Issue
When the SMTP or POP3 proxy detects the content of some Microsoft Office documents, the content type is sometimes mistakenly identified as being “application/CDFV2-corrupt” and the document is blocked by the Firebox.
Note: Attempts to AV Scan encrypted files such as password-protected Office documents will always fail.
If your default action for content type is to AV scan, the default proxy configuration will lock these files.
This issue applies to any password-protected Microsoft Office document, and Office 2003 documents, whether they are password-protected or not.
Workaround/Solution
To allow these files, follow these steps to edit the POP3 or SMTP Proxy Action:
From the Fireware Web UI, select Firewall > Firewall Policies.Click the Lock icon at the top of the page to allow configuration changes. Select the Policy name for the POP3 or SMTP proxy policy.Select the Proxy Action tab. If (predefined) appears to the right of the Proxy Action drop-down list, select Clone the current proxy action from the drop-down list to create a new Proxy Action that you can edit.In the Proxy Action, select Attachments > Content Types.Click Add.In the Rule name text box, type or paste application/CDFV2-corrupt.Make sure the Match type drop-down selection is set to Pattern Match.In the Value text box, type application/CDFV2-corrupt.From the Action drop-down list, select Allow.Click OK to add the new content type rule to the list, and click Save to confirm the change to your proxy policy configuration.
