system replacemsg utm
When data leaks or viruses are detected, these messages are substituted for the blocked item.
config system replacemsg utm edit {msg-type} # Replacement messages. set msg-type {string} Message type. size[28] set buffer {string} Message string. size[32768] set header {none | http | 8bit} Header flag. none No header type. http HTTP 8bit 8 bit. set format {none | text | html | wml} Format flag. none No format type. text Text format. html HTML format. wml WML format next end
Additional information
The following section is for those options that require additional explanation.
buffer <message>
Type a new replacement message to replace the current replacement message. Maximum length 32,768 characters.
utm message types
dlp-text
An email message is blocked because it appears to contain a data leak.
dlp-html
An HTTP transfer is blocked because it appears to contain a data leak.
virus-html
A virus was detected in a file being downloaded using an HTTP GET.
virus-text
A virus was detected in a file attachment. The file was removed.
Replacement message tags
Replacement messages can include replacement message tags. When users receive the replacement message, the replacement message tag is replaced with content relevant to the message.
%%FILE%%
The name of a file that has been removed from a content stream. This could be a file that contained a virus or was blocked by antivirus file blocking. %%FILE%% can be used in virus and file block messages.
%%VIRUS%%
The name of a virus that was found in a file by the antivirus system. %%VIRUS%% can be used in virus messages.
%%QUARFILENAME%%
The name of a file that has been removed from a content stream and added to the quarantine. This could be a file that contained a virus or was blocked by antivirus file blocking. %%QUARFILENAME%% can be used in virus and file block messages.
%%PROTOCOL%%
The protocol (HTTP, FTP, POP3, IMAP, SMTP) in which a virus was detected. %%PROTOCOL%% is added to alert email virus messages.