Threat Extraction - Advanced

What can I do here?

Use this window to configure Threat Extraction logging options and exceptions to Threat Extraction.

Threat Extraction Advanced Settings

On the Threat Extraction > Advanced page, you can configure these settings:

• Logging
  • Log only those files from which threats were extracted - Logs only files on which an operation was performed (clean or convert).
  • Log every file - Every file that is selected in Threat Extraction > General > File Types is logged, even if no operation was performed on them.
• Threat Extraction Exceptions
  • Corrupted files

    Block or Allow corrupted files attached to the email or downloaded from the web. Corrupted files are files the blade fails to process, possibly because the format is incorrect. Despite the incorrect format, the related application (Word, Adobe Reader) can sometimes show the content.

    Block removes the corrupted file and sends the recipient a text which describes how the file contained potentially malicious content. You can block corrupt files if they are malicious according to Threat Emulation. If the action is block, you can deny access to the original corrupted file.

    Allow lets the recipient receive the corrupted file.

  • Encrypted files

    Block or Allow encrypted files attached to the email or downloaded from the web.

    Block removes the encrypted file and sends the recipient a text file which describes how the file contained potentially malicious content.

    If the action is block, you can also deny access to the original encrypted file.

    Allow lets the recipient receive the encrypted file.