This article describes how to scan the email contain password protected archive file.
1) Navigate in the GML GUI Go to: Profile -> Content Profile and select Create New or modify current Content Profile.
3) Next, expand the File Password Decryption Options and enable Words in email content by default the 'Number of adjacent word to keyword' is set to 5.The minimum adjacent word is 1 and the maximum is 10.
Number of adjacent word to keyword means the words before and after the keywords as the 'passwords' or 'pass'. Number of words to try: specify how many words before and after the keywords to use.
For example, in the email content, there is such a sentence: 'To open the document, please use password 123456. If you cannot open it, please contact us.'
Specify to use two words before and after the keyword, 'please', 'use' (two words before the keyword 'password'), '123456', and 'If' (two words after the keyword 'password') will be used as one by one as the password to decrypt the attachments.
4) Apply this content profile to the IP policy or recipient policy accordingly.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.