03/26/2020 25 People found this article helpful 454,077 Views
This article describes the method to block attachement downloads from webmail. This method uses the HTTP Response Custom Header option in Application Firewall Objects. HTTP Response Custom Header field allows users to configure HTTP response headers and their respective values for Application Firewall to filter traffic. For more info on HTTP Headers refer RFC 2616.
For the purpose of preventing webmail attachments from being downloaded we use the HTTP Response header "Content-Disposition". The Content-Disposition header field contains the disposition-type and disposition-parm (parameter). The syntax is Content-Disposition: attachment; filename=fname.ext
where filename is the name of the attachment. For more info refer RFC 1806.
From a workstation behind the SonicWall, log into webmail. Click on a mail with attachment. Try to download the attachment. You will not see any error but will not be able to download the attachment. Check SonicWall logs and you will find logs similar to the one below.