Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Archive password decryption options



We want to inspect attachments, especially archives to search for malwares inside it.

Anyway, some of them are encrypted, and password is often contained in the body of the email.


So, following this documentation, we may be able to extract a password contained in the body :

[ol]Specify the type of passwords to use:[/ol][ul]Words in email content: use the words before and after the keywords as the passwords. Number of words to try: specify how many words before and after the keywords to use. For example, in the email content, there is such a sentence: “To open the document, please use password 123456. If you cannot open it, please contact us.” If you specify to use two words before and after the keyword, “please”, “use” (two words before the keyword “password”), “123456”, and “If” (two words after the keyword “password”) will be used as one by one as the password to decrypt the attachments.[/ul]

I can see the "Number of words" field in Content Profile, but I don't find where to enter the "keywords" from which to make the offset.


Can you confirm is it possible, or it search only beside "password" keyword, so unable to search beside "pass" or any other language ?


FortiMail 2000E / Firmware version: v6.4.2(GA), build427, 2020.09.01   

Thank you,