Environment
GWAVA (Secure Messaging Gateway) 7
Situation
What needs to be done to prevent SMG from blocking various files, such as a .dwfx, as a COM fingerprint?
Resolution
COM files have no official file format, the only indicators
that are recognizable in them overlap certain character sequences
in other files. This is why there are false positives with other
file types firing as a COM fingerprint. The best solution is to
create an inline exception by detecting a com file only if it also
does not detect as another file type or attachment name etc. Here
are steps to do this:
1) On the Inbound Mail filter policy, drag a Fingerprint node down to the workbench, from the Filter section above. Click on the icon on the left to edit it and add COM to the list. A note can be added in the white, such as "COM files", to help remember what this special rule is for.NOTE: Make sure COM is not in the list on the other Fingerprint filter node.
2) Drag the green dot on the right of the Fingerprint node and let go, you should see a list of Filters. Select Attachment Name.
3) Click on the icon on the left of the Attachment Name node, to edit it. Type in the list of attachment types that are being falsely blocked for COM fingerprints. For example: .dwfx
4) Click on the arrows on the right of the Attachment Name node and select the option for 'Invert node logic'. A note can be added to the white such as 'NOT dwfx files' to help remind what this is for.
5) Drag the orange dot on the right of the Attachment Name node, to the right and let go. Select 'block' from the list. Save changes.
The files types that were entered in the Attachment name list,
should now not be blocked as a COM fingerprint.