beautypg.com

How attachment manager works with gmail, Attachment identification methods – Google Message Security for Google Apps Administration Guide User Manual

Page 272

background image

272

Message Security for Google Apps Administration Guide

With the exception of Early Detection filters, messages must pass other
filters before Attachment Manager.
Attachment Manager scans only valid messages. Message must pass
through spam, senders lists, and virus filters before filtering by Attachment
Manager. For example, a message infected with a virus that also triggers an
attachment filter, is processed according to your Virus Disposition, not the
attachment filter’s disposition. For example, the message will be deleted if
that’s how you have configured your virus setting, instead of quarantined,
approved, bounced per the attachment filter’s disposition.

Attachment Manager approved file types do not bypass Early Detection
filters.
Even if you add .exe files (for example) as an approved file type in Attachment
Manager, Early Detection may quarantine a message with a .exe file for
additional scanning.

Attachment Manager is configured at the organization level, and it is turned off by
default. After your initial Attachment Manager policy configurations, the
Attachment Manager configuration should be reviewed whenever you set new or
change existing attachment policies.

How Attachment Manager works with Gmail

Note the following regarding Attachment Manager and Gmail:

The message size limit for Gmail in Google Apps is 20 MB. You can use the
Attachment Manager message size setting to lower the 20 MB limit (but not
raise it).

Gmail always blocks (returns to the sender) email messages with executable
file attachments, such as .exe files, even if they are in a compressed file, such
as a .zip or .tar file. Therefore, you can't use Attachment Manager to "allow"
messages with these types of attachments. However, you can set up
Attachment Manager to quarantine these messages, so users can view them
in the Message Center. Keep in mind, though, that if a user attempts to deliver
such a message from quarantine, Gmail will then return it to the sender.

Attachment Identification Methods

Attachment Manager can identify incoming or outgoing messages with file
attachments in two different ways, and automatically scans compressed files:

Extension scanning: Attachment Manager examines the message’s MIME
(Multipurpose Internet Mail Extensions) headers to determine an attachment’s
extension. Sometimes, a malicious sender will try to disguise the file type by
renaming the file extension. Attachment Manager verifies the real file type by
checking for the MIME type as well as literal file extension.

Attachment Manager uses extension scanning by default.

Binary scanning: Attachment Manager scans a portion of the attachment
itself to determine its file type. This method can recognize file types more
accurately than extension scanning.

See also other documents in the category Google Software: