Zimbra block emails Virus Heuristics.Encrypted. Have you ever received notifications from users that customers cannot send mail to them. With the message “Our content checker found virus: Heuristics.Encrypted.Zip“.
What is this error? Why does it happen when a customer sends you an email? How to handle it?
Zimbra block encrypted archives and Heuristics.Encrypted files
Zimbra uses ClamAV to check for viruses in emails. This is very good.
By default, Zimbra sets up block encrypted archives. What is this?
Usually, there are many viruses that are sent as compressed files and have a password. That helps viruses pass through anti-virus programs. This is quite dangerous.
However, in some cases. Customers aim to secure information sent by email. They pack and set a password for their file. And that makes the anti-virus program misunderstand that it is a virus.
To turn off that feature, in Admin dashboard, you go to Configure -> Global Settings -> AS/AV. Uncheck Block encrypted archives.
Then, login to the Zimbra server. Switch to user Zimbra.
su zimbraAnd type the following command to restart Zimbra’s anti-virus service.
$ zmclamdctl restartConclusion
This unblocking you consider before you do. Zimbra virus Heuristics.Encrypted is a very confusing type. It could be a clean file but it could be a real virus.
Because it can cause viruses to bypass Zimbra mail’s anti-virus system. But in some cases (for example, my own), I have to remove it.
(This is an article from my old blog that has been inactive for a long time, I don’t want to throw it away so I will keep it and hope it helps someone).
