|
|
|
What can I do here?
Use this window to configure Threat Extraction logging options and exceptions to Threat Extraction.
|
Getting Here - Getting Here - Security Policies > Threat Prevention > Policy > Threat Tools > Profiles > Profile > Edit > Threat Extraction > Advanced |
On the Threat Extraction > Advanced page, you can configure these settings:
Block or Allow corrupted files attached to the email. Corrupted files are files the blade fails to process, possibly because the format is incorrect. Despite the incorrect format, the related application (Word, Adobe Reader) can sometimes show the content.
Block removes the corrupt attachment and sends the recipient a text describing how the attachment contained potentially malicious content. You can block corrupt files if they are malicious according to Threat Emulation. If the action is block, you can deny access to the original corrupted file.
Allow lets the recipient receive the corrupt file attachment.
Block or Allow encrypted files attached to the email.
Block removes the encrypted attachment and sends the recipient a text file describing how the attachment contained potentially malicious content.
If the action is block, you can also deny access to the original encrypted file.
Allow lets the recipient receive the encrypted attachment.
Allow or Clean signed emails.
Signed emails are not encrypted, but the mail contents are signed to authenticate the sender. If the received email differs from the email that was sent, the recipient gets a warning. The digital signature is no longer valid.
Clean replaces the original attachment with an attachment cleaned of threats, or converts the attachment to PDF form. Both actions invalidate the digital signature. If the attachment does not include active content, the mail remains unmodified and the digital signature valid.
Allow does not change the email. The digital signature remains valid. Select this option to prevent altering digital signatures.
