Symantec Protection for SharePoint Servers (SPSS) 6.0 was deployed in the SharePoint farm. After deployment, certain files are getting blocked by it even though Symantec Antivirus on desktop had cleared those as clean files.
In one of my previous post Linked Excel Files and SharePoint, I covered the details on how linked files work in SharePoint.
2 – The file: FileNameByFM.xlsx -contains Unscannable Content. Reason: Container Size Violation | Container Size Violation -Status: Blocked
This file cannot be saved to the document library. If you want to save this file to the document library, clean the file using alternative virus scanning software and try saving it again.
Troubleshoot issues with Microsoft SharePoint Foundation.
|File can not be uploaded to SharePoint dueto Symantec Antivirus for SharePoint SPSS|
If you are trying to upload a new file, the file is not uploaded. If you are trying to save after edit / checking out, file, it doesn’t work either.
The issue is due to the linked MS Excel files that were on user desktop. Only container file was uploaded to the SharePoint. The file was 25 MB in size.
Follow the steps listed below to find the linked files:
1. Open the Microsoft Excel file from SharePoint
2. Go to Data ribbon tab and then click Edit Links under Connections group
3. Review the linked file(s) for Location. Update / remove as it applies to your container file
4. Save and close the file
|Microsoft Excel – Edit Linked Files|
You might have to do these step by downloading a copy of that file on your desktop and then make above changes.
|Microsoft Excel – Edit Linked Files – Review Location|
Even removing the linked file didn’t help in this case. The linked file was unnecessary in this scenario. Symantec Protection for SharePoint was still treating that file as a container file. Make sure you review the data in container Excel file that might be coming from the linked file.
I found that Symantec Protection Engine portal on the SharePoint server (http://localhost:8004) has a default filter policy for container handling. Symantec Protection Engine is a separate component of Symantec Protection for SharePoint Servers.
Container File Processing Limits:
Following filter policies were defined by default.
Stop processing a container file when any of the following limits is met or exceeded.
a. Time to extract file meets or exceeds: 180 seconds
b. Maximum extract size of the file meets or exceeds: 100 MB
c. Maximum extract depth of the file meets or exceeds: 10 levels
When processor limit is met or exceeded: Deny access to the file and generate a log entry.
|Symantec Protection for SharePoint Servers – Filtering Policies on Container Handling|
I changed the container file policy to: Allow access to the file and generate a log entry.
That seemed to resolve the issue.
In this scenario, due to internal only SharePoint, the decision was made to allow access to files in case of container file processing limits are reached or exceeded. The decision was in favor of application availability rather strict security.