Exchange Admin 101: Email attachment blocking

Exchange

You may be surprised to learn that Microsoft Exchange does not natively support email attachment blocking. If you want to block inbound email attachments at the Exchange server, you have to rely on third-party software.

Make sure the third-party antivirus software you're running is Exchange-aware though. This type of program differs from a normal antivirus program, because it doesn't just scan files and folders -- it scans the Exchange information store. It examines every new message that goes into your organization. If a virus is detected, it neutralizes it before it reaches the recipient's mailbox.

Microsoft Outlook

There are a number of file extensions that Microsoft Outlook blocks by default. In fact, there are too many to list here, but they primarily consist of extensions used by executable files and system files. You can see the full list in Microsoft's article Attachment file types blocked by Outlook, if you're interested.

You can customize Outlook's email blocking rules by editing the system registry.

Important: If you make a mistake when editing the registry, you can seriously impair Windows and/or your applications. Make sure you always perform a full system backup before playing with the registry.

1. Open the Registry Editor and navigate to HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Security.
2. Select New -> String Value from the Registry Editor's Edit menu.
3. Create a new string value named Level1Add (this is case sensitive).
4. Then assign the string a value corresponding to the file extension that you want to block. For example, if you wanted to block Word documents, you would assign the value .DOC. (You can enter multiple extensions by separating them with a semicolon.)

Outlook Web Access

Exchange 2003 is the first version of Exchange to support full-fledged email attachment blocking through Outlook Web Access. As with Outlook, OWA attachment blocking is controlled through the system registry. The difference is that OWA-based attachment blocking is controlled by the Exchange server's registry, while Outlook-based attachment blocking is controlled by the workstation's registry.

OWA attachment blocking can be configured through this registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeWeb\OWA

There are two keys that you need to pay attention to: Level1FileTypes and Level2FileTypes. Any file extension appearing in the Level1FileTypes list is blocked completely by OWA. File extensions appearing in Level2FileTypes can't be opened directly, but can be saved to a workstation and opened outside OWA. You can easily add file extensions to either list by simply adding the desired file extension to the appropriate list.

Conclusion

Although Outlook and OWA block most potentially harmful file types, their email attachment-blocking features are no substitute for good client and server virus protection. Viruses can sometimes come in attachment types we usually consider safe. For example, Outlook does not block Microsoft Word documents. But a Word doc can contain a macro virus. Remember the huge uproar over the Melissa virus in 1999?

When you receive a bogus file attachment, your antivirus software is your primary defense.

About the author: Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer he has written for Microsoft, CNET, ZDNet, TechTarget, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at www.brienposey.com.

Do you have comments on this tip? Let us know.

Do you have a subject you'd like us to cover as part of our Exchange Admin 101 series? Share it with us.

Rate this Tip To rate tips, you must be a member of SearchExchange.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Exchange Admin 101 Tips Manage Exchange 2007 public folders with the Exchange Management Shell Exchange Admin 101: Exchange 2003 and Exchange 2007 admin privileges Exchange Admin 101: Server roles in Exchange Server 2007 Exchange Admin 101: An introduction to RAID for Exchange Server Exchange Admin 101: An introduction to DSAccess Exchange Admin 101: Exchange Server replication and synchronization Exchange Admin 101: Exchange Server communication ports Exchange Admin 101: Meet MOM Exchange Admin 101: An introduction to Exchange clustering Exchange Admin 101: Configuring OMA and ActiveSync Microsoft Outlook How effective is tracking the IP address of an email hacker? Lock down Microsoft Outlook 2007 to prevent .PST file access Third-party tool moves Outlook attachments to Microsoft SharePoint Free tools keep Microsoft Outlook visible in Windows Vista Migrating .PST files to an Exchange Server information store Troubleshoot Outlook 2007 error 0X8004010F on Exchange Server 2007 How to export Global Address List data to Microsoft Office Access Revised Outlook out-of-office (OOF) messages don't update in OWA Create a group policy to prevent .PST file storage in Exchange 2007 Microsoft Exchange Server and Outlook email archiving FAQs Microsoft Outlook Research Outlook Web Access OWA Light vs. Exchange ActiveSync on Windows Mobile devices Create a secure Microsoft Outlook Web Access (OWA) redirect page Why does a security alert pop up when accessing Outlook Web Access? Troubleshooting slow Outlook Web Access (OWA) performance Revised Outlook out-of-office (OOF) messages don't update in OWA Use the OWA Admin tool to 'segment' Outlook Web Access 2003 features Repairing damaged OWA virtual directories in Exchange Server 2003 Customizing an Outlook Web Access 2003 email signature Outlook Web Access limitations using Exchange Server public folders OWA won't load after applying Exchange 2007 SP1 security patch RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bacn  (SearchExchange.com) email bankruptcy  (SearchExchange.com) offline folder file  (SearchExchange.com) OST file  (SearchExchange.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.