List of Banned File Extensions
Computer viruses are often spread by as programs attached to email messages. Recipients are fooled into to running the attachments which infect their PC.
News & Announcements
22/12/05 - the 'RAR' archive file format was added to the ISS banned list due to a problem with Symantec AntiVirus. The RAR file format will be un-banned when the problem is resolved. While RAR is banned, users are advised to use the ZIP format.
ISS protects the University computer systems by preventing 'executable' attachments from passing through the central mail hub. Executable programs are detected by their three letter extension. Listed below are three letter extensions currently (29/10/01) banned. To send executable programs - put them in a Zip file before sending.
Mail Hub Attachment Filtering
- the mail hub will examine incoming and outgoing mail messages to see if they contain attachments.
- if any such attachment is found the email mesage is rejected.
- the sender will receive an error message that will look something like this:
This message has been rejected because it has potentially executable content (filename.xxx). This form of attachment has been used by recent viruses or other malware. If you meant to send this file then please package it up as a zip file and resend it
- the content of attachments is not examined at this point - only the filenames are tested.
The 'Type of File' listed below is a best efforts list. Any given three letter extension may be used by more than one program.
Attachment blocking on the 'mail hub' at this point is not 100 percent reliable. There are ways of encoding attachments that will evade the checks, and files with names containing non-English characters will also not be examined.
Please note that almost none of the file types that are blocked will actually cause users any problems. The list's main function is to intercept incoming attachments originated by viruses themselves, many of which execute automatically without user involvment.
Word, PowerPoint and Excel files, although being executable, are currently allowed.
As the need arises other three letter extensions will be added to the list.
About Encrypted Zips
Encrypted Zips are files compressed by WinZip, EnZip or other Zip utility that have been password protected. The password is used as a key to encrypt the file. The same file encrypted with different keys will look different.
Virus Writers Use Encrypted Zips
Encrypted Zips are being used by viruses to disguise and therefore evade anti-virus programs. While encrypted zip files successfully evade anti-virus software they will be deleted as they pass through the University email hub. Below is an indication as to whether they are currently banned or not.
17/03/04 - Encrypted Zips are currently banned.
Zip files that have not been encrypted (using a password) may still be used to send executable files as attachments. It should be noted that the recipient will need a copy of Windows XP, WinZip, EnZip or other Zip utility to uncompress (un-pack) the Zip file.
Using WinZip, EnZip or other Zip utility it is possible to create a self-extracting zip file that is not encrypted and when run will uncompress the files without the use of Windows XP, WinZip, EnZip or other Zip Utility. Unfortunately, self-extracting Zip files have a file extension of .EXE which is currently banned. You can evade our ban of sending self-extracting Zips by renaming the self-extracting zip file e.g. rename 'example.exe' to 'example.exeremove'. However some other email hubs may look 'deeper' than ours and delete the executable attachment.
List below are links to further information about the Zip Utilities mentioned in this article:
- Microsoft Windows XP has Zip un-compression (un-packing) built-in.
- RAR is an 'open source' archive compression format. WinRAR is a popular shareware Windows RAR utility program.
Executable files (files with banned extensions) that you want to send as email attachments, should zipped not be encrypted (i.e. saved without a password) and they should not be made 'self-extracting'. Recipients of zipped executables should be encouraged to install a Zip utility.