Policies - Attachment Set - Frequently Asked Questions

Updated

This article will address the Frequently Asked Questions about the Attachment Sets in the Mimecast system.
 

Q: Why are files with their file extensions changed from .EXE to .PDF being allowlisted?
A: If the mimetype is set to "all" for an extension, the policy's checks are:
  • mimetype + mimetype extension
  • "All" + mimetype extension
  • "All" + actual file extension
If you have .PDF files with the mime type "all" allowed, and a .EXE file attachment is received that has been renamed with a .PDF extension, the checks will be:
  • application/x-ms-dos-executable + exe = no match in the attachment set
  • All + exe = no match in the attachment set
  • All + pdf = a positive match
As a result, the attachment is allowlisted. We recommend careful consideration when creating policies set to allow the mimetype of "all".
Q: How can I whitelist file extensions that are not listed on my Mimecast Default list?
A: The team of engineers at Mimecast will assist you if you have a list of file extensions you would like to add or whitelist. Simply add the list to an excel spreadsheet and log a support case with the sheet attached.
Q: Is there a way to bypass the Mimecast Default blocked list without creating a bypass for all the blocked listed extensions?
A: Yes, In Mimecast, you can bypass the default blocked list by setting up a separate policy that allows the file type and scopes it according to your email workflow/preferences.
Q: When configuring the Attachment Set, does this by default block all attachment?
A: No, this policy specifically addresses the file types or file extension of the attachment. Which means it will trigger if the attachment file is listed in the blocked list.


 

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.