Blocking Downloads of Webmail Attachments using Application Firewall
03/26/2020 22 12219
This article describes the method to block attachement downloads from webmail. This method uses the HTTP Response Custom Header option in Application Firewall Objects. HTTP Response Custom Header field allows users to configure HTTP response headers and their respective values for Application Firewall to filter traffic. For more info on HTTP Headers refer RFC 2616.
For the purpose of preventing webmail attachments from being downloaded we use the HTTP Response header "Content-Disposition". The Content-Disposition header field contains the disposition-type and disposition-parm (parameter). The syntax is Content-Disposition: attachment; filename=fname.ext where filename is the name of the attachment. For more info refer RFC 1806.
Login to the SonicWall Management GUI.
Navigate to the Application Firewall | Applicatin Objects page (Match Objects page in 126.96.36.199 and above).
Click on Add New Object and enter the following information:
Navigate to the Application Firewall | Policies page (App Rules page in 188.8.131.52 and above).
Click on Add and create the following policy:
How to Test:
From a workstation behind the SonicWall, log into webmail. Click on a mail with attachment. Try to download the attachment. You will not see any error but will not be able to download the attachment. Check SonicWall logs and you will find logs similar to the one below.