Mail Transfer Agent (MTA) protection bypass

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk114664
Technical Level
Severity	Medium
Product	Threat Emulation, Threat Extraction
Version	R77 (EOL), R77.10 (EOL), R77.20, R77.30 (EOL)
OS	Gaia, SecurePlatform 2.6
Platform / Model	All
Date Created	29-Nov-2016
Last Modified	19-Nov-2020

Symptoms

Malware manages to evade Threat Emulation mail protection.

Cause

An evasion was identified that may bypass MTA (Mail Transfer Agent).

Solution

This problem was fixed. The fix is included in:

Check Point R80.10
Jumbo Hotfix Accumulator for R77.30 - since Take_189

For other supported versions, Check Point Support can supply a Hotfix.
A Support Engineer will make sure the Hotfix is compatible with your environment before providing the Hotfix.
For faster resolution and verification, please collect CPinfo files from the Security Management Server and Security Gateways involved in the case.

Notes:

Hotfix has to be installed only on Security Gateway configured as Mail Transfer Agent (MTA).
Depending on the currently installed hotfixes, it might take some time to prepare the hotfix for your specific environment.
Details about this evasion were not provided to protect the customers, who did not install this hotfix yet.

Applies To:

02378836 , 02380610 , 02407967 , 02409631 , 02406687

Give us Feedback

Please rate this document

[1=Worst,5=Best]

Comment
	Submitting rating