MM1 and MM7 client comforting steps

Since MM1 and MM7 messages use HTTP, MM1 and MM7 client comforting operates like HTTP client comforting.

The following steps show how client comforting works for a download of a 1 Mbyte file with the client comforting interval set to 20 seconds and the client comforting amount set to 512 bytes.

1. The client requests the file.
2. The Carrier-enabled FortiGate unit buffers the file from the server. The connection is slow, so after 20 seconds about one half of the file has been buffered.
3. The Carrier-enabled FortiGate unit continues buffering the file from the server, and also sends 512 bytes to the client.
4. After 20 more seconds, the FortiGate unit sends the next 512 bytes of the buffered file to the client.
5. When the file has been completely buffered, the client has received the following amount of data: ca * (T/ci) bytes == 512 * (40/20) == 512 * 2 == 1024 bytes,

where ca is the client comforting amount, T is the buffering time and ci is the client comforting interval.

6. If the file does not contain a virus, the Carrier-enabled FortiGate unit sends the rest of the file to the client. If the file is infected, the FortiGate closes the data connection but cannot send a message to the client.

Server comforting

Server comforting can be selected for each protocol.

Similar to client comforting, you can use server comforting to prevent server connection timeouts that can occur while waiting for FortiOS Carrier to buffer and scan large POST requests from slow clients.

The Interval is the time in seconds before client and server comforting starts after the download has begun, and the time between sending subsequent data.

The Amount is the number of bytes sent by client or server comforting at each interval.

Handling oversized MMS messages

Select Block or Pass for files and email messages exceeding configured thresholds for each protocol.

The oversize threshold refers to the final size of the message, including attachments, after encoding by the client. Clients can use a variety of encoding types; some result in larger file sizes than the original attachment. As a result, a file may be blocked or logged as oversized even if the attachment is several megabytes smaller than the oversize threshold.

MM1 sample messages

Internet Protocol, Src Addr: 10.128.206.202 (10.128.206.202), Dst Addr: 10.129.192.190 (10.129.192.190)

Transmission Control Protocol, Src Port: 34322 (34322), Dst Port: http (80), Seq: 1, Ack: 1, Len: 1380

Source port: 34322 (34322)

Destination port: http (80)

Header length: 20 bytes

Flags: 0x0010 (ACK)

Window size: 24840

Checksum: 0x63c1 (correct)