Had a incident where an email with .htm attachmentI(with a phishing link in it) went through the TE appliance deployed in mta mode and was delivered to the user.
TE appliance deployed in MTA mode for email and in ICAP mode for web traffics.
is it normal that TE appliance could not detect the phishing link in a attachment(.htm) which came in an email.
sk106123 also states that .htm format is not in the supported list.
what could be done to have these type of emails blocked by TE appliance.