This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Thomas_Werner
Employee Alumnus
Employee Alumnus
‎2018-11-21 07:33 AM

R80.20/R80.10 MTA now includes AV blade features

Hi,

so with the following MTA takes you got AV blade support INSIDE MTA for R80.10 and R80.20:

24.10.18

R80_10_mta

Take 21

8010.991003028 
  • Alignment to R80.20 MTA engine update
    • Anti-Virus over MTA support

10.10.18

R80_20_mta

Take 7

8020.991002075

The following are available in R80.20 Gateway & Management:

  • Anti-Virus over MTA support

Mail Transfer Agent Update - What's New 

Make sure you have installed latest take via CPUSE:

AV configuration

So with these takes you get AV feature inside MTA.

This means you configure AV as usual in your profile and this will be enforced on email inside MTA (no stream blocking issues anymore):

AV action

The action that is taken by AV is shared also with TE in this section of the TP profile:

AV logging

After enabling you will see malicious AV events in MTA:

AV file type blocking

You can also leverage AV´s file blocking capabilities including Magic Byte detection.

Here is a sample configuration to block all Executables directly attached to email messages:

And the related log:

Regards Thomas

0 Replies

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events