{"id":13806,"date":"2022-06-10T12:48:41","date_gmt":"2022-06-10T09:48:41","guid":{"rendered":"https:\/\/www.hyyat.com\/knowledgebase\/%d9%85%d8%a7-%d9%87%d9%8a-%d9%85%d8%b1%d9%81%d9%82%d8%a7%d8%aa-%d8%a7%d9%84%d9%85%d9%84%d9%81%d8%a7%d8%aa-%d8%a7%d9%84%d8%ae%d8%b7%d9%8a%d8%b1%d8%a9%d8%9f\/"},"modified":"2022-06-10T13:07:06","modified_gmt":"2022-06-10T10:07:06","password":"","slug":"what-are-the-dangerous-file-attachments","status":"publish","type":"docs","link":"https:\/\/www.hyyat.com\/en\/knowledgebase\/what-are-the-dangerous-file-attachments\/","title":{"rendered":"What are the Dangerous File Attachments?"},"content":{"rendered":"<p class=\"main-header-title\"><span style=\"color: #ff0000;\"><strong>What are the Dangerous File Attachments?<\/strong><\/span><\/p>\n<p>The following is a list of file attachments that may be blocked by the Mail Scanner service (the attachments are removed from emails before delivery to you)<\/p>\n<p>&nbsp;<\/p>\n<p><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone wp-image-13805\" src=\"https:\/\/www.hyyat.com\/zasogooh\/2022\/06\/371154Image1-1180x677_d-300x172.jpg\" alt=\"\u0645\u0627 \u0647\u064a \u0645\u0631\u0641\u0642\u0627\u062a \u0627\u0644\u0645\u0644\u0641\u0627\u062a \u0627\u0644\u062e\u0637\u064a\u0631\u0629\u061f\" width=\"614\" height=\"352\" title=\"\" srcset=\"https:\/\/www.hyyat.com\/zasogooh\/2022\/06\/371154Image1-1180x677_d-300x172.jpg 300w, https:\/\/www.hyyat.com\/zasogooh\/2022\/06\/371154Image1-1180x677_d-1024x587.jpg 1024w, https:\/\/www.hyyat.com\/zasogooh\/2022\/06\/371154Image1-1180x677_d-768x441.jpg 768w, https:\/\/www.hyyat.com\/zasogooh\/2022\/06\/371154Image1-1180x677_d.jpg 1180w\" sizes=\"(max-width: 614px) 100vw, 614px\"><\/p>\n<p><strong>These extensions are known to be dangerous in almost all cases.<\/strong><\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.reg Possible Windows registry attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.chm Possible compiled Help file-based virus<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.cnf Possible SpeedDial attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.hta Possible Microsoft HTML archive attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.ins Possible Microsoft Internet Comm. Settings attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.jse_ Possible Microsoft JScript attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.lnk Possible Eudora *.lnk security hole attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.ma_ Possible Microsoft Access Shortcut attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.pif Possible MS-Dos program shortcut attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.scf Possible Windows Explorer Command attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.sct Possible Microsoft Windows Script Component attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.shb Possible document shortcut attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.shs Possible Shell Scrap Object attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.vbe or .vbs Possible Microsoft Visual Basic script attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.wsc .wsf .wsh Possible Microsoft Windows Script Host attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.xnk Possible Microsoft Exchange Shortcut attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><strong>These 2 are Very often used by viruses<\/strong><\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.com Windows\/DOS Executable<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.exe Windows\/DOS Executable<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><strong>These are very dangerous and have been used to hide viruses<\/strong><\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.scr Possible virus hidden in a screensaver<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.bat Possible malicious batch file script<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.cmd Possible malicious batch file script<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.cpl Possible malicious control panel item<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>.mhtml Possible Eudora meta-refresh attack<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><strong>Deny filenames ending with CLSID&#8217;s<\/strong><\/p>\n<ul>\n<li>{[a-hA-H0-9-]{25,}\\} Filename trying to hide its real extension<br \/>\nExamples:<br \/>\nA977FF0C-8757-4E76-8533-482F91946233<br \/>\n000209FF-0000-0000-C000-000000000046<\/li>\n<\/ul>\n<p><strong>Deny filenames with lots of contiguous white space in them.<\/strong><\/p>\n<ul>\n<li>Filename contains lots of white space\u00a0<strong>Deny all other double file extensions. This catches any hidden filenames.<\/strong><\/li>\n<li>Found possible filename hiding<br \/>\nExamples:<br \/>\n.txt.pif<br \/>\n.doc.pif<br \/>\n.doc.com<br \/>\n.txt.exe<\/li>\n<\/ul>\n<p><strong><span style=\"color: #993366;\">Greetings from the <a style=\"color: #993366;\" href=\"https:\/\/www.hyyat.com\/en\" target=\"_blank\" rel=\"noopener\">Hyyat Host<\/a> team<\/span><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>What are the Dangerous File Attachments? The following is a list of file attachments that may be blocked by the Mail Scanner service (the attachments are removed from emails before delivery to you) &nbsp; These extensions are known to be dangerous in almost all cases. .reg Possible Windows registry attack &nbsp; .chm Possible compiled Help [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","template":"","meta":{"_eb_attr":"","inline_featured_image":false,"wprm-recipe-roundup-name":"","wprm-recipe-roundup-description":"","footnotes":""},"doc_category":[2801],"doc_tag":[2805,2804],"class_list":["post-13806","docs","type-docs","status-publish","hentry","doc_category-spam","doc_tag-mail-2","doc_tag-spam-2"],"year_month":"2026-04","word_count":295,"total_views":"4147","reactions":{"happy":"1","normal":"0","sad":"0"},"author_info":{"name":"ahmed fathy","author_nicename":"ahmed-fathy","author_url":"https:\/\/www.hyyat.com\/en\/author\/ahmed-fathy\/"},"doc_category_info":[{"term_name":"spam","term_url":"https:\/\/www.hyyat.com\/en\/kb\/spam\/"}],"doc_tag_info":[{"term_name":"mail","term_url":"https:\/\/www.hyyat.com\/en\/docs-tag\/mail-2\/"},{"term_name":"spam","term_url":"https:\/\/www.hyyat.com\/en\/docs-tag\/spam-2\/"}],"knowledge_base_info":[],"knowledge_base_slug":[],"_links":{"self":[{"href":"https:\/\/www.hyyat.com\/en\/wp-json\/wp\/v2\/docs\/13806","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hyyat.com\/en\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/www.hyyat.com\/en\/wp-json\/wp\/v2\/types\/docs"}],"author":[{"embeddable":true,"href":"https:\/\/www.hyyat.com\/en\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hyyat.com\/en\/wp-json\/wp\/v2\/comments?post=13806"}],"version-history":[{"count":0,"href":"https:\/\/www.hyyat.com\/en\/wp-json\/wp\/v2\/docs\/13806\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.hyyat.com\/en\/wp-json\/wp\/v2\/media?parent=13806"}],"wp:term":[{"taxonomy":"doc_category","embeddable":true,"href":"https:\/\/www.hyyat.com\/en\/wp-json\/wp\/v2\/doc_category?post=13806"},{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/www.hyyat.com\/en\/wp-json\/wp\/v2\/doc_tag?post=13806"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}