Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Password-protected email attachments - best practices?

0 views
Skip to first unread message

valdous

unread,
Jun 10, 2008, 11:36:22 AM6/10/08
to
Hi everyone,

Does anyone really know what the best practices are in dealing with
password-protected attachments received via email? I'm referring to the email
content filtering level, not the user level.

We've always blocked them and manually reviewed/released. But I'm curious to
know what other companies do and/or what the best practices are. I've tried
searching the net to no avail.

Do most companies block them? Do they just let them through? Do they get
manually reviewed/released?

Thanks for any info you may have.

Susan

unread,
Jun 10, 2008, 11:49:36 AM6/10/08
to
you'll probably get lots of answers here...the problem is that many AV
scanners cannot scan a password-protected file for viruses...I quarantine
them at the gateway, and the user gets a notification...if it's something
they really want/need, they need to open a ticket with our help desk, and I
locate it, and have to sometimes get the password to open and scan it...

--
Susan Conkey [MVP]

"valdous" <val...@discussions.microsoft.com> wrote in message
news:EA8B81B8-499D-4F63...@microsoft.com...

valdous

unread,
Jun 13, 2008, 3:59:01 PM6/13/08
to
Thanks Susan,

Do you generally receive a lot of these requests? We typically block about
250 messages with password-protected attachments (99% are valid) per week.
We're hesitant to start notifying the users because we'd be checking those
emails 50 times a workday. We already manually review our filters several
times a day and want to try and keep the manual review process at a minimum.
But there doesn't seem to be many other alternatives.

Susan

unread,
Jun 13, 2008, 4:24:44 PM6/13/08
to
depends on how serious you are about keeping your email system and network
safe...I release between 50 and 100 emails that contain either zip files or
password-protected files, per week...

--
Susan Conkey [MVP]

"valdous" <val...@discussions.microsoft.com> wrote in message

news:FD948F4E-B811-497B...@microsoft.com...

valdous

unread,
Jun 13, 2008, 4:32:03 PM6/13/08
to
I totally agree. It's better to block and review/release then to let them
through unchallenged. The risk is just too great. Even if we haven't seen
many virus emails lately using the password-protected attachment format, it
doesn't mean we won't again.

Susan

unread,
Jun 13, 2008, 4:47:44 PM6/13/08
to
that's for sure...just cannot be too careful, these days...i don't ever want
to go through another email virus cleanup, as long as I live...i had to do
that too often, before we got decent AV protection in place...

--
Susan Conkey [MVP]

"valdous" <val...@discussions.microsoft.com> wrote in message

news:2E628FBF-D1E4-45CF...@microsoft.com...

valdous

unread,
Jun 13, 2008, 4:57:05 PM6/13/08
to
LOL I hear ya!

Thanks for your input :)

Val

0 new messages