cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Biju_Nair
Nickel

Sandblast appliance .htm support

Had a incident where an email with .htm attachmentI(with a phishing link in it) went through the TE appliance deployed in mta mode and was delivered to the user.

TE appliance deployed in MTA mode for email and in ICAP mode for web traffics.

is it normal that TE appliance could not detect the phishing link in a attachment(.htm) which came in an email.

sk106123 also  states that .htm format is not in the supported list.

what could be done to have these type of emails blocked by TE appliance.

1 Reply
Highlighted

Re: Sandblast appliance .htm support

This is more to think of an extension type and not the actual link. Is there a business reason to receive emails with html attachments? If not, block the extension, otherwise you will still be protected by your URL filtering, application control policy and Threat Emulation on Gateway level.