Hello everyone,
yesterday I tried to create a exclusion for *.pkpass files. Sophos recognizes this file format as a certificate and blocks it according to Sophos's predefined list.
What I have tried so far:
Creating a new "Attachment file type rule" in the Data control policy, which should strip the pkpass attachment.
This rule works great, but there are problems if another forbidden file type is attached to the same mail in addition to the pkpass file type. Then the mail gets accepted. If I use the "Continue Processing" feature, the mail is of course blocked because the file type certificate is blocked in the associated rule below.
What is the best solution in this situation? Did I miss something?
Best regards,
Jonas
Edited TAGs
[edited by: Raphael Alganes at 11:29 PM (GMT -7) on 6 Aug 2024]