Block the 3MB file or larger file using the DLP.

DLP profile configuration for versions 7.2.4 and above: 

config dlp profile
    edit "test"    
        set feature-set proxy
            config rule
                edit 1
                    set name "block 3mb"
                    set proto smtp pop3 http-get http-post ftp nntp
                    set file-size 3072  ---> Match files greater than or equal to this size (KB article).
                    set file-type 2   ------->  Select the number of a DLP file pattern table to match.

                    set action block

Note: SSL inspection should be a deep inspection. and file type is part of the executable files listed.

For example, using the default file pattern 'all_executalbles' which block listed block files '.bat, .exe, .elf, .hat' file types.

To check the file types used in the profile as shown below (it is possible to add or remove the other file types in it).

config dlp file pattern
    edit 2
        set name "all_executables"
            config entries
                edit "bat"
                    set filter-type type
                    set file-type bat
                next
                edit "exe"
                    set filter-type type
                    set file-type exe
                next
                edit "elf"
                    set filter-type type
                    set file-type elf
                next
                edit "hta"
                    set filter-type type
                    set file-type hta
                next
            end
    next
end

Note: For versions between 6.2.2 and 7.2.3, the CLI commands are a bit different. DLP profile is configured as 'config dlp sensor' and 'config rule' is changed to 'config filter'. To get more information, review this article.

Related article:

Technical Tip: DLP Configuration to Block File's and Troubleshooting