Hello,
i have FG200D , running firmware 5.2.8
I am looking for a way to block all incoming emails that have attachments with extension (.ace)
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Profile - Content, you can add it.
I think you should preferably block extensions on your Mail Exchanger appliance, why? for logging and archiving what is blocked.
If you still want to do it on Fortigate, you need to go to Security Profiles -> Data Leak Preventions and make a new profile with a SMTP block of filename extension and put that filter on the policy for inbound and/or outbound (what is preferable).
I never tested this and like i said earlyer, why do this on firewall level, do it on mail exchanger level.
Created on 05-02-2017 10:55 AM
Use this Kb => http://kb.fortinet.com/kb/documentLink.do?externalID=FD35108
On the "Test_file_filter" list, change to "Filename pattern" and add "*.ace"
Apply this DLP to the firewall rule that inspects your Exchange traffic on port 25 SMTP.
That should be enough.
Luiz Alberto Camilo NCT São Paulo www.nct.com.br NSE-5 Expert
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.