Thread: Excel protected workbook appears opaque to virus-scan?
View Single Post
  #1   Report Post  
Posted to comp.security.firewalls,microsoft.public.excel.programming
[email protected] sebthirlway@hotmail.com is offline
external usenet poster
  
Posts: 5
Default Excel protected workbook appears opaque to virus-scan?
Hi

I've just developed an Excel workbook with VBA in it, which has been
sent as a questionnaire to c. 400 associates nationwide, as an email
attachment.

Some users are not receiving these emails, because the email scanning
software in their organisation is objecting to the file. Here's part
of a typical automated response from a firewall:

[email]....has not been delivered as it has been classified as
containing encrypted data that cannot be checked using the current
automatic content analysis tools.

The thing is, the file is NOT encrypted. It's a normal .XLS (Excel
2000) file, with some VBA code in it. I've scanned it with McAfee
Viruscan Enterprise here at work, and with AVG at home, with no
problems detected.

The only thing I can imagine the security software objecting to is the
fact that the workbook and worksheets are "protected" with a password.
Now this is _not_ encryption: simply a cosmetic measure that prevents
users from changing certain features of the spreadsheet - anyone can
open the workbook and have a look at everything in it. (To repeat the
point: this is not a password-protected file, which requires a password
to be opened: workbook/worksheet protection is distinct from that).

The sheets are protected for a good reason: when they're filled in and
sent back, they're bulk-imported into a database: any change to the
structure of the spreadsheets would completely mess up the import code.

Has anyone come across a similar problem? Is what's happening maybe
not determined by the particular software these orgs are using, but by
some custom rule the mail-admins might have set up within it? Or does
Excel in fact encrypt .XLS files (or part of them) when you protect a
worksheet and/or workbook? But if it did, surely McAfee and AVG would
have objected to these files, which they don't. My copy of AVG was
last updated yesterday, and as far as I know I haven't customised it by
flicking a "be especially lenient towards .XLS files" switch - so why
are these firewalls rejecting the files?
(maybe I've got the wrong end of the stick on this last point -
corporate-scale email security would tend to be _more_ paranoid than me
as an individual, due to the volume of traffic it handles?).

I have no experience of corporate-scale email setups (except as a
user), so I'm a bit mystified how they work with regard to security.

I don't have a clear picture yet of exactly what software is being used
as the firewall (there are 35 different organisations to contact).
This just seems very strange.

thanks for any ideas


Seb

Reply With QuoteReply With Quote