Blocked files problem

hi, see anti-virus , file block and enable in smtp *.exe that' s work fine.

Thanks, but as I wrote everything is enabled. And we do have our own exchange server working with SMTP. I just rechecked it. The funny thing is, that some emails from spammers got blocked due to *.scr attachments which got quarantined. On the other hand I just sent me an file test.scr with a webmailer (web.de) and this attachment went through ... the testfile is a text document renamed with the commando shell from test.txt to test.scr. This is what I do not understand. Could it be, that HTML-Mails with attachments do not get checked? I will try to send me an test mail in text only. Oliver

Rechecked it with a webmailer sending in plain text. Either an attached .scr and a .exe went through. So why the heck are some attachments blocked and others of the same type go through. I am lost ... Oliver

I have sometimes the same problem http://support.fortinet.com/forum/tm.asp?m=6655&appid=&p=&mpage=1&key=&language=&tmode=1&smode=1&s=#6655

" Glad" to hear that it is not me. I sent I bug report to Fortinet but they ignore it. Seems to me that there service from former times is gone. Nobody with a solution for this error? Best Oliver

giessler: Can you post a bit of your Anti-Virus log? I would like to see some of the entries, specifically the ones where it was blocking .scr files from some e-mail.

Sure, here we go: 5 2005-03-10 11:37:12 warning 217.87.136.18 192.168.0.1 external internal The file your_archive.pif is blocked. 6 2005-03-10 09:42:15 warning 192.168.0.11 213.191.73.2 internal external The file upd02.com is blocked. 7 2005-03-10 09:42:15 warning 192.168.0.11 213.191.73.2 internal external The file wsd01.com is blocked. 8 2005-03-10 09:29:45 warning 217.184.17.50 192.168.0.1 external internal The file readme_lippert.zip is infected with W32/Netsky.P-mm. ref http://www.fortinet.com/VirusEncyclopedia/search/encyclopediaSearch.do?method=quickSearchDirectly&virusName=W32%2FNetsky.P-mm. 9 2005-03-10 09:29:33 warning 217.184.17.50 192.168.0.1 external internal The file message.scr is blocked. 10 2005-03-10 09:29:33 warning 217.184.17.50 192.168.0.1 external internal The file is infected with W32/Netsky.P-dr. ref http://www.fortinet.com/VirusEncyclopedia/search/encyclopediaSearch.do?method=quickSearchDirectly&virusName=W32%2FNetsky.P-dr. 11 2005-03-10 09:22:47 warning 217.184.17.50 192.168.0.1 external internal The file number_phone_product.txt.exe is blocked. I just sent one of the blocked pifs as an attachment with an webmailer to my account ... it went through ... Edit: I tried to send the very file from my internal account back to the webmailer ... then it got blocked by the firewall ... Thanks for your help! Oliver

Can you tell me what is the file size for the passthrough attachment? and what is the oversize limit in your fortigate? check from antivirus->config->config on GUI. van

Sorry, I was a few days off. Our problem with SMTP got solved (as it seems) by setting splice to the " wrong" status and then back to the " right" status to get rid of blocked attachments. Maybe it is just an coincidence ... Oliver