cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 2
‎02-16-2011 07:51 AM

PDF files / encrypted media type

Hi

we have some issues with encrypted media type. We use "body.IsEncryptedObject equals true" in order to block encrypted archives. The problem is that PDF files get blocked too if the security method in the PDF document properties is set to "password security".

With these settings, some PDF settings like "printing" or "commenting" can be allowed or disallowed, even if the doc itself is not encrypted and can be viewed without password.

Does anybody know if it possible to write a rule that allows PDFs that have protected document settings, but which are actually not encrypted? We want the users to be able to read those kind of PDF files.

Thanks for any info.

Regards

Roman

0 Kudos
Reply
1 Reply
Former Member
Not applicable
Report Inappropriate Content
Message 2 of 2
‎02-17-2011 11:50 PM

PDF files / encrypted media type

Hello Roman

Currently MWG doesn't distinguish completely encrypted documents, and protected (from printing or commenting) documents. But I think, that for incomming traffic this doesn't matter, and anti-malware engine should be able to find malware in such documents.

So I think, that you can implement following workaround, you need to create list with mime types that will skipped, put application/pdf there, and modify rule so it will look like:

IF Body.IsEncrypted equals true

AND Body.MimeTypesEnsured "not in list" <list of mime type to be skipped>

THEN Block

this rule will block all encrypted documents and archives, except listed in your list

Regards,

Alex Ott

Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC