Trend Micro - Securing Your Journey to the Cloud Business
Support
Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Secure reply bypass in Hosted Email Security (HES)

    • Updated:
    • 30 Apr 2018
    • Product/Version:
    • Hosted Email Security 3.0
    • Platform:
    • N/A N/A
Summary

Replying directly to a secure email being sent out by HES using an Encryption Policy will trigger client's/HES User's High Risk Attachment Policy.

Disabling the .htm file type on the high risk attachment policy itself will not be a work around as it will become a vulnerability.

Details
Public

  1. To make any reply to an encrypted email pass through HES:

    1. Go to Inbound Protection > Policy Objects > Keyword Expressions then click Add.

      Add Keyword Expressions

      Click image to enlarge

      The Add Keyword Expression Category window will appear.

    2. Provide a List name, click Add then Save. In this example, we will use “Secure Reply Bypass”.

      Add Keyword Expression Category

      Click image to enlarge

      The Add Keyword Expression window will appear.

    3. In the Add Keyword Expression text box, type the expression “\bzdproxy@privatepost.com\b” then click Save.

      Add Keyword Expression

      Click image to enlarge

  2. Create a policy for the policy object that was created.

    Go to Inbound Protection > Policy then click Add.

    Add Policy

    Click image to enlarge

    The Edit Rule page will appear.

    1. On the Basic Information tab:

      • Status - tick Enable.
      • Name - Enter a Name. In this example the name given is Secure reply Bypass.
      • Note - Type any information about the policy. For example: Bypass rule for replying to an encrypted email.

      Basic Information tab

      Click image to enlarge

    2. On the Recipients and Senders tab:

      • Under the Recipients section, type the domain name then click Add to move the new domain to the “Selected” list.

        Recipients section

        Click image to enlarge

      • Under the Senders section - tick the Anyone radio button.

        Senders section

        Click image to enlarge

    3. Next, go to Scanning Criteria > Advanced:

      • Tick Specified header matches checkbox then click on keyword expressions on the right side.

        Scanning Criteria_Advanced section

        Click image to enlarge

        The Header Keyword Expressions window will appear.

      • On the Header Keyword Expressions window:
        • Under Specified header matches select Other, then on the blank field next to it, type "Sender".
        • Locate the new policy object from the Available list (In this example, Sender), then click Add to move it on the "Selected" list. Click Save.

        Header Keyword Expressions window

        Click image to enlarge

    4. Go to the Actions tab. Under the Intercept section, select Deliver now then click Submit.

      Actions_Intercept section

      Click image to enlarge

  3. To review the policy, go back to Basic Information tab. The policy should look like this:

    Recipients and Senders
    If message is
    Incoming
    to *@sbnabu1.mailsecuritylab.com
    AND
    from Anyone

    Scanning Criteria
    And message attributes match
    Specified Header matches...

    Actions
    Then action is
    Deliver now

    Policy Settings

    Click image to enlarge

Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
1115801
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.
Related Articles