What file types does the Executable File rule in Symantec Mail Security for Microsoft Exchange (SMSMSE) consider to be executable?
The Executable File Rule recognizes the following executable file types based on true file typing:
- MSDOS/Windows *.exe files
- MSDOS/Windows object library files
- MSDOS/Windows programs
- MSDOS device drivers
- /x86-win-16-com
In order for the Executable File Rule to detect one of these files, it must be a binary file, in other words the file must have been compiled with an application development program. You cannot rename another file with the extension .exe and have the Executable File Rule match that content, the file must actually be an exectuable file. The upside to this approach is that the Executable File Rule will detect an executable file even if the extension has been changed, or if the file has been added to an archive such as a zip, rar, or cab file.
If you would like to block executable files based on file extension instead of true file type, consider using the 'Sample Executable File' content filtering rule. To enable this rule:
If you would like to list or change the file types associated with the Sample Executable file rule: