Scan Exception List

Trend Micro Email Security allows you to configure different types of exceptions. If an email message meets any of the following conditions, Trend Micro Email Security will trigger an exception and take the specified actions:

  • The number of files in a compressed file exceeds 353.

  • The decompression ratio of a compressed file exceeds 100.


    The decompression ratio refers to the ratio between a decompressed file's size and its original compressed size. For example, for a 1 MB compressed file, if the decompressed file size is 100 MB, the ratio would be 100 to 1, which is equivalent to 100.

  • The number of decompression layers in a compressed file exceeds 20.

    Trend Micro Email Security checks for malware "smuggled" within nested compressions and supports scanning up to 20 recursive compression layers.

  • The size of a single decompressed file exceeds 60 MB.

  • An Office 2007/2010/2013/2016 file contains more than 353 subfiles.


    An Office 2007/2010/2013/2016 file is actually a zip archive of XML files. Therefore, Trend Micro Email Security treats such an Office file as a compressed file and triggers an exception when the Office file consists of more than 353 files.

  • An Office 2007/2010/2013/2016 file contains a subfile whose decompression ratio exceeds 100.

  • Malformed messages.

  • Virtual Analyzer scan exception.

    Possible scenarios include:

    • Cloud sandbox analysis timed out.

    • Unable to connect to the cloud sandbox.

    • The available sandbox images do not support the file format.

    • The extracted or downloaded file exceeds the file size limit.

    • Unable to access the URL.

    • The URL is invalid.

  • Virtual Analyzer submission quota exception.


The Virtual Analyzer scan exception and submission quota exception are available only in inbound protection.

These settings are not included in the Trend Micro Email Security Standard license.

For details about different license versions, see Available License Versions.