Dangerous File Attachments

The following is a list of file attachments that may be blocked by the service (the attachments are removed from emails before delivery to you and placed in a quarantine area for 30 days should you wish to receive them):

These are known to be dangerous in almost all cases:

.reg Possible Windows registry attack
.chm Possible compiled Help file-based virus
.cnf Possible SpeedDial attack
.hta Possible Microsoft HTML archive attack
.ins Possible Microsoft Internet Comm. Settings attack
.jse_ Possible Microsoft JScript attack
.lnk Possible Eudora *.lnk security hole attack
.ma_ Possible Microsoft Access Shortcut attack
.pif Possible MS-Dos program shortcut attack
.scf Possible Windows Explorer Command attack
.sct Possible Microsoft Windows Script Component attack
.shb Possible document shortcut attack
.shs Possible Shell Scrap Object attack
.vbe or .vbs Possible Microsoft Visual Basic script attack
.wsc .wsf .wsh   Possible Microsoft Windows Script Host attack
.xnk Possible Microsoft Exchange Shortcut attack

These 2 added by popular demand - Very often used by viruses:

.com Windows/DOS Executable
.exe Windows/DOS Executable

These are very dangerous and have been used to hide viruses:

.scr Possible virus hidden in a screensaver
.bat Possible malicious batch file script
.cmd Possible malicious batch file script
.cpl Possible malicious control panel item
.mhtml   Possible Eudora meta-refresh attack

Deny filenames ending with CLSID's

{[a-hA-H0-9-]{25,}\} Filename trying to hide its real extension


  • A977FF0C-8757-4E76-8533-482F91946233
  • 000209FF-0000-0000-C000-000000000046

Deny filenames with lots of contiguous white space in them:

  • Filename contains lots of white space
  • Deny all other double file extensions. This catches any hidden filenames:


  • .txt.pif
  • .doc.pif
  • .doc.com
  • .txt.exe
  • Email, MailScanner, File Attachments
  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

Mailscanner Overview

Mailscanner is an application that scans email and assigns a score based on the likelihood that...

MailScanner FAQ

Will spam be deleted before I retrieve my email? No email is deleted from your mailbox, unless...

Minimizing Spam

Here is a list of things you can do to help prevent receiving spam in the first place: Do not...

Spam Filtering Levels

Low Scoring and High Scoring Spam- MailScanner assigns a score to each email based on various...

How do I know whether an email has a virus or is spam?

There are two methods used to identify these emails to you. Firstly, the subject line of the...