A compliance policy configured to trigger with messages carrying attachments that should match the Password Protected Files is not able to capture encrypted archive format files like rar or 7z.

This issue has been addressed in Symantec Messaging Gateway (SMG) v10.0.0.

Following an update to SMG version 10.0.0 or greater, password protected attachments will be filtered as follows:

1. If file is password protected + zip encrypted, it will be caught by the antivirus module.
2. If antivirus is disabled for the recipient or not licensed, password protected + zip encrypted attachments will be caught by content filtering
3. If file is only password protected + zip, it will be caught by content filtering.

For version 10.8.0/1 encrypted rar or 7z files will not be captured by a content policy with "Password Protected Files". To overcome this it is suggested to add a Malware type of policy with the condition "Contain an encrypted attachment".