Quarantine questions

Hello,

I have my mail solution working.

During the full store scan it put some mail and attachments aside.

Now I have a few questions about what ended up in the quarantine.

1 mail that has an excel (macro) attachment is being blocked.

Attachment 'HA4028_2016.xlsm' matches 'Disallowed Inbound Files' stripping condition; Real type: application/octet-stream; description: Office Archive File; extensions: xlsx docx dotx ppsx pptx VBA

when I look at what Disallowed Inbound File contains there's no mention of the extensions as listed above it's all executable and script files. But reprocessing keeps failing.

a lot of zip files that where password protected where put aside.

I can send them but this creates a new mail while some attachment are from mail from 2 years ago.

Is there no way to reprocess attachments in the attachments tab ?

Find more posts tagged with

Comments

Houdini

Hi,
1 - This could be if File type recognition is on. If there are scripts inside excel it is treated as executable
Could you list content of Disallowed Inbound Files?

2 - I'm not sure I got it right "this creates a new mail while some attachment are from mail from 2 years ago."
You send one file and got another 0_o ?

I tested on my server:
- sent email with password protected zip
- it was quarantined
- recipient got email with warning template
- I went to email quarantine\query\mails and attachments and released it
- recipient got original email with zip

GVB

the 192.168.0.0/24 method works afterall. I forgot to save the changes (popup was out of sight)

GVB

Is there a way to add an IP range to the allowed hosts so that I can connect to the console/quarantine from my own computer with dhcp based IP address ?

I tried 192.168.0.0/24 & 192.168.0.1-250 but that doesn't seem to work. It works with my currect IP tho but it might change over time. Also my colleagues should keep an eye on it.