Operational Defect Database
BugZero found this defect 2558 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3bxSAA
SMTP and POP3 proxies incorrectly block MS Access and WatchGuard Mobile VPN with IPSec configuration files
Last update date:
5/18/2017
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.10.x
11.10
11.10.1
11.10.2
11.10.3
11.10.4
11.10.5
11.10.6
11.10.7
Fixed releases:
All
Description:
Issue
When the SMTP or POP3 Proxy fails to correctly detect the content type of a file, content auto detection will often describe the content as binary. By default, the SMTP and POP3 proxies will not allow binary files. This issue impacts these file types: MS Access -- ACCDB and MDB files WatchGuard Mobile VPN with IPSec Configuration files - .wgx
Workaround/Solution
To allow or AV Scan binary files, follow these steps to edit the POP3 or SMTP Proxy Action: 1. From the Fireware Web UI, select Firewall > Firewall Policies. The Policies page appears. 2. If the lock icon at the top of the page is in the closed position, click it to allow configuration changes. 3. Select the Policy name for the POP3 or SMTP proxy policy. 4 The Firewall Policies / Edit page appears. 5. Select the Proxy Action tab. 6. If (predefined) appears to the right of the Proxy Action drop-down list, select Clone the current proxy action from the drop-down list to create a new Proxy Action that you can edit. 7. In the Proxy Action, select Attachments > Content Types. 8. Click Add. The Add Rule dialog appears. 9. In the Rule name textbox, type Binary. 10. Do not change the default Match type drop-down selection Pattern Match. 11. In the Value textbox, type binary. 12. From the Action drop-down list, select AV Scan. If your box is not licensed or configured for Gateway AntiVirus, select Allow.
