F-Secure Internet Gatekeeper for Linux/Administrator’s Guide
164
11.14
Detection Names
If F-Secure Internet Gatekeeper for Linux detects a virus, the virus name is recorded in a log. Detailed
information on viruses can be found on the following web page:
http://www.f-secure.com/v-descs/
If you specify certain conditions, the product can detect other information besides viruses. These
detection names begin with
"FSIGK/"
and they are listed below:
FSIGK/POLICY_FORMAT_MIME_BOUNDARY
Invalid character in the boundary section of the mail header
(Invalid character: '"', codes below 0x1f, codes above 0x7f)
FSIGK/POLICY_FORMAT_MIME_FILENAME
Invalid character in the file name section of the mail header
(Invalid character: Codes below 0x1f (not including 0x1b))
FSIGK/POLICY_BLOCK_ENCRYPTED
Encrypted file (if encrypted files are denied)
FSIGK/POLICY_BLOCK_SCRIPT
HTML file including scripts (if scripts are denied)
FSIGK/POLICY_BLOCK_ACTIVEX
HTML file including ActiveX (if ActiveX is denied)
FSIGK/POLICY_BLOCK_PARTIAL_MESSAGE
Partial message (if partial messages are denied)
FSIGK/POLICY_BLOCK_MAXNESTED
Archive file that contains more than the allowed nest levels
(if the maximum nest level of archive files is denied in block_maxnested=yes)
FSIGK/POLICY_BLOCK_SCANTIMEOUT
Scan times out
(if scans are denied if they reach the maximum allowed time which is set in
block_scantimeout=yes)
FSIGK/POLICY_BLOCK_MESSAGESIZE
Mail size is greater than the maximum size allowed
(if the mail size is set or if a mail is greater than 2 GB (block_messagesize_len=xxx))
FSIGK/POLICY_BLOCK_FILESIZE
File size is greater than the maximum size allowed
(If the file size limit is set in block_filesize=yes)
FSIGK/SPAM_LIST/CUSTOM/(Condition number)/(Header field name)
Spam detected by a specific condition.
The condition number indicates the number of lines detected in the database file.