• IT Services
• Email
• Mail Filtering
• Mail scanning messages
  • Rejection - extension filtering

• Related links
  • A-Z index
  • Help and support
  • Key services

Rejection of certain file extensions

You have been directed here because The University of Manchester mail system has rejected your message. It contains a MIME encoded file (attachment) which differs enough from the accepted standards as to be considered a risk to our systems. The University of Manchester has a policy of rejecting emails with attachments which have particular file extensions.

Blocked file extensions

As a result of computer viruses and other malicious code which can be transmitted as email attachments, students and staff of The University of Manchester who are sent or who try to send executable files (programs) as email attachments will find that these are rejected. This happens based on the extension of the file; the block is applied to the following:

ade, adp, app, bas, bat, chm, cmd, com, cpl, crt, csh, exe, fxp, hlp, hta, inf, ins, isp, js, jse, ksh, lnk, mdb, mde, mdt, mdw, msc, msi, msp, mst, ops, pcd, pif, prg, reg, scr, sct, shb, shs, url, vb, vbe, vbs, wsc, wsf, wsh

These are in accordance with Microsoft's list of dangerous file extensions.

Incoming messages (sent from outside The University of Manchester) will be returned to their sender with a message explaining the problem. Messages sent out that contain those attachments may be returned, or you may see an error report straight away.

This additional security step has been introduced because malicious code and viruses are frequently distributed as executable files sent as email attachments, though often disguised as something that recipients might want to read or run. When such an attachment is opened a program can be automatically run on your computer - for example, there are programs that will delete all your files. Many of these programs would also send themselves out again.

What if the file is legitimate?

It's unfortunate, but the automatic block will prevent any files of these types being sent to and from The University of Manchester accounts. The policy is applied globally and no exceptions can be made so please do not ask. If there is a legitimate need to send an executable file, the sender can do this in a number of ways. For example, the sender can:

1. Rename the file with a different file extension. The sender will need to tell the recipient what the file extension was, so that they can change it back.
2. Put the file (or files) inside a ZIP archive. Recent versions of the most popular operating systems already support this archive format. If you don't already have a archival utility, there are many available free on the web such as Coffee Cup Zip Wizard.
3. If available, use a WebDAV or FTP service. Senders may also be able to place files on their personal web pages and let you know where to find them.
4. Send the file by post, on a CD or floppy disk.

Note that these methods are ways around the block and do not prevent malicious code being sent. It is up to the receiver to determine the legitimacy of the file before dealing with it. Information on checking files for viruses is available from your Faculty Support Unit.