Web Gateway - How to block Web Mail attachment uploads and downloads by media type
Technical Articles ID:   KB75546
Last Modified:  8/22/2019
Rated:


Environment

McAfee Web Gateway (MWG)

Summary

This article explains how to allow users to view and send emails from these services, but prevent them from downloading or uploading attachments.
 
Use the following steps to block Web Mail attachment uploads and downloads by media type:
  1. Confirm prerequisite rule set population and placement.

    For the media type filter to operate properly, the MWG must be able to view the file unencrypted and uncompressed. Two elements must be in place above the location of the new filtering rule set. These two elements are the SSL Scanner and the Enable Opener rule set. See the image rule_set_prerequisites.jpg in the .zip file attached to this article.
     
    • The SSL Scanner rule set must be above the other two rule sets (Enable Opener and the new WebMail Attachment Filter). Content inspection must be enabled within the SSL Scanner rule set. If the default SSL Scanner rule set is imported directly from the rule set library, this will be sufficient.
    • The Enable Opener rule set, found by default within the Common Rules rule set, must have the Enable Composite Opener event set. This allows the MWG to look through archives. If using the default Common Rules rule set directly from the rule set library, this is enabled by default.
       
  2. Import the WebMail Attachment Filter rule set.

    This rule set is based on the Media Type Filter rule set. It applies only to URL hosts that have the Web Mail categorization. Within the rule set, there are two lists (WebMail Attachment Upload BlockList and WebMail Attachment Download BlockList). Use these lists to configure the type of media types (files) that you want to prevent from being uploaded, and downloaded, respectively.
     
    1. Within the Rule Sets tab, click Add and select Add Top Level Rule Set. Click Import rule set from Rule Set Library.
    2. Within the Rule Set Library, click Import from file. Browse to the rule set found in the .zip file attached to this article (WebMail_Attachment_Filter.xml). There may be Conflicts with the import. 
    3. Click Auto-Solve Conflicts, then click Solve by referring to existing objects.
    4. Move the rule set to the correct, relative position shown in the image rule_set_prerequisites.jpg (in the .zip file attached to this article).
       
  3. Configure blocked media types.

    Configure the specific media types to be blocked, either as uploaded or downloaded attachments. See the "Lists" section in Chapter 5 of the Web Gateway Product Guide for more information about the list of available media types.
    1. Within the newly added rule set WebMail Attachment Filter, navigate to the sub-rule set WebMail Upload Filter by Media Type
    2. Click Show details, and then click the list element WebMail Attachment Upload BlockList. Configure the list with the media types that should be prevented from being uploaded as attachments.
    3. Navigate to WebMail Attachment FilterWebMail Download Filter by Media Type
    4. Click the list element WebMail Attachment Download Blocklist. Configure the list with the media types that should be prevented from being downloaded as attachments.
 
For McAfee product documents, go to the Enterprise Product Documentation portal at https://docs.mcafee.com.

Attachment

KB75546.zip
16K • < 1 minute @ broadband


Rate this document

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.