FILE_DATA_PORTS variable into your snort.conf file.We are increasingly using this variable across multiple categories to be able to more thoroughly cover file based attack vectors, and will continue to use it, so make sure you are using the snort.conf provided by the VRT here:
https://www.snort.org/configurations
Which includes the
FILE_DATA_PORTS variable: # List of file data ports for file inspection
portvar FILE_DATA_PORTS [$HTTP_PORTS,110,143]