Management General Management Topics Logging and Reporting Multi-Domain Management Policy Management
- Local User Groups
Had a incident where an email with .htm attachmentI(with a phishing link in it) went through the TE appliance deployed in mta mode and was delivered to the user.
TE appliance deployed in MTA mode for email and in ICAP mode for web traffics.
is it normal that TE appliance could not detect the phishing link in a attachment(.htm) which came in an email.
sk106123 also states that .htm format is not in the supported list.
what could be done to have these type of emails blocked by TE appliance.
This is more to think of an extension type and not the actual link. Is there a business reason to receive emails with html attachments? If not, block the extension, otherwise you will still be protected by your URL filtering, application control policy and Threat Emulation on Gateway level.