Created on 11-23-2004 12:00 AM Edited on 06-10-2022 04:26 AM By Anthony_E
Article
Description | This article describes that files with attachments smaller than the oversize file limit are getting blocked or logged as oversized by the FortiGate. |
Components | FortiGate Antivirus, FortiOS v2.80. |
Explanation |
For email scanning, the oversize threshold (or the memfilesizelimit in the CLI) refers to the final size of the email after encoding by the email client, including attachments.
Email clients may use a variety of encoding types and some encodings translate into larger file sizes than the original attachment. The most common encoding, base64, translates 3 bytes of binary data into 4 bytes of base64 data. So a file may be blocked or logged as oversized even if the attachment is several megabytes less than the oversize threshold (memfilesizelimit). |
Configuration |
Web-based manager.
Go to Antivirus -> Config -> Config to set the oversize threshold.
Go to Firewall -> Protection Profile and edit or create a new profile.
Configure whether to pass or block oversize files in the Antivirus settings.
CLI.
Use the config antivirus service http, service ftp, service imap, service pop3, and service smtp commands to set the memfilesizelimit keyword.
Use the config firewall profile http, ftp, imap, pop3, and smtp commands to configure whether to block or pass oversize files for each protocol. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.