topic Re: Can I block malicious files sent via email ? in General Topics https://live.paloaltonetworks.com/t5/general-topics/can-i-block-malicious-files-sent-via-email/m-p/173742#M54653 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/71563">@Psrivastava</a>,</P><P>Look at the WildFire verdict actions, specifically on SMTP. If you are using webmail then no, but if you see the actual SMTP traffic then maybe.&nbsp;</P><P>The one thing to keep in mind here is that the attachments are usually randomized and therefore get sent to WildFire to recieve a verdict, and in that time it will be delievered so in&nbsp;<EM>most</EM> cases you won't have a chance to stop the message until it's already been delivered. You also have to ask yourself if you really want to risk false positives getting blocked by WildFire and your firewall, as there is no way to recover the message at that point, where on a mail filtering device you would have the abiliity to manually deliver said message.&nbsp;</P> Tue, 29 Aug 2017 21:11:31 GMT BPry 2017-08-29T21:11:31Z Can I block malicious files sent via email ? https://live.paloaltonetworks.com/t5/general-topics/can-i-block-malicious-files-sent-via-email/m-p/173733#M54652 <P>If my organization users send or receive emails (internal or external) with malicious file attachments , will I be able to block such emails using PAN firewall file blocking features &nbsp;? I think Microsoft O365 already creates an encrypted channel so the email attachments or contents&nbsp;&nbsp;are protected until the files are manually downloaded by user.</P><P>Will SSL decryption helps in this scenario ?&nbsp;</P> Tue, 29 Aug 2017 20:56:46 GMT https://live.paloaltonetworks.com/t5/general-topics/can-i-block-malicious-files-sent-via-email/m-p/173733#M54652 Psrivastava 2017-08-29T20:56:46Z Re: Can I block malicious files sent via email ? https://live.paloaltonetworks.com/t5/general-topics/can-i-block-malicious-files-sent-via-email/m-p/173742#M54653 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/71563">@Psrivastava</a>,</P><P>Look at the WildFire verdict actions, specifically on SMTP. If you are using webmail then no, but if you see the actual SMTP traffic then maybe.&nbsp;</P><P>The one thing to keep in mind here is that the attachments are usually randomized and therefore get sent to WildFire to recieve a verdict, and in that time it will be delievered so in&nbsp;<EM>most</EM> cases you won't have a chance to stop the message until it's already been delivered. You also have to ask yourself if you really want to risk false positives getting blocked by WildFire and your firewall, as there is no way to recover the message at that point, where on a mail filtering device you would have the abiliity to manually deliver said message.&nbsp;</P> Tue, 29 Aug 2017 21:11:31 GMT https://live.paloaltonetworks.com/t5/general-topics/can-i-block-malicious-files-sent-via-email/m-p/173742#M54653 BPry 2017-08-29T21:11:31Z