Home Page

VPN & Cryptography


Email & Spam

Security Topics


Email Spam

Zero Day Window


Bayesian Algorithm

Content and Connection control

Directory Harvesting Attacks

Email Encryption

Email Archiving

File attachments

Image scanning

Port forwarding and MX records

Reputation filters

Encrypted attachments

Grey Listing

Email Monitoring

Internal Email Security

Open Relay

Per user quarantine area

Reverse DNS lookup & SPF

RFC Compliant emails


Email Throttling

What is Spam

Whitelists and Blacklists



Scanning of Encrypted Email Attachments


In the past, spammers and hackers used to hide their malware in encrypted attachments which could not be scanned. This was one of the common ways and common threats posed by criminals when it came to email based threats. Some companies do not control these types of threats, simply because they are not educated enough, or do not have the resources to handle such threats, or they feel too many security functions turned on has a negative effect on user productivity where work is far too important to be blocking and filtering of encrypted email. If you are not scanning for encrypted email attachments you can be risking confidential data leakage, malicious threats, and a whole and breaking laws depending on the type of organisation and location.

For these reasons it is important to ensure your spam security solution can, at the very least, quarantine encrypted email attachments for further manual analysis. Clearswift is a security vendor known for its MIMEsweeper email security software that is able to block encrypted attachments. Not only can Clearswift do this, but can control encrypted attachments at a very granular level, which can be controlled by groups of users, and the direction of emails. For example a certain group of users are permitted to send encrypted attachments, and a certain group of users are permitted to receive encrypted attachments, and encrypted attachments are permitted for a certain group of users if it's outbound traffic only.

This is the kind of granularity required in today's world due to the heavy usage of emails, dependant on the organisation's security policy.

Further Reading

Wikipedia's guide to Email Encryption