We had a DOT js file in a zip file come through email last week. We use o365 and I had created a transport rule:
* Apply this rule if… Any attachment has executable content
* Do the following… Delete the message without notifying anyone
But the DOT js still got through. I went digging to find out what Microsoft considered executable content and happened along this post:
In the post they list what is blocked with this rule
Dot js is not included 🙁
I’ve been working to see if I can create my own rule that will look inside a zip file to block extensions I don’t want coming through email. Once I get one created I’ll update this post with my findings.
If you know of a way to do this please leave it in the comments below.