Quarantine questions

Hello,
I have my mail solution working.
During the full store scan it put some mail and attachments aside.
Now I have a few questions about what ended up in the quarantine.
1.
1 mail that has an excel (macro) attachment is being blocked.
Attachment 'HA4028_2016.xlsm' matches 'Disallowed Inbound Files' stripping condition; Real type: application/octet-stream; description: Office Archive File; extensions: xlsx docx dotx ppsx pptx VBA
when I look at what Disallowed Inbound File contains there's no mention of the extensions as listed above it's all executable and script files. But reprocessing keeps failing.
2.
a lot of zip files that where password protected where put aside.
I can send them but this creates a new mail while some attachment are from mail from 2 years ago.
Is there no way to reprocess attachments in the attachments tab ?
Comments
-
Is there a way to add an IP range to the allowed hosts so that I can connect to the console/quarantine from my own computer with dhcp based IP address ?
I tried 192.168.0.0/24 & 192.168.0.1-250 but that doesn't seem to work. It works with my currect IP tho but it might change over time. Also my colleagues should keep an eye on it.
0 -
the 192.168.0.0/24 method works afterall. I forgot to save the changes (popup was out of sight)
0 -
Hi,
1 - This could be if File type recognition is on. If there are scripts inside excel it is treated as executable
Could you list content of Disallowed Inbound Files?2 - I'm not sure I got it right "this creates a new mail while some attachment are from mail from 2 years ago."
You send one file and got another 0_o ?
I tested on my server:
- sent email with password protected zip
- it was quarantined
- recipient got email with warning template
- I went to email quarantine\query\mails and attachments and released it
- recipient got original email with zip1
Categories
- All Categories
- 4.7K WithSecure Community
- 3.6K Products
- 2 Get Support