Email Encrypted Attachments
In the past spammers and hackers used to hide their malware in encrypted attachments which could not be scanned. This was one of the common ways and common threats. Some companies do not control these types of threats, simply because they are not educated enough, do not have the resources to handle such threats, or their work is far too important to be blocking and filtering of encrypted email. If you’re not scanning for encrypted mail you can be risking confidential data leakage, virus threats, and a whole lot of other threats.
For these reasons it is important to ensure your spam proxy firewall can at least quarantine encrypted attachments for further manual analysis. Clearswift's MIMEsweeper software can block encrypted attachments. Also a user can setup a rule to explicitly allow some users to send encrypted attachments. For example a company can set their policy up so that all encrypted emails are quarantined, however another rule saying directors from this company can send encrypted attachments to directors at another company.
