Blocking Downloads of Webmail Attachments using Application Firewall

Description

This article describes the method to block attachement downloads from webmail. This method uses the HTTP Response Custom Header option in Application Firewall Objects. HTTP Response Custom Header field allows users to configure HTTP response headers and their respective values for Application Firewall to filter traffic. For more info on HTTP Headers refer RFC 2616.

For the purpose of preventing webmail attachments from being downloaded we use the HTTP Response header "Content-Disposition". The Content-Disposition header field contains the disposition-type and disposition-parm (parameter). The syntax is Content-Disposition: attachment; filename=fname.ext where filename is the name of the attachment. For more info refer RFC 1806.

Resolution

  • Login to the SonicWall Management GUI.
  • Navigate to the Application Firewall | Applicatin Objects page (Match Objects page in 5.8.0.0 and above).
  • Click on Add New Object and enter the following information:
    ImageNavigate to the Application Firewall | Policies page (App Rules page in 5.8.0.0 and above).
  • Click on Add and create the following policy:
    ImageHow to Test:

    From a workstation behind the SonicWall, log into webmail. Click on a mail with attachment. Try to download the attachment. You will not see any error but will not be able to download the attachment. Check SonicWall logs and you will find logs similar to the one below.

     

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community