[prev in list] [next in list] [prev in thread] [next in thread]
List: firewall-1
Subject: [FW-1] SMTP security server filtering attachments
From: "Matney, John" <JMatney () POST-TRIB ! COM>
Date: 2002-04-30 20:36:32
[Download RAW message or body]
Hi folks,
To address an interim issue, I am trying to use the smtp security
server to filter attachments on incoming emails. I'm running CP 4.1 sp5a on
a IP 330/IPSO 3.4.1.
I have placed the following in my $FWDIR/conf/objects.C:
: (email_attachments_filter
:maxsize (1000000)
:allowed_chars ("8 bit")
:av_setting (none)
:av_server ()
:color (black)
:type (smtp)
:comments ("filters specific attachments")
:err_notify (false)
:default_server ()
:error_server ()
: (forbiddenfiles
: ("{*.vbs,*.exe,*.com,*.bat}")
)
: (content-type
: ()
)
: (from
: ()
: ()
)
: (to
: ()
: ()
)
: (user_field
: ()
: ()
: ()
)
: (match_from
: ("*")
)
: (match_to
: ("*")
)
:except_track ("Exception Log"
:type (log)
:color (Blue)
:format (long)
:icon (log.pr)
)
)
In the Policy Editior I have created the following rule:
any server_mail smtp->email_attachments_filter accept long
When this rule is enabled, no email makes it to my server. The email bounces
back to the sender with a 554: Mailbox unavailable. With this rule disabled,
the same message makes it to the server without error.
I've checked the logic, and I _think_ everything should be correct, but
there is obviously a problem. Does anyone have a suggestion as to why the
security server is bouncing mail?
TIA
John
=================================================
To set vacation, Out Of Office, or away messages,
send an email to LISTSERV@lists.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic