Attachment limitations for Casper Colleges Faculty and Staff Email System

• Maximum attachment size allowed is 30MB.
  The colleges email system sometimes sends and receives over 70,000 messages per day. Each of these messages are scanned for spam and viruses so even the occasional 30MB attachment can cause latency in the system affecting timely delivery of messages. If you have a large file to distribute or receive that exceeds our email system limitations, it can be posted and retrieved on a Casper College web server. Please email dstraka @ caspercollege <dot> edu for info on this.
• Zip files are allowed, but if the zip contains a blocked filetype (see below), the zip file will be blocked.
• Password protected files and archives cannot be scanned for viruses and are therefore blocked.
• Attachments with multiple file extensions (e.g. students.fall.doc) considered an attempt to hide a real file type and are blocked.
• Email containing attachments infected with a known virus are deleted.
• Certain types of email attachments which are known to be capable of harboring viruses are removed. In these cases the {Filename?} tag is added to the subject line of the email.

The following attachment types/extensions are blocked:

.ANI Windows animated cursor file security vulnerability
.ASF Windows media files
.BAT DOS Batch file
.BMP Possible buffer overflow in Windows
.CER Dangerous Security Certificate (according to Microsoft)
.CHM A Windows compiled help file
.CMD DOS command instruction
.CNF A SpeedDial script
.COM DOS executable
.CPL Control Panel Item
.CUR Windows cursor file security vulnerability
.EXE Windows Executable
.HLP Windows help file security vulnerability
.HTA Archived HTML page
.ICO Windows icon file security vulnerability
.INS Windows Internet Settings
.ITS Dangerous Internet Document Set (according to Microsoft)
.JOB Possible Microsoft Task Scheduler attack
.JS Javascript file
.JSE Jscript
.LNK Eudora link
.MA[DFGMQRSVW] Microsoft Access shortcuts
.MAU Dangerous attachment type (according to Microsoft)
.MD Dangerous attachment type (according to Microsoft)
.MHTML Eudora meta-refresh
.MNG MNG/PNG movies
.PIF MS-DOS Program shortcut
.PRF Dangerous Outlook Profile Settings (according to Microsoft)
.PST Dangerous Office Data File (according to Microsoft)
QuickTime movies
.REG Windows Registry patches
.SCF Windows explorer command
.SCR Windows screensaver
.SCT Windows script component
.SHB Shortcut into a document
.SHS Shell script object
.SYS DOS executable
.TMP Dangerous Temporary File (according to Microsoft)
.VB[ES] Visual Basic scripts
.VSMACROS Dangerous Visual Studio Macros (according to Microsoft)
.VS Dangerous attachment type (according to Microsoft)
.WS Windows scripting host scripts
.WS[CFH] Windows scripting host scripts
.XNK Microsoft Exchange shortcut

Some of the above attachments can be sent by simply renaming the attachment to something harmless. You would then include instructions with the message to rename the file back to its original type upon receipt. This won't work though for .exe and certain other attachments, as Mailscanner can tell when it scans it what type of attachment it is.