Solved: Re: ESA blocked file attachment that was not included in content filter

cammy.busto · ‎09-25-2017

Hi,

Is anyone experiencing that ESA is blocking the file/s attachment which are not included in the content filter policy? Like 7z, jar, docx. I only configured to block 4 extension file (ENDS WITH), and still some attachment was hitting this policy. The current AsynOS is 10.0.2 build 20.

Please help! Thanks

Libin Varghese · ‎09-26-2017

That is correct. Domain cannot be added to the HAT sendergroup.

It can be either an IP, complete hostname, or partial hostname.

- Libin V

View solution in original post

Libin Varghese · ‎09-25-2017

Hi,

Can you share what the current filter is what was blocked?

- Libin V

cammy.busto · ‎09-26-2017

Hi,

I will post the detail once I encounetered again this issue.

Btw, what is the best practice for BLACKLISTING? Is it IP Address or Domain?

Thanks

Libin Varghese · ‎09-26-2017

Hi,

The connection level configuraiton for HAT sendergroups allows you to blacklist using the sender IP or FQDN.

To block a domain you would need to use content or message filters.

Recommended approach would be use the HAT sendergroups since its saves processing.

Regards,

Libin Varghese

cammy.busto · ‎09-26-2017

Hi Libin,
Yes, it's under HAT. For clarification, you mean to say that ESA will not block domain in BLACKLISTED SENDER GROUP?

I have a list of blacklisted IP with the same domain and I'm planning to lessen the list.

Libin Varghese · ‎09-26-2017

That is correct. Domain cannot be added to the HAT sendergroup.

It can be either an IP, complete hostname, or partial hostname.

- Libin V

cammy.busto · ‎09-26-2017

I see. Thanks a lot Libin!