Zimbra block emails Virus Heuristics.Encrypted


SystemMen - Zimbra block emails Virus Heuristics.Encrypted. Have you ever received notifications from users that customers cannot send mail to them. With the message “Our content checker found virus: Heuristics.Encrypted.Zip“.

zimbra-block-emails-virus-heuristics-encrypted-01 Zimbra block emails Virus Heuristics.Encrypted
Notification “Our content checker found virus: Heuristics.Encrypted.Zip”.

What is this error? Why does it happen when a customer sends you an email? How to handle it?

Zimbra block encrypted archives and Heuristics.Encrypted files

Zimbra uses ClamAV to check for viruses in emails. This is very good.

By default, Zimbra sets up block encrypted archives. What is this?

Usually, there are many viruses that are sent as compressed files and have a password. That helps viruses pass through anti-virus programs. This is quite dangerous.

However, in some cases. Customers aim to secure information sent by email. They pack and set a password for their file. And that makes the anti-virus program misunderstand that it is a virus.

To turn off that feature, in Admin dashboard, you go to Configure -> Global Settings -> AS/AV. Uncheck Block encrypted archives.

zimbra-block-emails-virus-heuristics-encrypted-02 Zimbra block emails Virus Heuristics.Encrypted
Uncheck “Block encrypted archives” in Zimbra.

Then, login to the Zimbra server. Switch to user Zimbra.

# su zimbra

And type the following command to restart Zimbra’s anti-virus service.

$ zmclamdctl restart

Conclusion

This unblocking you consider before you do. Zimbra virus Heuristics.Encrypted is a very confusing type. It could be a clean file but it could be a real virus.

Because it can cause viruses to bypass Zimbra mail’s anti-virus system. But in some cases (for example, my own), I have to remove it.

«« »»