[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Please help
Hello, Well smtp resource will catch all smtp connections and drop them. You need 1 rule any --> mailserver --> smtp resource --> accept Then the resource properties(security server) will decide what is or is not allow in. Plus some editing of the Object.C file is needed according to http://www.europe.f-secure.com/support/av-gateway/firewalls/faq.html Q. How can I strip attachments in emails? A3: If you have installed Check Point FireWall-1 4.1 SP3 you have the option to strip certain files based on the file extension. You need to define the extension in /etc/fw/conf/objects.C. Add a forbidden section in the resourcesobj part. In the example below, the resource is named smtp-attachment. Close the firewall GUI before manipulating the objects.C and reinstall the policy after the modification: :resourcesobj (resourcesobj : (smtp-attachment :maxsize (1000) :allowed_chars ("8 bit") :av_setting (none) :av_server () :color (blue) :type (smtp) :comments () :err_notify (false) :default_server () :error_server () : (match_from : ("*") ) : (match_to : ("*") ) : (from : () ) : (to : () : () ) : (user_field : () : () : () ) :except_track ("Exception Log" :type (log) :color (Blue) :format (long) :icon (log.pr) ) : (content-type : () ) : (forbiddenfiles : ("{*.vbs,*.exe}") ) ) ) Regards, Werner -----Original Message----- From: Daniele Bortoluzzi [mailto:[email protected]] Sent: Thursday, September 27, 2001 10:37 AM To: [email protected] Subject: [FW1] Please help Hi all, I am new in firewall stuff... I need some advice about stripping email attachments. I made a rule like any --> mailserver --> smtp resource --> drop And another below: I made a rule like any --> mailserver --> smtp --> accept But it drops ALL incoming SMTP connections... If someone helps me telling me how to use mi fw-1 to do this I will appreciate it a lot :-) (I am using the windows policy editor...) ciao Daniele ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|