I have a question. How can I make the MWG policy so that when downloading from the Internet the zip file packed and encrypted with a password redirected to the ATD for verification?
If the file is encrypted with a password, automated scanning would not be able to decrypt it to scan the object. So I'm not sure this will work as expected. MWG has rules in the Enable Opener ruleset which allow you to block or allow encrypted/multipart/corrupt archives:
Having said that, MWG has a property called "Body.IsEncryptedObject" -- it will be set to true if it encounters an object that is encrypted (like a zip file).
The criteria logic goes from a AND b AND c to (a AND b AND c) OR d. The parentheses are important here.