Detecting Malformed Data

The Clearswift Gateway can detect Malformed Data. Malformed data is any information that cannot be read or correctly processed. It can often go unnoticed in message attachments and might contain a hidden threat to your organization.

The Detect Malformed Data content rule enables you to handle messages that include malformed data. For example, you might want to hold any messages containing a PDF attachment identified as containing malformed data. This enables you to review those messages and then release or reject them at a later time.

The Detect Malformed Data content rule operates on selected Media Types. You can exclude or include certain types (such as PDF) using a combination of Detect Malformed Data content rules.

A Detect Malformed Data content rule is included by default in the starter policy.

Show me...

How to hold PDFs containing malformed data in a separate message area
Example: you want to hold messages with malformed PDF attachments. You also want to detect and hold malformed data contained in any other media type.
1. Create a new message area - Failed PDFs for example.
2. Create a Detect Malformed Data content rule. You might to want to rename it, for example: Hold Malformed PDFs.
3. In the What to Look For? section, use the Which Media Types area to select:
  
  Include selected media types
  
  PDF
4. Apply the appropriate What to Do? action. For example, Hold in Failed PDFs message area. This will hold malformed PDFs in the message area created in Step 1.
5. Add the new content rule to your policy route.
  
  You must ensure that this content rule is immediately followed by the default Detect Malformed Data content rule which is configured to hold all media types.
6. Apply the configuration.