Hello community,
I have the challenge to identify attachments of unwanted file types within a message filter on the ESA (7.6.1). To do so I have used the function "attachment-binary-comtains()" to match the "Magic Bytes" of a file type. This is what I tried for 7zip as an example:
sevenzip:
if attachment-binary-contains('\x37\x7A\xBC\xAF\x27\x1C')
{
log-entry('7zip');
}
.
An error occurred during processing: Error in regular expression "7z\xbc\xaf'\x1c": 'utf8' codec can't decode byte 0xbc in position 2: unexpected code byte
Can anyone help me with the syntax of the filter statement? The system should not interpret the string as UTF-8 but as binary data.
Thanks and regards,
Markus