Arabic  Chinese (simplified)  Chinese (traditional)  French  German  Italian  Japanese  Korean  Portuguese  Russian  Spanish 

Dealing with file attachments

From ASSPSMTP

(Redirected from Dealing with attachments)
Jump to: navigation, search

One of the best ways of protecting against virus infection is to block particular email attachment types from reaching the computer; thus preventing it from ever having the chance to be executed. While blocking file attachments alone is not going to be complete protection from viruses or exploits, it is an important layer of protection for minimizing the likelihood of exposure. It is well known that a vast majority of virus outbreaks and Trojan-horse exploits are due to end-users inadvertently opening infected email attachments.

On This Page


Methodologies

Executable email attachments are an equal threat to both home and business users. Each with the potential to effect data loss, security breaches, stolen identities, and leaving in their wake computer systems that can no longer be considered trusted. It can be of significant benefit to block these types of attachment attachments from being passed through e-mail gateways and to never to reach the unsuspecting end-user.

A better approach to dealing with a threat is not to block based on an administratively-maintained list, but to allow based on list of criteria that will inherently be shorter, easier to maintain, as well as faster to process. This methodology takes us full-circle to one of the basic principle lessons of Security 101, "deny all except those permitted explicitly".

The deny all principle is the cornerstone of many security implementations; extending from border router access control lists, firewall security policies, and the file systems of servers and desktop computers. This principle rightfully extends to anti-spam, anti-virus, and anti-malware methodologies as well.

Most all popular applications have been known to be subject to buffer overflow vulnerabilities in the past. Therefore it is important to stay informed about security vulnerabilities and keep up-to-date with system and application updates - especially those pertaining to security issues.

Each file extension listed is accompanied by a description of what that file-type represents, and is hyper-linked to the FileInfo.net - the definitive file extensions resource, which is a source of addition detail about the file-type and the programs that use them.

Dangerous Attachments

The following file-types in this extension list are strongly recommended for blocking. They all have a particular danger of executing or injecting malicious code on a system.

  1. .ADE  - Microsoft Access Data Project Extension file
  2. .ADP  - Microsoft Access Data Project file
  3. .ASF  - Microsoft Advanced Streaming Format file
  4. .ASX  - Microsoft Windows Media Active Stream Redirector file
  5. .BAS  - BASIC Language Source file
  6. .BAT  - Microsoft DOS Batch Processing file
  7. .BIN  - Binary file
  8. .CHM  - Microsoft Compiled HTML Help file
  9. .CMD  - Microsoft Windows NT Command Script file
  10. .COM  - Microsoft DOS Command Application file
  11. .CPL  - Microsoft Windows Control Panel Extension file
  12. .CRT  - Security Certificate file
  13. .CSH  - C Shell Script file
  14. .DBX  - Microsoft Outlook Express E-mail Folder file
  15. .DLL  - Dynamic Link Library file
  16. .DOCM - Microsoft Word Document file, macro-enabled Open XML format
  17. .DOTM - Microsoft Word Template file, macro-enabled Open XML format
  18. .EXE  - Executable Application file
  19. .FDF  - Adobe Forms Data Format file (Adobe Acrobat exported form - likely spam)
  20. .FXP  - Microsoft Visual FoxPro Compiled Program file
  21. .HIV  - Microsoft Windows Registry Hive file
  22. .HLP  - Microsoft Windows Help file
  23. .HTA  - Hypertext Markup Language Application file
  24. .HTB  - HTTP Browser Database file
  25. .HTM  - Hypertext Markup Language file
  26. .HTML - Hypertext Markup Language file
  27. .INF  - Information Setup file
  28. .INS  - Microsoft Internet Communication Settings file
  29. .ISP  - Microsoft Internet Service Provider Settings file
  30. .JS   - JavaScript / JScript Script file
  31. .JSE  - JScript Encoded Script file
  32. .KSH  - Korn Shell Script file
  33. .LNK  - Microsoft Windows Shortcut Link file
  34. .MDA  - Microsoft Access Add-in file
  35. .MDB  - Microsoft Access Database file
  36. .MDE  - Microsoft Access Encoded Database file
  37. .MDT  - Microsoft Access Database Template file
  38. .MDW  - Microsoft Access Database Wokgroup file
  39. .MDZ  - Microsoft Access Wizard Template file
  40. .MHT  - Multipurpose Internet Mail Extension HTML file
  41. .MSC  - Microsoft Management Console Snap-in Control file
  42. .MSH  - Microsoft Shell Script file
  43. .MSI  - Microsoft Windows Installer Package file
  44. .MSP  - Microsoft Windows Installer Patch file
  45. .MST  - Microsoft Test file
  46. .NCH  - Microsoft Outlook Express Folder file
  47. .OBJ  - Microsoft Object Code file
  48. .OCX  - Microsoft ActiveX Control file
  49. .OFT  - Microsoft Outlook Item Template file
  50. .OPS  - Microsoft Office Profile Settings file
  51. .OVL  - Overlay file
  52. .PCD  - Photo CD Image file
  53. .PIF  - Program Information File
  54. .PL   - Perl Program file
  55. .POTM - Microsoft PowerPoint Template file, macro-enabled Open XML format
  56. .PPA  - Microsoft PowerPoint Add-in file
  57. .PPAM - Microsoft PowerPoint Add-in file, macro-enabled Open XML format
  58. .PPSM - Microsoft PowerPoint Slideshow file, macro-enabled Open XML format
  59. .PPTM - Microsoft PowerPoint Presentation file, macro-enabled Open XML format
  60. .PRF  - Microsoft Outlook Profile Settings file
  61. .PS1  - Microsoft PowerShell Script file
  62. .REG  - Registry Data file
  63. .SCF  - Microsoft Windows Explorer Shell Command File file
  64. .SCR  - Screen Saver file
  65. .SCT  - Windows Script Component file
  66. .SH   - Shell Script file
  67. .SHB  - Shell Shortcut Back Into A Document file
  68. .SHS  - Shell Scrap object file
  69. .SYS  - System file
  70. .URL  - Uniform Resource Locator file
  71. .VB   - Microsoft Visual Basic file
  72. .VBE  - Microsoft VBScript Encoded Script file
  73. .VBS  - Microsoft VBScript Script file
  74. .VSS  - Microsoft Visio Stencil file
  75. .VST  - Microsoft Visio Template file
  76. .VXD  - Virtual Device Driver file
  77. .WMD  - Microsoft Windows Media Download file
  78. .WMS  - Microsoft Windows Media Skin file
  79. .WMV  - Microsoft Windows Media Video file
  80. .WMZ  - Microsoft Windows Media Compressed Skin file
  81. .WSC  - Microsoft Windows Script Component file
  82. .WSF  - Microsoft Windows Script file
  83. .WSH  - Microsoft Windows Script Host Settings file
  84. .XLA  - Microsoft Excel Add-in
  85. .XLAM - Microsoft Excel Add-in, macro-enabled Open XML format
  86. .XLSM - Microsoft Excel Spreadsheet/Workbook file, macro-enabled Open XML format
  87. .XLTM - Microsoft Excel Template file, macro-enabled Open XML format template

Regular Expression 

ad[ep]|as[fx]|ba[st]|bin|chm|cmd|com|cpl|crt|csh|dbx|dll|docm|dotm|dotx|exe|fdf|fxp|hiv|hlp|ht[abm]|html|in[fs]|isp|js|jse|ksh|lnk|md[abetwz]|mht|ms[chipt]|nch|obj|ocx|oft|ops|ovl|pcd|pif|pl|potm|ppa|ppam|ppsm|pptm|prf|ps1|reg|sc[frt]|sh|sh[bs]|sys|url|vb|vb[es]|vs[st]|vxd|wm[dsvz]|ws[cfh]|xla|xlam|xlsm|xltm

Common Attachments

The following file-types in this extension list are commonly sent attachments that are generally considered safe. They should not pose a particular threat, as they are typically benign or are unable to execute code on systems running reasonably current versions of operating systems or applications required to read or open the files.

  1. .AI   - Adobe Illustrator Vector Graphic file (Adobe Creative Suite)
  2. .ASC  - ASCII Text file (used for PGP signatures)
  3. .BHX  - BinHex Compressed Archive file
  4. .BMP  - Bitmap Picture file
  5. .CSV  - Comma Separated Values file
  6. .DAT  - Data file (used by Microsoft Office Outlook e-mail with RTF and TNEF encapsulation)
  7. .DOC  - Microsoft Word Document file (Microsoft Office)
  8. .DOCX - Microsoft Word Document file, Open XML format (Microsoft Office)
  9. .DOTX - Microsoft Word Template file, Open XML format (Microsoft Office)
  10. .EMF  - Enhanced Windows Metafile file
  11. .EML  - E-mail Message file (used with TNEF encapsulation)
  12. .EMZ  - Enhanced Windows Metafile file, GZIP compressed
  13. .EPS  - Encapsulated PostScript file
  14. .GIF  - Graphic Interchange Format file
  15. .HQX  - Macintosh BinHex Compressed Archive file
  16. .ICS  - iCalendar Calendar Data file (calendar items for Mac, Office, Palm apps)
  17. .INDD - Adobe InDesign Document file (Adobe Creative Suite)
  18. .INDT - Adobe InDesign Template file (Adobe Creative Suite)
  19. .JPEG - Joint Photographic Experts Group Image file
  20. .JPG  - Joint Photographic Experts Group Image file
  21. .P7S  - PKCS #7 Signature (used for S/MIME signatures)
  22. .PDF  - Adobe Portable Document Format file (Adobe Creative Suite)
  23. .PM6  - Adobe PageMaker (version 6) Document file
  24. .PMT  - Adobe PageMaker Template file
  25. .POTX - Microsoft PowerPoint Template file, Open XML format (Microsoft Office)
  26. .PPT  - Microsoft PowerPoint Presentation file (Microsoft Office)
  27. .PPTX - Microsoft PowerPoint Presentation file, Open XML format (Microsoft Office)
  28. .PSD  - Adobe Photoshop Document file (Adobe Creative Suite)
  29. .PUB  - Microsoft Publisher Document file (Microsoft Office)
  30. .RAR  - RAR Compressed Archive file
  31. .RPT  - Report file (Crystal Reports)
  32. .RTF  - Rich Text Format file
  33. .SIT  - StuffIt Compressed Archive file
  34. .SITX  - StuffIt X Compressed Archive file
  35. .SNP  - Microsoft Access Report Snapshot file (Microsoft Office)
  36. .TIF  - Tagged Image Format file
  37. .TIFF - Tagged Image Format file
  38. .TXT  - Text file
  39. .VCF  - vCard Contact Data file (contact items for Mac, Office, Palm apps)
  40. .VCS  - vCalendar Calendar Data file (calendar items for Mac, Office, Palm apps)
  41. .VSD  - Microsoft Visio Document file (Microsoft Office)
  42. .WPD  - Corel WordPerfect Document file (Corel WordPerfect Office)
  43. .XLS  - Microsoft Excel Spreadsheet/Workbook file (Microsoft Office)
  44. .XLSB - Microsoft Excel Spreadsheet/Workbook file, Binary format (Microsoft Office)
  45. .XLSX - Microsoft Excel Spreadsheet/Workbook file, Open XML format (Microsoft Office)
  46. .XLTX - Microsoft Excel Template file, Open XML format (Microsoft Office)
  47. .XPS  - XML Paper Specification file
  48. .ZIP  - ZIP Compressed Archive file

Regular Expression 

ai|asc|bhx|bmp|csv|dat|doc|docx|em[flz]|eps|gif|hqx|ics|ind[dt]|jpeg|jpg|p7s|pdf|pm[6t]|potx|ppt|pptx|psd|pub|rar|rpt|rtf|sit|sitx|snp|tif|tiff|txt|vc[fs]|vsd|wpd|xls|xls[bx]|xltx|xps|zip
Retrieved from "http://www.asspsmtp.org/wiki/Dealing_with_file_attachments"
These icons link to social bookmarking sites where readers can share and discover new web pages. Blinklist  del.icio.us  digg  Furl  Google  ma.gnolia  Reddit  Slashdot  Spurl  YahooMyWeb 
Personal tools