ProSecure Unified Threat Management (UTM) Appliance Reference Manual
6-8 Content Filtering and Optimizing Scans
v1.0, January 2010
3. Click Apply to save your settings.
E-mail Content Filtering
The UTM provides several options to filter unwanted content from e-mails. You can filter content
from e-mails based on keywords in the subject line, file type of the attachment, and file name of
the attachment. You can also set an action to perform on e-mails with password-protected
attachments.
Several types of e-mail blocking are available:
• Keyword blocking. You can specify words that, should they appear in the e-mail subject line,
cause that e-mail to be blocked by the UTM.
• Password-protected attachments. You can block e-mails based on password-protected
attachments such as ZIP or RAR attachments.
• File extension blocking. You can block e-mails based on the extensions of attached files.
Such files can include, executable files, audio and video files, and compressed files.
• File name blocking. You can block e-mails based on the names of attached files. Such names
can include, for example, names of known malware threat such as the Netsky worm (which
normally arrives as netsky.exe).
Subject The default subject line for the notification e-mail is “Malware detected!”
You can change this subject line.
Message The warning message informs the sender, the recipient, or both about the
name of the malware threat. You can change the default message to
include more information.
Note: Make sure that you keep the %VIRUSINFO% meta word in a
message to enable the UTM to insert the proper malware information. In
addition to the %VIRUSINFO% meta word, you can insert the following
meta words in your customized message:
%TIME%, %PROTOCOL%, %FROM%, %TO%, %SUBJECT%,
%FILENAME%, %ACTION%, %VIRUSNAME%.
Table 6-2. E-mail Anti-Virus and Notification Settings (continued)
Setting Description (or Subfield and Description)