UACES Facebook Office 365 Email - Transport Rules

UAEX Email Transport Rules (Block File Attachments & File Types)

As a result of increased risks of viruses through email attachments, we have created several transport rules to protect users from malicious attachments. These malicious attachments can be used to run a program that could potentially install viruses or seriously damage your computer. Spammers and hackers often send emails with these types attachments trying to get users to open it. Once it is opened, the computer is infected. The following sections explain the different rules and what you can expect with these rules. For a complete list of blocked file attachments and information about them, click here.

Rule #1 – Block Macro Enabled Attachments

This rule will block emails with a macro enabled file attachment that matches any of the following extensions:

List of Macro Enabled File Extensions

If an email with this type of file attachment is blocked, the recipient is notified (example below) and the message is sent to the admin quarantine. Follow the instructions in the notification to request the email be released.

Exceptions to this rule:

  1. Will not block any of these types of emails from being sent to an external email account.
  2. Will not block any of these types of emails from being sent between Division employees.
  3. Will not block any of these types of emails from being received from a “trusted” outside sender.
    Note: you can request an outside sender be added to the trusted list.

Example Notification for Blocked File Attachments

Rule #2 – Block Executable Content

This rule will block emails containing attachments with executable content. This will include files with the following extensions:

List of blocked executable content file extensions

If an email with this type of file attachment is blocked, the recipient is notified (example below) and the message is sent to the admin quarantine. Follow the instructions in the notification to request the email be released.

Exceptions to this rule:  There are no exceptions to this rule.

Example Notification for Blocked File Attachments

Rule #3 – Block Dangerous File Extensions

This rule will block emails with file attachments that match any of the following extensions:

List of blocked dangerous file extensions

If an email with this type of file attachment is blocked, the “sender” is notified (example below) and the message is deleted. The recipient is not notified and there is no way the email can be retrieved.

Exceptions to this rule:  There are no exceptions to this rule.

Example Notification for Blocked File Attachments

Rule #4 – Warning for Risky Attachments

This rule will append a disclaimer (example below) to emails containing attachments that match any of the following extensions:

List of blocked risky file extensions

Exceptions to this rule:

  1. If the sender is “Inside the Organization”, the disclaimer will not be appended.

Example Disclaimer

Renaming The File Extension (Type) No Longer Bypasses Filters

The new transport rule filters are able to determine the real file type of an attachment without relying on its extension name (.zip, .exe, etc.). Previously, if you needed to send or receive a file type that was normally blocked, you could rename the file extension in order to "bypass" the transport rules. Thus you could rename the file "something.exe" to "something.txt" and send the file through. You would then inform your recipient to rename the file to " something.exe" before they tried to open it. This method will no longer work.

For a complete list of blocked file attachments and information about them, click here.