Attachments
This allows you to prevent specific files, file extensions and MIME types from being accepted to comply with corporate policies and to act as a first defence for Anti-Virus and Malware as many viruses and malware droppers can be blocked simply by preventing specific file extensions.
The supplied defaults mirror the attachment policy of Google.
Filename Rules
A list of filenames to reject, one per line.
You can use wildcards, * to match any character and ? to match a single character.
Matches are not case sensitive.
If any match is found, the whole message is rejected
Archive Filename Rules
Same as above, but only applies to files found whithin an archive such as ZIP, RAR, etc.
Archive File Extensions
A comma-separated list of file extensions that should be treated as archives and unpacked.
Any archive format that is supported by libarchive can be used here.
Default: .zip, .tar, .tgz, .z, .gz, .rar, .7z
Maximum Archive Depth
Maximum allowed depth of archives. If the depth exceeds this, the message will be rejected.
Default: 5
Note
Encrypted archives that contain encrypted sub-archives cannot be expanded and will cause the message to be rejected.
MIME-Type Rules
List of MIME types to reject, one per line.
Wildcards are allowed, * matches any character, ? matches a single character.
Matches are not case-sensitive.
The content-type headers of the message and any MIME part and attachment are checked against this list.
Default:
- message/partial (because partial messages cannot be virus scanned)
- message/external-body (because external message bodies cannot be virus scanned)
- application/msdownload (typically .exe and .dll files)