Watchguard Firebox X1000 User Manual page 162

Chapter 9: Configuring Proxied Services
Blocking email attachments
You can use two methods to block email attachments.
Either allow only save content types or deny file name pat-
terns. These two methods can be used together to further
protect your network from malicious email attachments.
Allowing safe content types
MIME stands for Multipurpose Internet Mail Extensions, a
specification about how to pass audio, video, and graphics
content by way of email or HTML. The MIME format
attaches a header to content. The header describes the type
of multimedia content contained within an email or on a
Web site. For instance, a MIME type of "application/zip" in
an email message indicates that the email contains a Zip
file attachment. By reading the MIME headers contained in
an incoming email message, the Firebox can strip certain
MIME types and admit only the types you want. You
define which types of attachments are admitted and which
are denied by using the Firebox's HTTP and SMTP proxies.
From the Incoming SMTP Proxy Properties dialog box:
1
Click the Content Types tab. Specify whether you
want to block certain file-name patterns in email
attachments by selecting the checkbox marked Allow
only safe content types and block file patterns.
140 WatchGuard Firebox System