Mail/Web Filtering Recommendations
We recommend that many different file types are blocked by default in all email and web filtering systems. Generally, these are the sorts of files that you would not expect anyone to receive by email.
There is a significant risk of users, both skilled and unskilled IT professionals, opening attachments, or downloading certain file types, which may cause harm to our systems or indeed, worst case, generate a breach and ultimately data loss.
Whilst a Computer Forensics Expert (generally a post-breach support provider) or any Cyber Security Professional would suggest you block all file types and allow only those required within the business, we understand that this is not practical, therefore, we recommend blocking, at least, the file types listed below, which will ensure that some of the riskiest file types are blocked from entering your systems via email.
Many email platforms will block some of these, but not all, and indeed, many systems, such as Outlook, block different files depending on the operating system they are installed on, for example, Outlook Mac blocks different files than Outlook Windows, which is odd, but is the case, and also, doesn't block all the file types below.
In addition, many companies use mail filtering solutions outside of the core messaging platform, thus, instead of MS365 or GSuite, an additional product is used - we have also found that many of the file types below are not blocked by those solutions either, so adding these is a great idea.
You should also consider adding these to any web filtering blocks to prevent download and execution from websites that may have been compromised.
KNOWN RISKY FILES
LINUX FILE TYPES
| PKG |
Package Installer File |
| DEB |
Package Installer File |
| OUT |
Compiled Executable File |
| RUN |
Executable File |
| RPM |
Package Installer File |
| SH |
Shell Script |
MICROSOFT WINDOWS FILE TYPES
| BAT |
Batch File (executable) |
| CMD |
Command Script |
| COM |
Command File |
| CPL |
Control Panel Extension |
| EXE |
Executable File |
| GADGET |
Windows Gadget File |
| INF |
Setup Information File |
| INS |
Internet Communications Settings |
| INX |
InstallShield Compiled Script |
| ISU |
InstallShield Uninstaller Script |
| JOB |
Windows Task Scheduler Job File |
| JSE |
Jscript Encoded File |
| LNK |
File Shortcut |
| MSC |
Microsoft Common Console Document |
| MSI |
Windows Installer Package |
| MSP |
Windows Installer Patch |
| MST |
Windows Installer Transformation File |
| PAF |
Portable Application Installer File |
| PIF |
Program Information File |
| PS1 |
Powershell Commandlet |
| REG |
Windows Registry Data File |
| RGS |
Registry Script |
| SCR |
Screen Saver Executable |
| SCT |
Windows Scriptlet |
| SHB |
Windows Document Shortcut |
| SHS |
Shell Scrap Object |
| U3P |
U3 Smart Application |
| VB |
Visuable Basic Script |
| VBE |
Visual Basic Encoded Script File |
| VBS |
Visual Basic Script |
| VBSSCRIPT |
Visual Basic Script |
| WS |
Windows Script |
| WSF |
Windows Script File |
| WSH |
Windows Script Preference File |
MAC OS FILE TYPES
| ACTION |
Automation Action |
| APP |
Executable File |
| COMMAND |
Terminal Command |
| OSX |
Executable File |
| WORKFLOW |
macOS Automator Workflow |
LINUX FILE TYPES
| KSH |
Unix Korn Shell Script |
| OUT |
Executable File |
| RUN |
Executable File |
MIXED OS FILE TYPES
| BIN |
Binary Executable File |
| CSH |
C Shell Script |
| PY |
Python Script |
| PYC |
Python Compiled Script |
| PYO |
Python Optimised Code File |
ANDROID FILE TYPES
IOS FILE TYPES
GEM FILE TYPES
CHROME FILE TYPES
| NEXE |
Chrome Executable File |
