SMSMSE imposes various limits on file extraction. These limits protect against denial-of-service attacks that are associated with overly large or complex container files that take a long time to decompose. These limits also enhance scanning performance. SMSMSE contains a decomposer that extracts the contained or imbedded files so that the individual files can be scanned for risks. The decomposer continues to extract container files until it reaches the base file.
WARNING: When a container file reaches a set limit, the scanning process stops, the violation is logged, and the file is handled according to Unscannable File Rule.
To configure file scanning limits:
- In the SMSMSE console on the primary navigation bar, click Policies.
- In the sidebar under General, click Scanning Limits.
- In the content area, in the Maximum scan time (in seconds) box, type the maximum time that SMSMSE can spend extracting a single container file. You can enter a value from 10 to 500000. The default value is 300.
- In the Maximum archive scan depth (number of levels) box, type the maximum number of nested levels of files that are decomposed within a container file. You can enter a value from 1 to 50. The default value is 10.
- In the Maximum size of one extracted file (in MB) box, type the maximum file size, in megabytes, for individual files in a container file. You can enter a value from 1 to 1024. The default value is 100.
- In the Maximum total size of all extracted files (in MB) box, type the maximum size, in megabytes, of all extracted files. You can enter a value from 1 to 1024. The default value is 200.
- In the Maximum number of files extracted box, type the maximum allowable number of files to be extracted. You can enter a value from 1 to 1000000. The default value is 5000.
- On the toolbar, click Deploy changes to apply your changes.