Know the possibility to set actions on password protected MS Office and PDF documents.
Example of actions are deleting attachments, quarantine messages, etc.
IMSVA has the inbuilt scanning condition to allow for detection of password protected zip file attachments.
Using the procedure below it is possible to enable IMSVA to use this scanning condition to also detect password protected Microsoft Office files and password protected PDF's.
Although Virus Scan API (VSAPI) 9.7x can recognize password protected Office files, IMSx products currently does not have the option to take action dedicated for password protected Office files.
However, we can configure IMSVA to treat password protected Office and pdf files in the same way as the password protected zip files.
Set or add the following line in /opt/trend/imss/config/imss.ini file under [general] section:
With this parameter enabled IMVSA will apply the action configured for password protected zip files to password protected MS Office and PDF documents.
Note: if a password protected Office or pdf document is contained within a zip file (with no password), then the attachment will not trigger the scanning condition.
To enable IMSVA to detect password protected office and pdf documents that are contained within a zip file add the following line to the General section of imss.ini
Restart the IMSVA services using the command below:
With these hidden keys, IMSVA will treat both password protected office and pdf files in the same way as password protected zip files.