Trend Micro - Securing Your Journey to the Cloud Business
Success
Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Blocking attachments using the Attachment True File Type criteria in Hosted Email Security (HES)

    • Updated:
    • 13 Mar 2020
    • Product/Version:
    • Hosted Email Security 2.0
    • Platform:
    • N/A N/A
Summary

This article discusses how you can block .EXE files within ZIP using the Attachment True Type criteria in HES.

 
This procedure is for the full version of HES only. If you are using HES - Inbound Filtering, take advantage of the full version.
Details
Public

The Attachment True File Type criteria allows you to create rules that take actions on messages based on the true file type of attachments a message contains.

 
Where the attachment names the criteria and makes decisions based on filenames and/or extensions, the attachment types criterion scans the headers of the files themselves for the identifying signatures.

Rules are the means by which messaging policies are applied to message traffic in HES. Each rule consists of the following:

  • Users or domains that the rule apply to
  • Criteria that are evaluated to determine if the rule should be triggered
  • Action that HES takes if the rule is triggered

If you are the administrator, you can see the rules that apply to your organization.

If you have a service level (IMHS Advance) that allows it, you can also make changes to the rules that comprise your policy, rename them or create new rules.

After these three parts of the rule have been configured, the rule is given a unique name by which it can be identified in summaries and reports. You can disable each rule with losing its definition and enable it again later.

To create a new rule:

  1. Go to Inbound Protection > Policy > Add Rule.
  2. On Basic Information, tick Enable and Enter a Name.

  3. On Recipients and Senders:

     
    For outgoing messages for Recipients and incoming messages for Senders only.
    • Recipients – Add your domain or the email address that you want to add in this policy.
    • Recipients Exception – Add the email address you want to exclude on the policy.

    • Senders:

      • Anyone - To select any email addresses at all.
      • Select Addresses - Add the domain or the email address that you want to add in this policy.
    • Sender Exceptions - Add the email address you want to exclude on the policy.
  4. On the Scanning Criteria.
  5. Click Advanced to show the criteria.

  6. Set up the rule criteria:

    1. Tick the Attachments is checkbox, and then click true file type.

      Advanced section

      Click image to enlarge.

    2. On the Rule Criteria page, select the Attachment true file type criteria.
    3. From the drop-down list, select Selected attachment types or Not the selected attachment types.

    4. Select the true file types (.EXE, etc) for HES to match on.

      True file type

      Click image to enlarge.

Premium
Internal
Partner
Rating:
Category:
Configure; Troubleshoot; Deploy; Remove a Malware / Virus; Update
Solution Id:
1099636
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.
Related Articles