Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
179
Views
0
Helpful
3
Replies

sporadically faulty function of the attachment name filter

Mrskathy
Level 1
Level 1

‎04-01-2025 04:30 AM

We operate a Cisco Email Security Gateway in a cluster with version 16.0.1-019.

It often happens that ordinary Office files (docx, pptx) are filtered by the attachment name filter and not delivered (the virus scanner removed an attachment containing dangerous files).

This is not the case with test emails, however, and they arrive without errors.

We were able to determine that the affected senders have one thing in common: they are listed in the unknown list by the SBRS score and send from the Office cloud.

Can anyone help us? Whitelisting the IP in the unknown list didn't help.

Labels:
0 Helpful
3 Replies 3

Ken Stieers
VIP
VIP

‎04-01-2025 06:28 AM

Do the test mails fail with the same attachments?
Docx/pptx are zip files... so they can contain other files that could be dangerous, and the ESA will unzip and find them..
Do you have other filters based on file type or extension that could be catching these embedded files?

0 Helpful

Mrskathy
Level 1
Level 1

‎04-01-2025 06:31 AM

These are delivered in test emails. Packing them into an archive results in the same error.

0 Helpful

Ken Stieers
VIP
VIP
In response to Mrskathy

‎04-01-2025 07:07 AM

Are you using the "bad" attachments in your test mails too?
Do the logs tell you what exactly they think is bad about the attachments?


0 Helpful
Customers Also Viewed These Support Documents
Top