File Type (Mismatch and Filtration)

Overwrite group mismatch

  • Specifies file types that should be added to file type groups for file type matching purposes.

  • Available file type groups:

“E” – Executable (EXE, DLL, …)
“D” – Document (MS Office Word document, MS Office Excel sheet)
“A” – Archive (Zip, Rar, Tar, …)
“G” – Graphical format (Jpeg, GIF, TIFF, BMP, …)
“F” – Folder
“Y” – Logical drive
“I” – Disk image
“T” – Text
“P” – PDF format
“M” – Audio or video format
“Z” – Mail messages (MSG, …)
“O” – Other (anything that is not recognized as one of the above)
Note: An ISO is treated as an archive file type (type “A”) and not as a disk image (type “I”).
  • Format for a overwriteGroupMismatch value is:

    • X:EXT1\EXT2\EXT3|Y:EXT

  • Example

    • E:OCX\SCR => Files with the extensions OCX and SCR will be added to the group “E” (Executables). When a file with one of these extensions is detected as an executable, it will not be reported as a mismatch.

Overwrite mismatch

  • Specifies file types where a file type mismatch should be ignored.

  • The format for a overwriteMismatch value is:

    • EXT_A:EXT_A1\EXT_A2\EXT_A3|EXT_B:EXT_B1

    • * means that this file type will never be reported as a mismatch.

  • Example:

    • DOCX:DOC\ZIP|XXX:* => Files with the extension DOCX will not be reported as a file type mismatch if MD4M detects that this is a DOC or ZIP file. Files with the extension XXX will never be reported as a file type mismatch.

Block file type filtration

Files that are blocked are indicatied. Through workflows these blocked files can then be moved, copied, deleted, etc..

Block file type mismatch

After File Type Analysis completes, if it is determined that the file's extension does not match the true file type, Metadefender blocks this file.

Verify mismatch for groups

  • Specifies which files will be checked for a mismatch according to the group they belong to.

  • Format for a verifyMismatchForGroups value is:

    • X|Y|Z

  • Default Value is *, which means check for a mismatch for all supported groups
    Note: current supported groups are:

    • D

    • P

    • A

    • E

    • G

    • pdf/ai

    • xls/xla

    • jpg/jpeg

  • Example:

    • E|D|A => Check for mismatches only for files that were detected as executables (“E”), documents (“D”) or archives (“A”).