Our company has been a target from a few spam campaigns where all emails would manage to get through Brightmail.
All emails had similar-yet-different attachments.
Analisys showed that we could easilly and safelly have blocked those campaigns by building a Content filter policy based on the FILENAME of the attachment using a REGULAR EXPRESSION.
But from what already exists as options, we can only check for regular expressions in the email subject, body and INSIDE the attachment. No means to check the filename.
Exemple :
For email chains with attachments named "invoice_#######.doc". Where all #'s are numbers. 7 of them. Having the possibility to check for regex in the filnename would greatly benefit for us.
Thanks.