Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] E-mail Attachment stripping, Checkpoint VPN-1 / FW-1

To: <[email protected]>, <[email protected]>
Subject: Re: [FW1] E-mail Attachment stripping, Checkpoint VPN-1 / FW-1
From: Paul Messer <[email protected]>
Date: Wed, 01 Aug 2001 15:12:46 +0000
In-reply-to: <[email protected]>
References: <000901c11808$21a6d070$32d84298@bigmuzi>
Sender: [email protected]

Robert,

your problems with attachment stripping can be very very easily solved....

I waited forever in the vein hope that checkpoint would do something about .exe's and .vbs's etc...but to no avail...anyway our mail server Gordano's NTMail does attachment stripping, content checking, and virus checking and disinfection on the fly....you could use this as an internet mail gateway to solve all your problems and it's totally brilliant...(god they owe me now !!!) take a look at www.ntmail.com

Hello,
I attempted to strip a number of files from incoming SMTP and POP3 traffic
on our Checkpoint Firewall, running 4.1 SP3 on Solaris. I made the
following changes to the objects.C file:

: (smtp_filter
        :color (magenta)
        :type (Tcp)
        :comments ("SMTP with Attachment Stripping")
        :port (25)
        :src_port_from ()
        :src_port_to ()
        :fastmode (false)
        :res_type (
                :tytpe (refobj)
                :refname ("#_SMTP spec")
        )
        :forbiddenfiles (
                :("{*.vbs, *.A, *.1*}")
        )
)

Nothing too brilliant, as the change was taken right from the Release
Notes of 4.1 SP3. I even removed the existing objects.C.sav and
objects.C.bak out of $FWDIR/conf to another folder. When I brought the
firewall back up, I received a number of error messages and the firewall
failed. Any one have similar problems with setting up Attachment Filtering
on SMTP or POP3?
What I question is the following:

1. I placed spaces in :("{*.vbs, *.A, *.1*}") between the comma and next
extension, anyone know if that's a problem?
2. I edited the objects.C in pico, should I have used vi?

Any comments or suggestions would be appreciated.

Thanks,

Robert Woods

================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Paul Messer
Systems Development Manager
Taylor & Francis Publishing Services

Tel: 01256 813000

Prev by Date: RE: [FW1] SecuRemote question
Next by Date: [FW1] FW1 Administration
Previous by thread: RE: [FW1] How to Manage a Floodgate Module????
Next by thread: [FW1] FW1 Administration
Index(es):
- Date
- Thread