The IMSS and IMSVA policy lists have the Default rule for the attachment protected by password. To detect and block the password-protected files, you may modify this rule or create a new rule.
To modify the default rule for password-protected files:
- Log on to IMSS or IMSVA management console.
- Go to Policy > Policy List.
- Open the Default rule for the attachment protected by password rule. Click image to enlarge.
- Under Then action is, select Edit. The default action of this rule is Insert stamp in body which contains the following message: The attachment named %FILENAME% could not be scanned for viruses because it is a password protected file.
- Select Delete entire message or Quarantine as your preferred action. Click image to enlarge.
- Untick the Insert stamp in body check box.
- Save the changes.
To create a new rule for the password-protected files:
- Log on to IMSS or IMSVA management console.
- Go to Policy > Policy List.
- Select Add, and then click Other.
- On the This rule will apply to check box, select all messages, and then click Next.
- Tick the Password protected zip files (unscannable files) check box and click Next. Click image to enlarge.
- Select either Delete entire message or Quarantine, and then click Next.
- Fill out the Rule Name and Order Number fields. Note: Make sure that the order number of this rule is higher than the Default rule for the attachment protected by password. You may also disable the latter rule to avoid redundancy.
- Click Finish.
To view the logs for this policy:
- Navigate to Logs > Query.
- Under Type, select Policy events.
- Enter the rule name created on the Rule field.
- Select the date range and click Display Log.