Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 3 subscribers
  • Views 10236 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to block ALL attachments?

Ben

We want to block ALL file extensions and default them into quarantine. Is there a real easy&simple way like a wildcard?



This thread was automatically locked due to age.
  • 0

    I've not seen that requested before.  I guess you could do an exhaustive list of MIME types on the 'Anti-Virus' tab, like application/*.  I'm almost certain (haven't tried it) that you can't do it with wildcards on the file extension list, but an exhaustive list there might work for you.  Please let us know the results of your efforts.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    Will the new Sandboxing feature, coming in v.9.4 (out in beta now), alleviate your concerns?  Or are you trying to embargo all attachments for reasons other than potential malware?

  • 0 in reply to eganders

    Sandstorm has not impressed me yet in beta neither i believe it will be THE solution to all problems with crypto-trojans and other stuff.

    ---

    Sophos UTM 9.3 Certified Engineer

  • 0

    Just add a * to the MIME blacklist and monitor your quarantine. Then add MIME types you want to receive to the whitelist (text/html etc.)

Unfiltered HTML