Generally, files attached to emails should be avoided for several reasons:
- Emails get heavier and some systems have size limitations
- You lose access to what is attached (with some exceptions, of course)
- Some systems might block specific extensions, and this is exactly what I am talking about
But, since we cannot prevent people from sending us emails with files attached, let’s at least block some file attachments that, if opened without a minimum check, and if sent by a malicious party, it could bring some devastating consequences in our infrastructure.
So here is the list:
ade adp app asp aspx asx bas bat cer chm cmd cnt com cpl crt csh der diagcab exe fxp gadget grp hlp hpj hta htc inf ins isp its jar jnlp js jse ksh lnk mad maf mag mam maq mar mas mat mau mav maw mcf mda mdb mde mdt mdw mdz msc msh msh1 msh2 mshxml msh1xml msh2xml msi msp mst msu ops osd pcd pif pl plg prf prg printerexport ps1 ps1xml ps2 ps2xml psc1 psc2 psd1 psdm1 pst py pyc pyo pyw pyz pyzw reg scf scr sct shb shs theme tmp url vb vbe vbp vbs vhd vhdx vsmacros vsw webpnp website ws wsc wsf wsh xbap xll xnk appinstaller application appx appxbundle diagcab diagpkg diagcfg fluid fxb glb gltf library-ms loop msix partial perfmoncfg pko ply ppkg qds rat resmoncfg search-ms searchConnector-ms settingcontent-ms stl symlink theme themepack UDL url wab wbcat wcx website whiteboard xbap
You will find the CSV file here below
Feel free to share the ones you think are missing. I mainly used the ones recommended by Microsoft and some others I added.
P.S.: yes, I know it has been more than a year since my last post. Hopefully, you will not have to wait for another year to get another one 🙂