A content filtering rule is created to scan against attachment names (e.g. *.doc). However when the attachment is inside a container file, like zip file, the document is not quarantined.
Symantec Mail Security for Microsoft Exchange (SMSMSE) is working as expected. When the message part to scan is attachment name Mail Security does not evaluate the file names that are inside a container file.
There are two solutions to this problem. Choose the solution that best suits your needs.
The following screen shows an example:
1. Open the SMSMSE console.
2. Click on the Policies tab.
3. Click the Content Enforcement|File Filtering Rules View item.
4. Enable the File Name Rule.
5. Click the Select... button to select a match list. If there is not an existing match list for the filenames to block then create a new match list and select it.
The following screenshot shows an example: