Files blocked by Altospam

In order to protect our customers from possible attacks by unknown viruses, we have taken the decision to refuse certain extensions used for executable attachments (e.g. files with .exe extensions), as these files are likely to contain malware. This rule has existed since 2002, but the list has just been extended by several extensions following recent ransomware attacks. That’s why we’re taking this opportunity to review Altospam’s rules for rejecting file attachments.

Refused extensions

All emails with at least one attachment containing one of the extensions below are systematically refused.

.ade, .adp, .aspx, .bat, .cab, .chm, .cmd, .com, .cpl, .exe, .hta, .hte, .ins, .isp, .jar, .js, .jse, .lib, .lnk, .mde, .msc, .msi, .msp, .mst, .pif, .ps1, .scr, .sct, .shb, .sys, .vb, .vbe, .vbs, .vxd, .wsc, .wsf, .wsh, .xht, .xhtml

On the other hand, if an e-mail contains at least one compressed archive file (Zip, Rar, Arj, 7z, TGZ, etc.) which itself includes a file with one of these extensions, the e-mail will also be rejected. Example: an e-mail containing a “toto.zip” file will be refused if it contains a file with one of the above extensions, such as “titi.exe”.

UPDATE 15/03/2016: Following the Locky attacks, we have taken the decision to block emails containing .JS files, either directly in the email, or in a compressed file embedding files (If your customers need to send you JS files in zip, ask them to add a password).

MAJ 07/12/2018:.PS1 and .HTE extensions added, following CERT DATAPROTECT recommendations.

Update 09/23/2020 (Withdrawn 07/15/2021): Compressed and password-encrypted .ZIP, .7Z and .ARJ files are now rejected.

Email size

Emails must not exceed 50MB (52,428,800 bytes) in size, including header, body and attachments. All emails exceeding 50 megabytes will be systematically rejected by Altospam and MailOut.

As a reminder, attachments encapsulated in the MIME protocol (defined by RFC 2046, 2047, 2049, 2077, 4288 and 4289) are most often encoded on 6 bits (Base64). The file size therefore increases by around 37%. Attachments must therefore not exceed: approx. 36MB.

Special cases

In addition to the cases specified, there are other cases to be avoided concerning e-mail attachments:

– Absolutely avoid files with a double extension: “.exe.zip” for example.

– Damaged file attachments (MIME not decipherable or cut up) will be very poorly considered (almost systematically refused).

– The presence of compressed files as attachments systematically degrades email quality. Compressed files are checked more thoroughly than other files, using additional filters.

– Password-protected archives are authorized. However, their content cannot be analyzed. It is therefore important to be very vigilant and to run a scan with your local antivirus software after decompression.

We also invite you to discover how Altospam analyzes file attachments and compressed files to avoid any risk of receiving malware: https: //www.altospam.com/actualite/2014/02/la-forteresse-daltospam-les-malwares/

Thanks to 16 specific anti-spam technologies combined with 5 anti-viruses, as well as a systematic check of suspicious attachments against the market’s leading anti-viruses, Altospam ensures a very high level of security for your incoming emails.

However, we must never lose sight of the fact that safety is a matter of individual behavior. If in doubt, do not open any suspicious files or attachments contained in an e-mail, as the consequences could be particularly serious.