Password protected zip file blocked by Edge server
-
2012年1月12日 4:00
Hi,
I had a problem with inbound email with password protected zip file being blocked by the edge server.
I need to at least allow such email to be send by a specific domain because all their outbound mail with attachment will be automatically zipped with a password. Appreciate any help and possible workaround. Thanks!
Did a few testings and below are my observation.
#1. password protected file into zip format using winrar - blocked by edge server
#2. password protected file into rar format using winrar - allowed by edge server
#3. password protected file into zip format using winzip - allowed by edge server
NDR message
Diagnostic information for administrators:
mailserver.domain.com #<mailserver.domain.com #5.7.1 smtp; 550 5.7.1 Message rejected due to unacceptable attachments> #SMTP#
- 已编辑 keltz 2012年1月12日 4:01
全部回复
-
2012年1月12日 13:56
On your forefront under advanced options have you deselected the quarantine corrupted compressed files and delete corrupted compressed files
Regards Herbert Zimbizi -
2012年1月13日 1:32
Hi Herbert,
The email with the zip attachment (zipped by winrar) was rejected, not quarantine or deleted.
But I have tried deselected both the option under forefront.
Cheers,
L
-
2012年1月13日 8:51ok then, which Exchange server version and Service Pack do you have? If you have exchange 2007, Please install Exchange Update Rollup 7 and read these instructions http://support.microsoft.com/kb/945046
Regards Herbert Zimbizi -
2012年1月13日 9:05
Hi Herbert,
Already on Exchange 2007 SP2.
Cheers,
L
-
2012年1月13日 9:12
have you followed the instruction in the KB
- Stop the Transport service.
- Locate the EdgeTransport.exe.config file. This file is located in the following path:
<var>drive</var>:\Program Files\Microsoft\Exchange Server\Bin\
- Add the following entry between the <appSettings> element and the </appSettings> element of the EdgeTransport.exe.config file:
<add key="AllowInvalidAttachment" value="true" />
- Restart the Transport service.
- Verify that the problem is resolved. To do this, send an e-mail message that has a .zip file that is split into multiple files. Make sure that this e-mail message is processed for the upgraded server.
Regards Herbert Zimbizi -
2012年1月13日 10:15
Hi,
Just to clarify, if I am not wrong the known issue on the KB is on the sender end. For my case, I am the receiver end and the file is rejected at the receiver end.
The full NDR error received by the sender is as follow:
"Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery.
The following organization rejected your message: mailserver.domain.com.
Diagnostic information for administrators:
Generating server: xxxx
mailserver.domain.com #< mailserver.domain.com #5.7.1 smtp; 550 5.7.1 Message rejected due to unacceptable attachments> #SMTP#"
-
2012年1月16日 14:02版主
Hello,
What is the result of Get-AttachmentFilterEntry?
Get-AttachmentFilterEntry
http://technet.microsoft.com/en-us/library/bb124422(EXCHG.80).aspx
If you disable transport agent to allow all zipped file, will this issue occur?
Thanks,
Evan
Evan Liu
TechNet Community Support
-
2012年1月17日 1:42
Hi Evan,
We want to explore other options before disabling the "AttachmentFilterAgent".
Get-AttachmentFilterEntry
Type Name Identity
---- ---- --------
ContentType application/x-msdownload ContentType:application/x-msd...
ContentType message/partial ContentType:message/partial
ContentType text/scriptlet ContentType:text/scriptlet
ContentType application/prg ContentType:application/prg
ContentType application/msaccess ContentType:application/msaccess
ContentType text/javascript ContentType:text/javascript
ContentType application/x-javascript ContentType:application/x-jav...
ContentType application/javascript ContentType:application/javas...
ContentType x-internet-signup ContentType:x-internet-signup
ContentType application/hta ContentType:application/hta
FileName *.xnk FileName:*.xnk
FileName *.wsh FileName:*.wsh
FileName *.wsf FileName:*.wsf
FileName *.wsc FileName:*.wsc
FileName *.vbs FileName:*.vbs
FileName *.vbe FileName:*.vbe
FileName *.vb FileName:*.vb
FileName *.url FileName:*.url
FileName *.shs FileName:*.shs
FileName *.shb FileName:*.shb
FileName *.sct FileName:*.sct
FileName *.scr FileName:*.scr
FileName *.scf FileName:*.scf
FileName *.reg FileName:*.reg
FileName *.prg FileName:*.prg
FileName *.prf FileName:*.prf
FileName *.pif FileName:*.pif
FileName *.pcd FileName:*.pcd
FileName *.ops FileName:*.ops
FileName *.mst FileName:*.mst
FileName *.msp FileName:*.msp
FileName *.msi FileName:*.msi
FileName *.psc2 FileName:*.psc2
FileName *.psc1 FileName:*.psc1
FileName *.ps2xml FileName:*.ps2xml
FileName *.ps2 FileName:*.ps2
FileName *.ps11xml FileName:*.ps11xml
FileName *.ps11 FileName:*.ps11
FileName *.ps1xml FileName:*.ps1xml
FileName *.ps1 FileName:*.ps1
FileName *.msc FileName:*.msc
FileName *.mdz FileName:*.mdz
FileName *.mdw FileName:*.mdw
FileName *.mdt FileName:*.mdt
FileName *.mde FileName:*.mde
FileName *.mdb FileName:*.mdb
FileName *.mda FileName:*.mda
FileName *.lnk FileName:*.lnk
FileName *.ksh FileName:*.ksh
FileName *.jse FileName:*.jse
FileName *.js FileName:*.js
FileName *.isp FileName:*.isp
FileName *.ins FileName:*.ins
FileName *.inf FileName:*.inf
FileName *.hta FileName:*.hta
FileName *.hlp FileName:*.hlp
FileName *.fxp FileName:*.fxp
FileName *.exe FileName:*.exe
FileName *.csh FileName:*.csh
FileName *.crt FileName:*.crt
FileName *.cpl FileName:*.cpl
FileName *.com FileName:*.com
FileName *.cmd FileName:*.cmd
FileName *.chm FileName:*.chm
FileName *.bat FileName:*.bat
FileName *.bas FileName:*.bas
FileName *.asx FileName:*.asx
FileName *.app FileName:*.app
FileName *.adp FileName:*.adp
FileName *.ade FileName:*.ade
- 已编辑 keltz 2012年1月17日 1:42
-
2012年1月26日 15:46
You can use Filter Lists in Forefront protection 2010 for exchange to bypass inspecting files for a specific sender:
Go to Policy Management -> Filter Lists :
- Create Filter List for Allowed Sender
- Name the List
- Add the sender
- make sure "File" is checked
.png)
.png){kind=spacer}
