How to Block Dangerous Email Attachments with Regex?

Unanswered Question
Jul 3rd, 2010
User Badges:

Dear Reader,

I would like to know that , how can i block email attachment via ASA Regex using ASDM 6.2.

I am able to block websites and stuff like that. But i want to block email attachments which are harmful. As an example i would like to block .mp3 extensions, so that if some one want to send an attachment with mp3 it would get deleted automatically. I hope you got my point.

Thanks a lot for viewing and answering.

Best Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
JORGE RODRIGUEZ Sat, 07/03/2010 - 06:42
User Badges:
  • Green, 3000 points or more

For that you would need spam filter functions that can be delivered by CSC-SSM module for the ASAs , that is able to see email content/attachments and filters them based upon configured rules on the device.

CSC-SSM Product overview

See tabe-1


darklord2020 Tue, 07/06/2010 - 20:48
User Badges:

Thanks for the reply, however i thought it was possible with Regex also.

Nagaraja Thanthry Tue, 07/06/2010 - 21:45
User Badges:
  • Cisco Employee,

Regex is generally used with HTTP inspection. Unfortunately, the fiewall cannot get into the content of the SMTP traffic. For that you do need a content security module.

Typically, using the inspections, the firewall can check the application header and ensure that it meets the policy requirements. However, the firewall cannot get into the application payload (except in some cases like VoIP) and block contents. Hope this helps.




This Discussion