Changing replacement messages, 107 changing replacement messages – Fortinet 100A User Manual

Page 107

Advertising
background image

System config

Changing replacement messages

FortiGate-100A Administration Guide

01-28007-0068-20041203

107

Changing replacement messages

Figure 37: Sample HTTP virus replacement message

Replacement messages can be text or HTML messages. You can add HTML code to
HTML messages. In addition, replacement messages can include replacement
message tags. When users receive the replacement message, the replacement
message tag is replaced with content relevant to the message.

Table 20

lists the

replacement message tags that you can add.

Table 20: Replacement message tags

Tag

Description

%%FILE%%

The name of a file that has been removed from a content stream.

This could be a file that contained a virus or was blocked by

antivirus file blocking. %%FILE%% can be used in virus and file block

messages.

%%VIRUS%%

The name of a virus that was found in a file by the antivirus system.

%%VIRUS%% can be used virus messages

%%QUARFILENAME%%

The name of a file that has been removed from a content stream

and added to the quarantine. This could be a file that contained a

virus or was blocked by antivirus file blocking.

%%QUARFILENAME%% can be used in virus and file block messages.

Quarantining is only available on FortiGate units with a local disk.

%%URL%%

The URL of a web page. This can be a web page that is blocked by

web filter content or URL blocking. %%URL%% can also be used in

http virus and file block messages to be the URL of the web page

from which a user attempted to download a file that is blocked.

%%CRITICAL_EVENT%% Added to alert email critical event email messages.

%%CRITICAL_EVENT%% is replaced with the critical event message

that triggered the alert email.

%%PROTOCOL%%

The protocol (http, ftp, pop3, imap, or smtp) in which a virus was

detected. %%PROTOCOL%% is added to alert email virus messages.

%%SOURCE_IP%%

The IP address of the request originator who would have received

the blocked file. For email this is the IP address of the user’s

computer that attempted to download the message from which the

file was removed.

%%DEST_IP%%

The IP address of the request destination from which a virus was

received. For email this is the IP address of the email server that

sent the email containing the virus. For HTTP this is the IP address

of web page that sent the virus.

Advertising
Popular Brands
Popular manuals