Viruses often use email attachments to infect computers over the internet. People are particularly vulnerable to viruses spread by email attachments because the method of infection is so simple. Someone only needs to open an attachment to infect their computer.
UBC IT scans all email messages for viruses and phishing, stopping the majority of malicious messages. But there is often a delay between the release of a new virus and the ability of anti-virus software to detect it. By blocking some file types included in email messages, IT can prevent new viruses from spreading to computers used by UBC students, faculty, and staff.
How Attachment Blocking Works
People who attempt to send a message through Faculty and Staff email (FASmail) meeting the criteria below will receive an error message:
- An infected message
- A message identified as Phishing
- A message containing a blocked file-type (including those within unencrypted archive files)
The error message will explain what has occurred to the person sending the message, and how to send the attachment, if it is legitimate.
For emails containing a blocked file sent outside of FASmail, the email will be silently dropped with no notification to the sender.
Attachments that are Currently Blocked
Blocking Viruses
Email passing through mail-relay.ubc.ca (including messages addressed to accounts at @ubc.ca, @mail.ubc.ca, @exchange.ubc.ca), and mail sent between FASmail accounts, is scanned by Sophos Anti-Virus. The mail relay servers reject email messages containing a virus, and an error is issued to the person who originally sent the message.
Blocking Phishing
The mail relay servers block messages identified as "phishing," whether or not they include an attachment. Like viruses, they generally aim to harm the recipient, and the same social engineering tricks are used to convince people to click on a URL designed to steal personal information.
Blocking by File Type
UBC IT currently blocks attachments with the following extensions:
- .ade
- .adp
- .app
- .asp
- .bas
- .bat
- .cer
- .chm
- .cla
- .class
- .cmd
- .com
- .cpl
- .crt
- .csh
- .docm
- .dotm
- .exe
- .fxp
- .hlp
- .hta
- .inf
- .ins
- .isp
- .its
- .java
- .js
- .jse
- .ksh
- .lnk
- .mad
- .maf
- .mag
- .mam
- .maq
- .mar
- .mas
- .mat
- .mau
- .mav
- .maw
- .mda
- .mdb
- .mde
- .mdt
- .mdw
- .mdz
- .mrc
- .msc
- .msi
- .msp
- .mst
- .ocx
- .ops
- .pcd
- .pif
- .potm
- .ppam
- .ppsm
- .pptm
- .prf
- .prg
- .pst
- .reg
- .scf
- .scr
- .sct
- .shb
- .shs
- .sis
- .slk
- .tmp
- .url
- .vb
- .vbe
- .vbs
- .vsdm
- .vssm
- .vstm
- .vsmacros
- .vss
- .vst
- .vsw
- .ws
- .wsc
- .wsf
- .wsh
- .xla
- .xlam
- .xlsb
- .xlsm
- .xltm
- .???.exe
- .???.lnk
- .???.pif
If you need to send a legitimate attachment that is on the blocked list, refer to Sending Attachments on the Blocked List.