Messaging Gateway

 View Only

  • 1.  Applying Content Filtering Policies

    Posted Jan 06, 2011 01:47 PM

    Hi!

      I'm new in the forum so Hello to you all!

    I'm testing SBM Gateway and after reading the manual I started to play with the soft. The thing is, I cant get policies work!

      I created a content filtering policy that notifies the Admin (me) when some user (in this case Me) sends a Password Protected Zip attach. The mail just pass trough unscanned!

      I created a policy group and added the mail account who sends and the one who receives (just in case) and activated the Virus and Content Filtering.

      The policy has one condition:

        If the file metadata is in the attachment list "Password Protected Files"

      Then Notifies the admin with a notification that I also Created.

    Let me know if you need more data

    Best Regards!!



  • 2.  RE: Applying Content Filtering Policies

    Posted Jan 06, 2011 02:52 PM

    Make sure you are applying the policy to a group - the default group if nothing else.  It is easy to create a policy but end up not applying it to any group, which means the policy isn't firing.

    You can also check the Message Audit Logs to ensure that your test messages are flowing through the system properly.  The Message Audit Logs will also report on any actions taken by Brightmail Gateway.



  • 3.  RE: Applying Content Filtering Policies

    Broadcom Employee
    Posted Jan 06, 2011 04:01 PM

    Angelos is right about the policy groups.

    One thing I wanted to mention may just be symantics, but you said they pass through unscanned. I wanted to clarify that we cannot scan encrypted files since we don't have the password. Just wanted to make sure you understood that.



  • 4.  RE: Applying Content Filtering Policies

    Posted Jan 07, 2011 09:29 AM

    I meant "They pass trough without being checked by SBM" I know you can't scan encrypted files and that's the mayor reason why I need to stop this type of mailing.

     

    I Checked Message audit logs and these are the mails Im talking about

      Sender                 Recipient       Subj  Veredict                             Action

    @****.com.ar @gmail.com 3    Encrypted attachment       Deliver message normally        

     

    @****.com.ar @gmail.com 2    Encrypted attachment Deliver message normally

     

    Is delivering the messages normally despite I've selected the "notification" action (send a mail notification to the admin, that's me in this case) and the veredict IS "Encrypted attachment". Is there some "secret way" to select witch action to take?? :)

    I'm Checking again, If you got some advice please let me know!

    Cheers!!



  • 5.  RE: Applying Content Filtering Policies

    Posted Jan 07, 2011 11:44 AM

    Your postings show the HTML code.  Could you post screen shots of the policy - from the admin / policy group / view policy;  and screen shot of the Msg audit disposition?

     

    Thanks



  • 6.  RE: Applying Content Filtering Policies

    Posted Jan 07, 2011 02:02 PM

    Thank you guys!

      I solved the problem creating the whole rule on "Virus Policies" triggering by "Unscannable file" and it worked just fine so far.

    Again Thanks for the handy hands

     

    Regards