Hi there,
After Samsung Email App (for Andoird OS) Update to version 6.1.30.30 , our XG 18.0.3 MR3 Publishing Rule (WAF) for Exchange server gets an error:
1. on Client side: Couldn't verify account
2. on XG logs : 403 WAF Anomaly - Inbound Anomaly Score Exceeded
2020-11-09 11:08:02Web server protectionmessageid="17071" log_type="WAF" log_component="Web Application Firewall" user="-" server="mail.domain.domain" src_ip="194.76.244.147" local_ip="xxx.xxx.xxx.xxx" protocol="HTTP/1.1" url="/Microsoft-Server-ActiveSync" query_string="?Cmd=Options&User=temp%40softinfo.ro&DeviceId=SEC10D234385E4A8&DeviceType=SamsungDevice" cookie="-" referer="-" method="OPTIONS" response_code="403" reason="WAF Anomaly" extra="Inbound Anomaly Score Exceeded (Total Score: 5)" content_type="text/html" user_agent="Android-SAMSUNG-SM-G950F/101.80000" response_time="1242" bytes_sent="4782" bytes_received="715" fw_rule_id="10"
3. WAF Rule hasn't been modified:
WAF Publishing Exchange Rule: exchange general
Exceptions :
Paths : /Microsoft-Server-ActiveSync*
Skip this checks - Static URL hardening - Checked
Advanced - Never change HTML during static URL hardering of gorm hardering
How to debug or Has anyone encountered this problem?
Many thanks in advanced
This thread was automatically locked due to age.