Trend Micro Email Security allows you to configure different types of exceptions. If an email message meets any of the following conditions, Trend Micro Email Security will trigger an exception and take the specified actions:
The number of files in a compressed file exceeds 353.
The decompression ratio of a compressed file exceeds 100.
The decompression ratio refers to the ratio between a decompressed file's size and its original compressed size. For example, for a 1 MB compressed file, if the decompressed file size is 100 MB, the ratio would be 100 to 1, which is equivalent to 100.
The number of decompression layers in a compressed file exceeds 20.
Trend Micro Email Security checks for malware "smuggled" within nested compressions and supports scanning up to 20 recursive compression layers.
The size of a single decompressed file exceeds 60 MB.
An Office 2007/2010/2013/2016 file contains more than 353 subfiles.
An Office 2007/2010/2013/2016 file contains a subfile whose decompression ratio exceeds 100.
Virtual Analyzer scan exception.
Possible scenarios include:
Cloud sandbox analysis timed out.
Unable to connect to the cloud sandbox.
The Virtual Analyzer scan exception is available only in inbound protection.