What file types does the Executable File rule in Symantec Mail Security for Microsoft Exchange (SMSMSE) consider to be executable?

The Executable File Rule recognizes the following executable file types based on true file typing:

- MSDOS/Windows *.exe files

- MSDOS/Windows object library files

- MSDOS/Windows programs

- MSDOS device drivers

- /x86-win-16-com

In order for the Executable File Rule to detect one of these files, it must be a binary file, in other words the file must have been compiled with an application development program. You cannot rename another file with the extension .exe and have the Executable File Rule match that content, the file must actually be an exectuable file. The upside to this approach is that the Executable File Rule will detect an executable file even if the extension has been changed, or if the file has been added to an archive such as a zip, rar, or cab file.


If you would like to block executable files based on file extension instead of true file type, consider using the 'Sample Executable File' content filtering rule. To enable this rule:

1. Open the SMSMSE console
2. Navigate to Policies -> Content Filtering Rules
3. Locate the rule named 'Sample Executable File' and click where it says Disabled
4. Change the dropdown menu to Enabled
5. Click Deploy changes.

If you would like to list or change the file types associated with the Sample Executable file rule:

1. Open the SMSMSE console
2. Navigate to Policies -> Match Lists
3. Double click the match list called 'Sample Attachment Name'
4. A list of 50 terms is displayed. You can add, remove or edit any of these terms you would like, and it will effect the functioning of the Sample Executable file rule.