Zimbra block encrypted archives
By default Zimbra will block encrypted archives such as ZIP or PDF that cannot be scanned. You can disable this function from the Global Settings.
A customer called me that important mail was not delivered and it was flagged as virus. They ware receiving this attachment without any problems before they switched to my Zimbra hosted solution. After checking the mail I’ve noticed this message:
Subject: VIRUS (Heuristics.Encrypted.PDF) in mail FROM [X.X.X.X]
A virus was found: Heuristics.Encrypted.PDF
Scanner detecting a virus: ClamAV-clamd
Block encrypted archives from GUI
You can disable this function from the Global Settings by unchecking Block encrypted archives from the AS/AV tab.
Block encrypted archives from command line
This also can be done from the command line:
vi /opt/zimbra/clamav-0.97.5/etc/clamd.conf
In this file you can set ArchiveBlockEncrypted to NO or comment it out because NO is the default value
# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
# Default: no
#ArchiveBlockEncrypted no
This doesn’t mean that you are not vulnerable to viruses, the antivirus has big database of real virus threads and will be able to catch real security threads. This feature should be disabled because business users use a lot of encrypted PDF’s.
hmmm interesting why they would do that…
is zimbra secure enough, or would other services/add-ons be a good idea?
I’ve been playing around with a service called penango. They offer a 14-day free trial so i decided to do it. So far I’ve only sent a few test emails and it seems to be working great. It’s end-to-end encryptions, FIPS 140-2 certified, S/MIME and works on a bunch of platforms like gmail, google apps, vmware email, zimbra outlook…check it out penango.com
hmmm interesting why they would do that…
is zimbra secure enough, or would other services/add-ons be a good idea?
I’ve been playing around with a service called penango. They offer a 14-day free trial so i decided to do it. So far I’ve only sent a few test emails and it seems to be working great. It’s end-to-end encryptions, FIPS 140-2 certified, S/MIME and works on a bunch of platforms like gmail, google apps, vmware email, zimbra outlook…check it out penango.com