You would like to know how to enable and configure the Executable file rule under "Policies" in Symantec Mail Security for Microsoft Exchange.
Undesirable mail is coming in with executable attachments.
To configure executable file detection
1. In the console on the primary navigation bar, click Policies.
2. In the sidebar under Content Enforcement, click File Filtering Rules.
3. In the content area, in the File Filtering Rules table, on the Executable File Rule row, click the box under the Status column, and use the drop-down menu to select Enabled.
Note: This rule is set to disabled by default.
4. In the preview pane, in the Action to take list, use the drop-down menu to select one of the following to specify the action to take when an executable file is detected:
a. Delete entire message
b. Delete attachment/message body and replace with text
c. Quarantine attachment/message body and replace with text
d. Log only
5. In the Replacement text box, type your customized message if you are replacing the message or attachment body with a text message.
6. To send email notifications about the detection, check one or more of the following:
a. Notify administrators
b. Notify internal sender
c. Notify external sender
7. On the toolbar, click Deploy changes to apply your changes.
For more detailed information on configuring this rule, please see the Implementation Guide. Here is the documentation for SMSMSE: SMSMSE Documentation.