Skip Fingerprint for .com files in Text Body

  • 7020418
  • 15-May-2015
  • 21-Mar-2019

Environment


Secure Messaging Gateway
or
GWAVA 6.5

Situation

A mail without an attachment was blocked by the Fingerprint filter and a .com file has been detected.

Resolution


If the Fingerprint filter detected a .com file in a mail without an attachment this indicates that some strings in the body text were similar to executable .com files. Usually this is caused by special characters.

To prevent mails from being blocked by Fingerprint if no .com file is attached, there is an option to skip the test for .com files in the body text.

For SMG, do the following:

1. In the SMG System Administration page, under Organization / Policy Management | Policy scan configuration | <policy> | Edit Fingerprint Executable Files

2. Click on 'Add new types' and find COMNOTEXT in the list.


3. Click on COMNOTEXT to add it to the active fingerprints list.


4. Save changes.

The Fingerprint filter should now only detect .com files if such a file is actually attached to the mail.


For GWAVA 6.5, do the following:
1. In the GWAVA Management Console go to Server / Interface Management - [Server name] - Server Management - Configure server - Advanced.
2. Enable Skip .com fingerprint in text body.


The Fingerprint filter should now only detect .com files if such a file is actually attached to the mail.

Additional Information

This article was originally published in the GWAVA knowledgebase as article ID 2542.