Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 37 subscribers
  • Views 15303 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

E-Mail Protection: File protection MIME-Type Filter not working accordingly

OlvrKl

Hello everyone,

I have a strange problem on a customer's XG210 (SFOS 18.0.5 MR-5-Build586). We have been granulating the Filetype-Filter in the E-Mail Protections Mailpolicy. We recently added the MIME-Types for Macro-Enabled officefiles to the Filter

application/vnd.ms-word.document.macroEnabled.12,
application/vnd.ms-word.template.macroEnabled.12,
application/vnd.ms-excel.sheet.macroEnabled.12,
application/vnd.ms-excel.template.macroEnabled.12,
application/vnd.ms-excel.addin.macroEnabled.12,
application/vnd.ms-excel.sheet.binary.macroEnabled.12,
application/vnd.ms-powerpoint.addin.macroEnabled.12,
application/vnd.ms-powerpoint.presentation.macroEnabled.12,
application/vnd.ms-powerpoint.template.macroEnabled.12,
application/vnd.ms-powerpoint.slideshow.macroEnabled.12,
application/vnd.ms-powerpoint.slide.macroEnabled.12

This list here is regarding the MIME-Types for Post Office 2007 Macro-Enabled Filetypes which works accordingly. Now I wanted to Add the Pre-2007 filetypes, which didn't differentiate between Macro-Enabled File and Non-Macro-Enabled filetypes. Since this is an old standard I added the MIME-Types as well to be filtered:

application/vnd.ms-powerpoint,
application/msword,
application/vnd.ms-excel,

But when I do this post Office 2007 Filetypes, that are not macroenabled are beeing filtered too. These Filetypes are pptx, docx and xslx. I tested thoroughly by creating new Testfiles and als checking the MIME-Type manually with Tools.

They were recognized as the following, which are obviously different.

application/vnd.openxmlformats-officedocument.wordprocessingml.document
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
application/vnd.openxmlformats-officedocument.presentationml.presentation

Is this a known bug? I couldn't find anything regarding this Problem. I already contacted Sophos Support, but it's rather exhausting, since they still don't understand my issue and I don't want to waste anymore time.

Thanks in advance for your help!

Regards,

Oliver



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to emmosophos

    Hello,

    i got answer from Support. This issue seems to be fixed with 18.5.1 which released during my open Case. I will install the new release, check if the issue is resolved and give an update. Thanks in the meanwhile for your help!

  • 0 in reply to OlvrKl

    Hello OlvrKI,

    Thank you for taking the time to update the community.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • +1 in reply to emmosophos

    Hello Emmanuel,

    my ticket got escalated to a Global Escalation Specialist. After I told him I would try to update the appliance, he said that an update would probably not help. This problem was already discussed with development but rejected according to him. The following workaround helped me:

    Adding the MIME-Types for all Office Files (legacy and modern Office-MIME-Types) to the Filefilter.

    Select the modern OfficeFiles-MIME-Types in the MIME-Whitelist.

    Somehow Sophos does recognize the right MIME-Type, but for whatever reason is also checked against the MIME-Types of Legacy Office Files. Adding them to Exceptions (Whitelist) stops processing of the files and will then not filter them.

Unfiltered HTML