Administrators can now configure the default Anti-Malware verdict for password-protected attachments
When an email containing a password-protected attachment is inspected, Avanan attempts to find the password in the context of the email itself and by other means. 

If the password is found, the attachment will be inspected by the Anti-Malware engine just like any other attachment. However, if the password cannot be extracted, administrators have to make a decision whether to allow such attachments through or not.  

Avanan now allows administrators to configure the default verdict the Anti-Malware engine returns in case the password of the password-protected attachment cannot be extracted.

This is done under Configuration -> Security Engines -> Anti-Malware -> Configure

Note - this feature is now being gradually deployed and you should see it in your portal during the next week.