Adding file signatures
If you already have the SHA-1 (Secure Hash Algorithm 1) hash values of some known virus-infected files, you can add these values as file signatures and then, in the antivirus profile, enable the actions against these files. See
“Configuring antivirus profiles and antivirus action profiles”.
You can manually add the SHA-1 checksums one by one. You can also import such a checksum list in csv or txt format. The signatures can be exported as a csv file.
Because not all attachment files are virus carriers, FortiMail file signature check only supports the following file types: .7z, .bat, .cab, .dll, .doc, .docm, .dotm, exe, .gz, .hta, .inf, .jar, .js, .jse, .msi, .msp, pdf, .pif, .potm, .ppam, .ppsm, .ppt, .pptm, .pptx, .reg, .scr, .sldm, .swf, .tar, .vbe, .ws, .wsc, .wsf, .wsh, .xlam, .xls, .xlsm, .xlsx, .xltm, .Z, and .zip files.
To add a new file signature
1. Go to AntiVirus > File Signature and click New.
2. Enter the file’s SHA-1 hash value in the Value box.
3. Optionally enter a comment.
4. Click Create.
To import a signature list in cvs format
1. Go to AntiVirus > File Signature and click Import.
2. Browse to the cvs file and click OK. The cvs file must contain the hash values, type (SHA1), and comments.
To export the file signatures
1. Go to AntiVirus > File Signature and click Emport.
2. Click Save File to save the file in cvs format to your local machine.The default file name is fileSignature.csv.