The HTML Sanitizer engine can strip this attachment of certain scripts leaving broken links and the recipients unable to open the email.Īlthough the encrypted emails are from a trusted source, the method in which they are being sent legitimately registers as an email exploit. In the case of Office 365 Encrypted Email, this attachment is called message.html. Root CauseĮncrypted emails are usually sent as an HTML attachment with a standard filename. If the issue persists with mail scanning disabled then the cause is unrelated to MailEssentials and troubleshooting should continue by checking other external components affecting the mail flow. \GFI\MailEssentials\EmailSecurity\DebugLogs\Html Script Removal.gfi_log.txtīefore proceeding, it is advisable to confirm that the root cause is MailEssentials by temporarily disabling scanning emails as described here: Enabling or Disabling GFI MailEssentials Processing.
You can obtain more details on the removed scripts by enabling tracing and examining the debug log file for the HTML Sanitizer found in the location below. When the HTML Sanitizer module acts upon an email to remove malicious scripts and tags, the Dashboard logs would not show this information but the actions taken will always be logged in the debug logs.
The procedure described is applicable to the various forms of email encryption such as Office 365 Encrypted (Secure) Messages or Cisco Secured Emails (Registered Envelope Service, also called SecureDoc). This article describes a solution to this problem that is caused by the HTML Sanitizer or the Email Exploit Engine scrubbing the encrypted attachments for malicious tags. Received encrypted emails have their links, images, or scripts removed even though the UI logs show the message was processed as. Recipients of Office 365 Encrypted Emails will sometimes receive HTML attachments having broken links or HTML scripts removed from the encrypted attachment thereby making them unable to access the encrypted emails.
0 kommentar(er)
