Solved

Fire box 750e deletes certain pdf

Posted on 2009-05-05
4
424 Views
Last Modified: 2012-05-06
I have a firebox 750e that keeps deleting this particular pdf. I can get other pdfs so it is not a file type issue. Additionally the sender is known and trusted.  Here is the message:
The WatchGuard Firebox which protects your network detected a message which may not be safe.

Cause : The message content may not be safe.
Content type : application
File name    : Rimrock Resolutions.PDF
Virus status : No information.
Action       : The Firebox deleted Rimrock Resolutions.PDF.

Your network administrator can not restore this attachment.
0
Comment
Question by:mmentele
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 32

Accepted Solution

by:
dpk_wal earned 250 total points
ID: 24307777
You must be using SMTP or HTTP proxy; by default the proxy service would deny many of the attachments, hence the problem.

In Policy Manager, edit the specific service, go to Properties tab; click View/Edit Proxy button, go to Content Types; here add "application/*" from Predefined.

Please note if you do not want to allow this content type for all users, then you must add another proxy service to allow traffic specifically from this sendor, configure to allow content type, configure service as below:
Enabled and Allowed; from public-ip-of-client; to NAT-as-configured-in-original-service

Thank you.
0
 

Author Comment

by:mmentele
ID: 24307859
Thanks. I am using an SMTP proxy. I have the application type application/*pdf allowed. That should do it right? I am not sure if I want to add application/* wont that allow all?
0
 
LVL 32

Assisted Solution

by:dpk_wal
dpk_wal earned 250 total points
ID: 24307901
application/*pdf allows all content type of *pdf belonging to application category; what firebox is reading here is;
>>Content type : application

So we would need to allow application/*

You are correct this is a security risk; either ask the user to encode the file using some other application so the content type is correctly understood by the firebox; OR as the user is trusted, create another SMTP proxy service as I detailed, now only for this specific user you allow application/* using new service all other traffic is screened using the current/existing SMTP service.

Thank you.
0
 

Author Comment

by:mmentele
ID: 24307948
I have asked the user to send as a zip. That was my first solution but what I don't get is normally the message will say specifically what application or mime type was blocked and I would use that to make my exception, this time it did not... Wonder why?

Thanks for your suggestions -M
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Downgrade From Domain to WorkGroup 3 84
Support licences 3 31
HP Printer on Windows 2003 Terminal Server 4 65
VLAN Question 7 44
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question