GFI AVG Anti-Virus Updates for GFI MailSecurity, RNW, 250-499u, DEU AVGREN250-499 User Manual
Product codes
AVGREN250-499
62
GFI MailSecurity 2011
Configuring other mail filters
This filter allows you to block or delete emails with archives that exceed the specified
physical size when uncompressed. Hackers sometimes use this method in a DoS (Denial of
Service) attack by sending an archive that can be uncompressed to a very large file that
crashes content security or anti-virus software. To configure this filter:
physical size when uncompressed. Hackers sometimes use this method in a DoS (Denial of
Service) attack by sending an archive that can be uncompressed to a very large file that
crashes content security or anti-virus software. To configure this filter:
1. Navigate to GFI MailSecurity
► Scanning & Filtering ► Decompression.
2. From the list of available filters, click Check size of uncompressed files in archives.
3. To enable this filter select the Check size of uncompressed files in archives checkbox.
4. Specify the maximum size of uncompressed archives in the Maximum size of
uncompressed files in archive in Mb
uncompressed files in archive in Mb
text box. If an uncompressed archive‟s size is bigger
than the specified value, the email is triggered as malicious.
5. Specify what to do when an email contains an archive that triggers this filter:
Quarantine
Quarantines blocked emails
Automatically Delete
Deletes blocked emails
NOTE: When GFI MailSecurity is installed on same machine as Microsoft Exchange 2003,
GFI MailSecurity may not be able to block outbound emails, but instead replaces the blocked
content with a threat report.
GFI MailSecurity may not be able to block outbound emails, but instead replaces the blocked
content with a threat report.
6. Select Send a sanitized copy of the original email to recipient(s) to choose whether to
forward a copy of the blocked email to the recipients but with the malicious content removed.
forward a copy of the blocked email to the recipients but with the malicious content removed.
7. Click the Actions tab to configure further actions.
8. GFI MailSecurity can send email notifications whenever an email triggers this filter. To
enable this feature, select any of the following options:
enable this feature, select any of the following options:
Notify administrator
Notify the administrator whenever this engine blocks an email. To configure the
administrator‟s email address refer to chapter
administrator‟s email address refer to chapter
Notify local user
Notify the email local recipients about the blocked email.
9. To log the occurrence of this activity to a log file select the Log occurrence to this file
check box. In the text box specify:
check box. In the text box specify:
Path and file name (including .txt extension) to a custom location on disk where to store
the log file, or
The file name only (including .txt extension). The log file will be stored in the following
default location:
<GFI MailSecurity installation path>\ContentSecurity\MailSecurity\Logs\<filename>.txt
10. Click Apply.
Check for amount of files in archives