Restoring Passwords of Mail Archives

Web interface allows to promptly restore passwords for protected archives with threats received by email users. Such archives are used by Dr.Web for UNIX Mail Servers to store malicious and unwanted parts of a scanned email message, if the action Pass is applied to an email message. Depending on the value of the configuration parameter RepackPassword, archives:

Can be free of password protection (None);

Protected with the same password indicated in the parameter (Plain);

Protected with unique passwords generated for each archive on the basis of a secret word and unique email message identifier (HMAC).

Interface for password restoration allows an administrator of an email system to restore (by user request) a password for an archive protected according to the HMAC method, if the user shared the unique email message identifier, and administrator knows the secret word used for the password generation (by default, the secret word is a current secret word from the value of the parameter RepackPassword, if mode HMAC is set).

If password generation method has been changed, the correct password decryption will require the secret word which was current at the moment of the email message unpacking and password generation for the protected archive with threats.

If there is no unique identifier in the user email message, this means that generation of password for the archive was performed using the Plain method, and the password restoration interface cannot restore the password.

Restoring Passwords

Restoration of passwords for protected archives with threats is performed via the panel which is displayed when you choose the Password for attached archive with threats item in the main menu of the web interface. The launched panel is displayed in the bottom right corner of the web interface. The figure below shows what the password restoration panel looks like.

Figure 12. Panel of restoration of passwords for mail archives

To restore a password for an archive generated with the HMAC method, indicate:

Message ID, which was conveyed by the recipient of the email message that contains a password protected archive;

Secret word, used in the Dr.Web MailD settings at the moment of an email processing (by default, if the HMAC method of password generation is indicated in the Dr.Web MailD settings, this field will be filled with the current secret word).

To restore a password for the archive, click Get password. The generated password will be displayed in the Password for the archive field.

To close the panel, click in the top right corner of the panel.