Encryption Management Server release 10.5.1 introduced a feature that allows attachments with specific file extensions to be blocked from being attached to messages by Web Email Protection users.
This feature works by examining the file extension. It does not determine the file type by examining the contents of the attachment. This is similar to the way that email clients such as Microsoft Outlook behave.
Symantec Encryption Management Server release 10.5.1 and above.
Before editing the file, it is good practice to take a backup of it:
cp /etc/ovid/prefs.xml /var/lib/ovid/customization/prefs.xml.bak
The tag of the prefs.xml file that needs to be edited is this:
This article contains the list of 115 file extensions that Microsoft Outlook blocks by default. In order to block these extensions, you would change the <blocked-file-types> tag to this. Note that multiple extensions are separated with a semi-colon:
Hundreds of file extensions can be included in the <blocked-file-types> tag if required.
In a clustered environment, after saving your changes to the /etc/ovid/prefs.xml, ensure it is replicated to other cluster members by running this command:
pgprepctl file /etc/ovid/prefs.xml
Then restart the tomcat service with this command:
pgpsysconf --restart tomcat
When a Web Email Protection user clicks on the Add attachment button, browses to and selects a blocked attachment type and then clicks on the Attach button, this message is displayed:
The user can then either attach an acceptable attachment or cancel the operation.