Thread Info
  • Locked Locked
  • Replies 16 replies
  • Subscribers 8 subscribers
  • Views 45240 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Still no extension blocking within zip files?

JoergRiether
I hope i am wrong,, I really do, but could it be true that in 2015 UTM still can not check for blocked extensions (no i am not talking about mime types i am talking about stupid simple extensions like .js) inside zip archives? This was announced for 9.300. Seems to me the announcement was wrong and only covers mime types. PLEASE tell me i am wrong. Best, Joerg


This thread was automatically locked due to age.
Parents
  • "Anyone at Sophos like to comment on this? I find this is an impossible situation!" Emily is a Sophos employee and she did Joerg. :) Devs and those who can get development time aren't on these forums. You'd need to take this to the feature request site at http://feature.astaro.com. I know it's already on there somewhere, just add votes. Other than that, if you're a reseller, you can contact your channel manager to discuss. If a paid license user, you can contact your reseller to contact their channel manager.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
  • in reply to Scott_Klassen

    Hi Scott,

    the feature request is there for a long time (feature.astaro.com/.../3263802-av-scan-for-file-extensions-within-zip-files).

    We already contacted sales and support. Multiple times.

    Now - only place left to tell Sophos this is an impossible situation is this place ;-)

    What makes me very angry is the releases notes of 9.3. They say:

    #True-File-Type Detection
    #In our web and mail proxy we now traverse archive files (zip, rar, etc.) to detect the types of files inside. This
    #allows granular policy enforcement based on file types included in an archive rather than blocking archive
    #files in general.


    And that is just not true. Not for ANY mail, just for some where the MIME stuff fits just right for the Sophos logic. And we are in 2015.

    Again: This is an impossible situation!

    Best,
    Joerg

Reply
  • in reply to Scott_Klassen

    Hi Scott,

    the feature request is there for a long time (feature.astaro.com/.../3263802-av-scan-for-file-extensions-within-zip-files).

    We already contacted sales and support. Multiple times.

    Now - only place left to tell Sophos this is an impossible situation is this place ;-)

    What makes me very angry is the releases notes of 9.3. They say:

    #True-File-Type Detection
    #In our web and mail proxy we now traverse archive files (zip, rar, etc.) to detect the types of files inside. This
    #allows granular policy enforcement based on file types included in an archive rather than blocking archive
    #files in general.


    And that is just not true. Not for ANY mail, just for some where the MIME stuff fits just right for the Sophos logic. And we are in 2015.

    Again: This is an impossible situation!

    Best,
    Joerg

Children
No Data
Unfiltered HTML