?
Solved

Fire box 750e deletes certain pdf

Posted on 2009-05-05
4
Medium Priority
?
428 Views
Last Modified: 2012-05-06
I have a firebox 750e that keeps deleting this particular pdf. I can get other pdfs so it is not a file type issue. Additionally the sender is known and trusted.  Here is the message:
The WatchGuard Firebox which protects your network detected a message which may not be safe.

Cause : The message content may not be safe.
Content type : application
File name    : Rimrock Resolutions.PDF
Virus status : No information.
Action       : The Firebox deleted Rimrock Resolutions.PDF.

Your network administrator can not restore this attachment.
0
Comment
Question by:mmentele
  • 2
  • 2
4 Comments
 
LVL 32

Accepted Solution

by:
dpk_wal earned 750 total points
ID: 24307777
You must be using SMTP or HTTP proxy; by default the proxy service would deny many of the attachments, hence the problem.

In Policy Manager, edit the specific service, go to Properties tab; click View/Edit Proxy button, go to Content Types; here add "application/*" from Predefined.

Please note if you do not want to allow this content type for all users, then you must add another proxy service to allow traffic specifically from this sendor, configure to allow content type, configure service as below:
Enabled and Allowed; from public-ip-of-client; to NAT-as-configured-in-original-service

Thank you.
0
 

Author Comment

by:mmentele
ID: 24307859
Thanks. I am using an SMTP proxy. I have the application type application/*pdf allowed. That should do it right? I am not sure if I want to add application/* wont that allow all?
0
 
LVL 32

Assisted Solution

by:dpk_wal
dpk_wal earned 750 total points
ID: 24307901
application/*pdf allows all content type of *pdf belonging to application category; what firebox is reading here is;
>>Content type : application

So we would need to allow application/*

You are correct this is a security risk; either ask the user to encode the file using some other application so the content type is correctly understood by the firebox; OR as the user is trusted, create another SMTP proxy service as I detailed, now only for this specific user you allow application/* using new service all other traffic is screened using the current/existing SMTP service.

Thank you.
0
 

Author Comment

by:mmentele
ID: 24307948
I have asked the user to send as a zip. That was my first solution but what I don't get is normally the message will say specifically what application or mime type was blocked and I would use that to make my exception, this time it did not... Wonder why?

Thanks for your suggestions -M
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question