Hello,
We want to inspect attachments, especially archives to search for malwares inside it.
Anyway, some of them are encrypted, and password is often contained in the body of the email.
So, following this documentation, we may be able to extract a password contained in the body : https://docs.fortinet.com/document/fortimail/6.4.2/administration-guide/921588/configuring-content-p...
[ol]Specify the type of passwords to use:[/ol][ul]Words in email content: use the words before and after the keywords as the passwords. Number of words to try: specify how many words before and after the keywords to use. For example, in the email content, there is such a sentence: “To open the document, please use password 123456. If you cannot open it, please contact us.” If you specify to use two words before and after the keyword, “please”, “use” (two words before the keyword “password”), “123456”, and “If” (two words after the keyword “password”) will be used as one by one as the password to decrypt the attachments.[/ul]I can see the "Number of words" field in Content Profile, but I don't find where to enter the "keywords" from which to make the offset.
Can you confirm is it possible, or it search only beside "password" keyword, so unable to search beside "pass" or any other language ?
FortiMail 2000E / Firmware version: v6.4.2(GA), build427, 2020.09.01
Thank you,
Regards
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.