Additional filename attachments, including “.exe”, now blocked in e-mail
For a long time, our mail system has blocked obviously malicious filenames like “443645787823424455.scr”, “Invoice.pdf.exe”, and so on, even if they aren’t actually flagged by the antivirus software we use (which can happen if they’re new viruses that don’t yet have matching patterns).
Recently, we’ve seen a dramatic increase in simpler names where the virus author doesn’t even try to hide the fact that it’s a program: things as simple as “Invoice.exe” in a zip file. We’ve received a couple of reports that people unzipped these, ran them, and clicked past the Windows warning saying that programs from the Internet can harm your computer — perhaps assuming that if it wasn’t flagged by either our virus scanner or the virus scanner on their own computer, it must be okay.
We want to make sure our customers never fall victim to anything like this, so we’ve expanded our blocked filename patterns to include simple “.exe” files (and other additions). This may very occasionally reject legitimate messages with an error asking the sender to rename the file and resend it, but it will solve far more problems than it causes.
We’re using the same list of filename extensions that Gmail uses — if we block it, Gmail would block it, too. You can find more information on our support page about virus scanning.
If you’re wondering what kind of things this might block, here’s a list of filenames so far today that weren’t detected as viruses by antivirus scanning software, but which were blocked due to the filename extension:
REVISED PROFORMA INVOICE.exe
Hopefully that makes it obvious why we’re doing this!