Glad its working.
I will also note that, with this filter, not only does it pick up on file extension names, but the attachment-filetype == "Executable" works well against someone renaming an exe to txt, or even a DOC with an executable inside it.
Try the ESA technotes:http://www.cisco.com/c/en/us/support/security/email-security-appliance/products-tech-notes-list.html
ESA Spoofed Mail Filtering
http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/117796-probl...
You can do this as a message filter or incoming content filter. This action is a content filter that will quarantine the message. This will look for any file extensions that are in a zip file, doc, and more.
Obviously you can change the action, but ...
Eric, I have the same type of environment.In the System Admin > LDAP1. Create multiple LDAP domains with whichever queries you need (.accept, etc) a. Must have access to perform LDAP query.2. Create a domain assignments ie: List1 a. List one contains...