This article discusses how you can block .EXE files within ZIP using the Attachment True Type criteria in HES.
The Attachment True File Type criteria allows you to create rules that take actions on messages based on the true file type of attachments a message contains.
Rules are the means by which messaging policies are applied to message traffic in HES. Each rule consists of the following:
- Users or domains that the rule apply to
- Criteria that are evaluated to determine if the rule should be triggered
- Action that HES takes if the rule is triggered
If you are the administrator, you can see the rules that apply to your organization.
If you have a service level (IMHS Advance) that allows it, you can also make changes to the rules that comprise your policy, rename them or create new rules.
After these three parts of the rule have been configured, the rule is given a unique name by which it can be identified in summaries and reports. You can disable each rule with losing its definition and enable it again later.
To create a new rule:
- Go to Inbound Protection > Policy > Add Rule.
- On Basic Information, tick Enable and Enter a Name.
-
On Recipients and Senders:
For outgoing messages for Recipients and incoming messages for Senders only.- Recipients – Add your domain or the email address that you want to add in this policy.
- Recipients Exception – Add the email address you want to exclude on the policy.
-
Senders:
- Anyone - To select any email addresses at all.
- Select Addresses - Add the domain or the email address that you want to add in this policy.
- Sender Exceptions - Add the email address you want to exclude on the policy.
- On the Scanning Criteria.
- Click Advanced to show the criteria.
-
Set up the rule criteria:
-
Tick the Attachments is checkbox, and then click true file type.
Click image to enlarge.
- On the Rule Criteria page, select the Attachment true file type criteria.
- From the drop-down list, select Selected attachment types or Not the selected attachment types.
-
Select the true file types (.EXE, etc) for HES to match on.
Click image to enlarge.
-