Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Preventing the High-Risk Attachment rule of Hosted Email Security from deleting legitimate mails

    • Updated:
    • 22 Feb 2021
    • Product/Version:
    • Hosted Email Security 3.0
    • Platform:
    • N/A
Summary

Upon checking the mail tracking logs, you find out that your email was deleted by the High-Risk Attachment rule of Hosted Email Security (HES).

Examples of a high-risk attachment could be an executable file with .exe extension or a media file (.mp3) that has been renamed to harmless_file.txt. If a message is identified as containing a high-risk attachment based on the criteria defined in the rule, then the attachment will be deleted from the email.

This article shows you how to stop the rule from deleting what you consider a legitimate mail.

Details
Public

As a workaround to the High-Risk Attachment rule, you can do any of the following options:

  1. Log on to the HES console.
  2. Click Inbound Protection tab then Policy.
  3. Under Rules status, look for "High-risk attachment" and under the Status column, click the Check icon.

    High-risk Attachment rule

    The said icon will now become an x-mark. This means that the rule has been disabled.

    You may do the same procedure to the Outbound High-risk attachment rule if you want to.

  1. Log on to the HES console.
  2. Click Inbound Protection tab then Policy.
  3. Select the High-Risk Attachment rule.
  4. Go to Recipients and Senders > Recipient Exceptions

    Recipients and Senders

  5. Enter the email address or the domain of the sender on the textbox and click Add.

    Enter email address or domain

    The email addresses or the domains will be added to the Selected column.

  6. Click Save.
  1. Log on to the HES console.
  2. Click Inbound Protection tab then Policy.
  3. Select the High-Risk Attachment rule.
  4. Go to Scanning Criteria > Advanced.

    Scanning Criteria

  5. Go to the selected "Attachment is" checkbox then click name or extension. The Attachment Names window will appear.

    Click name or extension

  6. Tick the checkbox next to File extensions to block (recommended). A list of extensions will be shown.

    File extensions to block (recommended)

  7. Uncheck all the extensions you want to be excluded from scanning.
  8. Click Save
  9. Go back to Advanced section then navigate to the selected "Attachment is" checkbox then click MIME content-type. The Attachment MIME Type window will appear.

    Click MIME content-type

  10. Uncheck all the MIME types you want to be excluded.

    Attachment MIME types

  11. Go back to Advanced section then navigate to the selected "Attachment is" checkbox then click true file type. The Attachment True File Type window will appear.

    Click true file type

  12. Uncheck all the file types you want to be excluded.

    Attachment true file type

  13. Click Save.
Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
1058736
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.