How to Allow Encrypted Archives in MetaDefender Core?

Summary

By default, MetaDefender Core (MD Core) blocks encrypted archive files since their contents cannot be scanned. If it is necessary to allow encrypted archives to pass through (for example, when integrating with MetaDefender Email Gateway Security (EGS)), the workflow can be configured to classify these files as “Allowed.”

This article explains how to configure the workflow so that encrypted archives are not blocked and can be forwarded even when their contents cannot be scanned.

Symptoms

Encrypted archive files sent via email are automatically blocked by MetaDefender Core or MetaDefender Email Gateway Security (EGS).

Cause

Encrypted archives cannot be scanned because their contents are protected by a password. By default, such files are blocked to prevent potential threats from bypassing security checks.

How to Allow Encrypted Archives

Follow the steps below to configure MetaDefender Core to allow encrypted archives:

1. Access the Configuration Interface Log in to the MetaDefender Core management console.
2. Select the Workflow Choose the workflow used by MetaDefender Email Gateway Security (EGS) or the relevant integration.
3. Open the Process Settings Navigate to General → Process.
4. Enable Allowed Processing Results Enable the option “Processing results to be classified as Allowed.”
5. Select Encrypted Archive Under this section, select “Encrypted archive.”
6. Save the Configuration Click Save to apply the changes.
7. Verify the Configuration Confirm that the new setting is saved successfully.

Expected Result

Encrypted archives that cannot be scanned are classified as Allowed and forwarded according to the configured workflow.