The policies won't have a size parameter/restriction, but the content filter scanning may. It would be set in your "scanconfig" command that is only configured from the command line. "scanconfig" has a size parameter option where if the entire message exceeds that size, then the content filters will not act upon that message.
How do I control body and attachment scanning in filters?
After testing the use of dictionaries, it appears that there is a limit on the number of entries within a dictionary.
I have deleted our 'AdultContent' dictionary (which combined both the sexual_content_txt and profanity_txt dictionaries from Ironport) and tested the sexual_content_txt and profanity_txt dictionaries.
When only using the profanity_txt dictionary (134 entries), the .flv file is blocked correctly. When only using the default sexual_content_txt dictionary (235 entries), the .flv file is wrongly allowed through.
I have amended the sexual_content_txt dictionary and reduced the number of entries from 235 to 197. Now when the amended sexual_content_txt dictionary is used the .flv file is blocked correctly.
If I add an arbitrary entry to the sexual_content_txt dictionary to increase the number of entries to 198, the .flv file is wrongly allowed through.
I have set the (QuarantineAdult) content filter to use both the profanity_txt (134 entries) and sexual_content_txt (197 entries) dictionaries in two separate conditions within same content filter and the .flv file is blocked correctly.
The NotifyChangeControl dictionary doesn't have any effect upon the .flv file (probably as it only has 19 entries in it).
So it looks as if the fix to the problem is to reduce the entries within any one single dictionary until the rules work as required.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...