'[FW-1] SMTP security server filtering attachments'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewall-1
Subject:    [FW-1] SMTP security server filtering attachments
From:       "Matney, John" <JMatney () POST-TRIB ! COM>
Date:       2002-04-30 20:36:32
[Download RAW message or body]

Hi folks,

        To address an interim issue, I am trying to use the smtp security
server to filter attachments on incoming emails. I'm running CP 4.1 sp5a on
a IP 330/IPSO 3.4.1.

I have placed the following in my $FWDIR/conf/objects.C:

                : (email_attachments_filter
                        :maxsize (1000000)
                        :allowed_chars ("8 bit")
                        :av_setting (none)
                        :av_server ()
                        :color (black)
                        :type (smtp)
                        :comments ("filters specific attachments")
                        :err_notify (false)
                        :default_server ()
                        :error_server ()
                        : (forbiddenfiles
                                : ("{*.vbs,*.exe,*.com,*.bat}")

                        )
                        : (content-type
                                : ()
                        )
                        : (from
                                : ()
                                : ()
                        )
                        : (to
                                : ()
                                : ()
                        )
                        : (user_field
                                : ()

                                : ()
                                : ()
                        )
                        : (match_from
                                : ("*")
                        )
                        : (match_to
                                : ("*")
                        )
                        :except_track ("Exception Log"
                                :type (log)
                                :color (Blue)
                                :format (long)
                                :icon (log.pr)
                        )
                )

In the Policy Editior I have created the following rule:

any     server_mail     smtp->email_attachments_filter  accept  long


When this rule is enabled, no email makes it to my server. The email bounces
back to the sender with a 554: Mailbox unavailable. With this rule disabled,
the same message makes it to the server without error.

I've checked the logic, and I _think_ everything should be correct, but
there is obviously a problem. Does anyone have a suggestion as to why the
security server is bouncing mail?

TIA

John

=================================================
To set vacation, Out Of Office, or away messages,
send an email to LISTSERV@lists.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic