New Email Attachment Filters and Best Practices [Updated]

Always Remember

If you were not expecting the email or don’t know what the attachment is, DO NOT open it!

Email can be an vector for attack and a point of vulnerability in any organization, primarily due to the volume of communication we receive through this medium daily. Digital Services has taken several steps to help mitigate this security risk.

Blocked Attachments

Normal attachments such as PDFs, text files, MS Word files, etc. are still allowed normally. Certain attachments are automatically removed because they may contain malicious code that could compromise our systems. This list is a combination of recommended file types from several sources, and may be adjusted as necessary.

Currently blocked attachment types include:

.386, .ad, .ade, .adp, .asp, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .exe, .hlp, .hta, .inf,
.ins, .isp, .js, .jse, .msc, .msi, .msp, .mst, .pcd, .pif, .reg, .scr, .sct, .shb, .shs, .vb,
.vbe, .vbs, .vss, .vst, .vsw, .ws, .wsc, .wsf, and .wsh

Zip files are allowed, as long as they are not password protected. Password protected zip files cannot be scanned by our antivirus systems, so they will be blocked.

Content Filter

We have numerous security rules in place to diminish the amount of spam we receive. Recently, we have added one that will eliminate these possibly malicious attachments from entering our environment. If you receive an email that looks normal, but has a strange attachment, you may wonder what is happening.

For example:

Example: This email looks innocuous, but for the strange attachment. The attachment actually contains only text

Click to view larger version

This message contains a “replacement attachment” from the spam filter. It indicates that a file was removed from the message by the spam filter because of a content rule. A copy of this email will also be sent to our abuse email account for further investigation. This email lets us know an attachment was removed, and lists the file names of the attachment.

The attachment itself is irrevocably deleted–we cannot recover the attachment for you.

If you receive these notices and were not expecting any files from a trusted source, simply disregard and delete the email. No further intervention is required on your part. If you were expecting the email and attachment, please contact Digital Services for assistance.

Comments are closed.