Here's an excerpt from a Tumbleweed article discussing what to filter using
email filters.
Summary:
This
article
provides
a list of
file
types
that may
potential
ly be
harmful
to some
organizat
ions.
Detailed Info:
The
following
is a
partial
list of
file
types
that an
organizat
ion might
consider
to be
dangerous
within
their
organizat
ions.
Many
known
viruses
make use
of some
of these
file
extension
s.
This list
should
not be
considere
d to be
exhaustiv
e, nor
should it
be
assumed
that
every
file
extension
listed
below
would be
undesirab
le in
every
organizat
ion.
As an
administr
ator you
should
review
this
list, and
add any
undesirab
le file
types
that
might be
missing.
You may
also
choose to
remove
items
from this
list that
may have
some
business
need in
your
organizat
ion, or
you don't
consider
dangerous
.
*.AS
*.ASP
*.BAT
*.CHM
*.CMD
*.COM
*.DLL
*.DOT
*.EML
*.EXE
*.FNT
*.HTA
*.INF
*.JS
*.JSE
*.LNK
*.MRC
*.PIF
*.PL
*.REG
*.SCR
*.SHB
*.SHS
*.SWF
*.VB
*.VBE
*.VBS
*.WS
*.WSC
*.WSF
*.WSH
*.XML
Resolution:
Many
companies
deploy
policies
to block
potential
ly
dangerous
files.
This can
be a good
proactive
measure
for
defending
against
brand new
viruses
that may
not be
detected
by the
latest
Virus
Pattern
files.
You may
choose to
deploy a
policy
similar
to the
following
:
Catch
messages
where...
Contains
attachmen
ts in the
attachmen
t list
"Potentia
lly
dangerous
files"
Take the
following
actions..
.
Quarantin
e the
message
with the
tag
"attachme
nt"
and Send
the
notificat
ion
"Sender
Note -
message
with
attachmen
t not
delivered
"
The
policy
might
read
something
like:
For all
messages
sent from
this user
with
attachmen
ts from
the
""Potenti
ally
dangerous
files"
list
quarantin
e the
message
with the
tag
"attachme
nt"
An
effective
"Potentia
lly
dangerous
files"
list
might be
composed
of:
"All
Executabl
e Files"
"HTML
with
Active
Content"
*.AS
*.ASP
.
.
.
*.WSH
*.XML
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:43:31 PDT