Question : watchguard firewall rejects some pdf attachments, but not others

I have a Watchguard Firewall with an SMTP proxy. We get pdf files through all the time, but, the other day, it stripped a pdf attachment with the message:
===================================================
"
The WatchGuard Firebox that protects your network has detected a message that may not be safe.

Cause : The message content may not be safe.
Content type : file/pdf
File name    : wyndham_cnf_cxl_plc1169065.pdf
Virus status : No information.
Action       : The Firebox deleted wyndham_cnf_cxl_plc1169065.pdf.

Your network administrator can not restore this attachment.
=====================================================

I am curious, is the sender encoding the MIME type wrong? Should it be application/pdf rather than file/pdf. I know how to go in and edit the MIME types allowed and the actions (strip, allow, etc)--not asking how to allow this type. I would like to know, on a more conceptual level, why would this sender's pdf get rejected when pdf comes through all the time? Ideas? I feel like I don't understand MIME mappings as I've never heard of file/pdf and I had this set to allow application/pdf.

Answer : watchguard firewall rejects some pdf attachments, but not others

There are two things which I can think of:
1. The email client/server which sends the email encodes the PDF file as a MIME type; now for some reason when they are sending this particular file they are associating MIME as file/pdf rather than application/pdf. And as WG SMTP proxy is only configured to allow application/pdf it raised an alarm.

2. Other than sender, there is a piece of code [read SMTP proxy] which understands the incoming data and then decides what MIME type it is; for some reason [uknown to me, might be a code bug] WG SMTP proxy understands that the incoming attachment is file/pdf rather than application/pdf.

Thank you.
Random Solutions  
 
programming4us programming4us