Block e-mail file attachments

To help prevent social engineering threats from getting through to your end users, contributor Tony Bradley explains how you should filter or restrict e-mail file attachments.

The following tip is one of six steps to help you protect Windows systems from bi-modal attacks. Click to return...

to the main page.

Malware is commonly spread through an infected e-mail file attachment. A user is duped into executing the file attachment, infecting his system and unleashing the threat on the internal network.

To minimize such social engineering threats, you can filter or restrict e-mail file attachments. Some e-mail clients, including the current versions of Microsoft's Outlook and Outlook Express, are preconfigured to deny known executable file types. At the very least, readily executable file types such as EXE, COM, PIF, BAT and others should be blocked at the mail gateways so they never get to the client machine. Many companies have created policies to only allow ZIP file attachments. This is slightly more secure, but viruses can still spread through these file attachments.

More information:

  • Tip: Keep attackers from phishing in your waters
  • Hardening Windows School: Mandate server message block (SMB) signing
  • Topic: Get best practices to set up and harden Exchange

    Click for the next tip in this series: Restrict outbound SMTP traffic
  • This was last published in June 2005

    Dig Deeper on Network intrusion detection and prevention and malware removal

    Start the conversation

    Send me notifications when other members comment.

    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

    Please create a username to comment.