-20200312-074740.png

  2. Select the security rule (for details see 4.4. Policy) that will process the email and provide the password.
    images/download/attachments/4658327/image-20200312-075537.png

Recipients of the email

Recipients of the blocked email may receive a notification (for details see 4.4. Policy) about the fact that the email was blocked, and a link where rescanning can be initiated.

To initiate a rescan:

  1. Open the notification email and click the rescan link. images/download/attachments/4658327/image-20200312-111349.png

  2. Email Gateway Security’s rescan page opens; provide the password here to decrypt the document. images/download/attachments/4658327/image-20200312-112253.png

Rescan link availability

The link, where rescanning can be initiated, has a limited availability that can be configured under Settings > General / Configuration / Rescan link availability. For details see 4.3. Settings.

images/download/attachments/4658327/image-20200312-090401.png

Rescan link visibility

Please note that if Settings > General / Configuration / Public server name then the rescan link won't be included in the notification email. For details see 4.3. Settings.

images/download/attachments/4658327/image-20200312-111005.png

Limitations

MetaDefender Email Gateway Security supports root elements only in archives as password protected attachments.