Email Protection features depend on your plan. If your account interface and settings differ from the ones described below, upgrade from Email Protection Lite to Email Protection.

To manage or view Email Protection settings for Attachments, navigate to CONTROL PANEL > Services > Email Protection > Inbound Policies > Default policy > Attachments:

Email Protection Lite

To reject messages with dangerous attachments check box for Reject messages with dangerous attachments.
Note: regardless of these settings, all file attachments will still be scanned for viruses and other malware.

Reject messages with dangerous attachments

You can see the full list of attachments which are considered as dangerous in the Knowledge Base article on Email Protection: List Of Dangerous Attachments

To allow dangerous attachments sent from safe senders, navigate to Services > Email Protection > Inbound Policies > Default policy > Safe senders, click Manage and check the box Dangerous attachment in the Bypassed checks list.

Email Protection

With Advanced Email Protection package you can manage what action will be applied to the message with dangerous attachments:

  • Will it be dropped
  • Will it be delivered without attachment
  • Will be moved to Admin quarantine

Attachment management for Advanced Package

Dangerous attachments

Dangerous attachments settings

  1. You can specify file types which should be considered as dangerous even their file type group is NOT selected in Dangerous attachments section. Press space bar after you entered file type to finish editing.
    Note: due to recent increases in phishing attacks following a similar pattern, we recommend adding .htm and .html file types to the dangerous attachments.
    For example, MS PowerPoint group is not selected, but if we add .ppt file type, it will be blocked, though other MS PowerPoint file types such as .pps, .ppsx etc. won't be blocked.
  2. You can specify file types that should be considered as safe even their file type group IS selected in Dangerous attachments section. Press space bar after you entered file type to finish editing. 
    For example, Executables group is selected, but if we add .reg file type here, it won't be blocked, though other executable files such as .exe, .scr etc. will be blocked.


While scanning attachments, Email Protection checks a file extension and a file MIME type.

  • If a file has no extension, only a file MIME type is checked
  • If a file has no MIME type,  only a file extension is checked
  • If a file extension and MIME type does not match and fall into different categories, the following logic is used:
    File extension MIME type Attachment 
    Safe Dangerous  Dangerous 
    Dangerous  Safe Dangerous 
    Dangerous  Dangerous  Dangerous 
    Safe Safe Safe