I noticed that some of the archive files are not being scanned by MWG7.3 and a normal download popup appears in Internet Explorer prompting for download.
From this site to be exact
Any help would be greatly appreciated.Message was edited by: prajoshgeorge on 2/27/13 12:58:44 PM CST
If you are refering to Common Rules -> Enable Opener -> Enable Composite Opener, It is already enabled (default).
It is set to run always for all cycles.
I noticed it happens to the below site as well
It seems to be the same issue with Web Gateway 6.9.4.Message was edited by: prajoshgeorge on 02/03/13 04:41:00 CST
What files are you testing with specifically? Also, how are you judging whether or not something was scanned? Purley based on whether or not you recieved a progress page or...?
On the csm-testcenter site there is encrypted archives mixed in there as well, so if you arent blocking encrypted content, that would explain why they are allowed.
I tested with my default configuration and the eicar virus was found for non-encrypted archives.
In your original response, I see you are saying that "the original IE prompt" is received, rather than the progress page.
Just because your get the IE download box, does not mean the MWG hasnt scanned the file. The MWG may have downloaded the file and scanned it, in less than the time you have set for displaying the progress page (its usually delayed by 5-10 seconds).
Thanks I will check that out. BTW how can I implement a rule to block corrupted archives?
I tried with the below rule
It seems to block all of the links on the right side on this website (arabic)
188.8.131.52 "moi.gov.kw" 403 "-" 2147 5363 "POST http://moi.gov.kw/portal/varabic/ShowPage.aspx?newsID=2523 HTTP/1.1" "-" "-" 0 "Enable Opener/Block Corrupted MediaTypes" 22 "Media type blocked" false "-" false "-" "-" "http://moi.gov.kw/portal/varabic/ShowPage.aspx?newsID=2523"
When I turned off the rule the links started working.