Attachment filtering exceptions RSS Back to forum
@NorbertFe:
Hello Norbert,
Unfortunately this is not yet possible in ORF, but the good news is that next major release - which is scheduled for early Q4 - will introduce this feature as well.
Would unchecking "Attachment Filtering Test" in the whitelist exception help by whitelisting the senders included in the autosender whitelist from attachmentblocking? With the risk of wrong entries in the aws list.
Regards
Norbert
@NorbertFe: Yes, it would help. The reason I did not mention this is because this would exclude *all* whitelisted senders from Attachment Filtering, which might cause problems should the system of the trusted sender get compromised or infected.
Yes I'm aware of that. I do have two choices at this time. ;) sending all filtered (valid) attachments to my users (kind of pita for both sides) or allowing it for aws members with the risk you mentioned.
I presume you have an antivirus configured to check the attachments for malware anyway, so disabling the Attachment Filtering Test in the Whitelist Test Exceptions dialog would not be that risky, but it would increase the chance of malicious files getting through, nonetheless.
@Daniel Novak (Vamsoft):
Hi Daniel,
are you sure the aswl feature takes precedence over the attachment filtering agent? I cleared the checkbox in the Whitelist Test Exceptions and checked, that the sender/recipient are existent in the aswl database (SQL in my case), but still the attachments are replaced and put into quarantine. I'm running the latest ORF Fusion 5.5 on 2 Edge 2016 with CU10 (since yesterday, CU9 before).
Regards
Norbert
@NorbertFe: Yes, every whitelist takes precedence over the Attachment Filtering test when it is marked disabled in the 'Tests > Whitelist Test Exceptions' dialog. Is the Auto-Sender Whitelist (ASWL) assigned to the 'On Arrival' filtering points? Try to re-save the configuration (Ctrl + S) just to make sure that the most recent settings are used by ORF. Also, the ASWL test has three whitelist options that control for which recipients should the sender be whitelisted. You might want to double-check those settings (Whitelists > Auto Sender Whitelist > Settings).
Hi Daniel,
I did re-save the configuration multiple time. The aswl is per recipient with a lifetime of 720h. So I guess something's not right. Can anyone check this with their own configuraiton?
Yep, that is the problem. Since the Attachment Blacklist runs at the On Arrival filtering point, the Auto Sender Whitelist - and any other whitelist - should be assigned to the On Arrival filtering point as well.
Please try the above and let me know whether this has fixed the problem.
Hi Daniel,
that did the trick. I can live with this configuration for now, but the Filtering exceptions would still be nice to have.
Regards
Norbert
@NorbertFe: I am glad to hear that, and I can assure you that the Attachment Filter exceptions are in the works :)
Hi,
is it somehow possible to filter all office attachments except when it's received from sender ?
Regards
Norbert