I'm chiming in just because I believe it's an important feature. I've had a client hit with a Cryptolocker infection that got past our SM security features. ClamAV didn't catch it, not surprised. Since then, I enabled Declude in addition to our existing Commtouch for spam, and configured Declude to scan zips and delete if they include executables, bat, com, pif, jar, js, exe, etc. as well as any email with those attachments outside of compressed archives.
Declude seems to do this quite effectively but why isn't this kind of thing build into the product? I don't think that basic security functions which don't rely on real-time or daily updates need to be outsourced to plugin vendors. I would think that it would be much more efficient to handle this at the mail server level rather than at an add-on, system service level. This is no slight to Declude as it does what it says it will do, but configuration requires logging into the Windows server console to configure. It'd be VERY convenient to be able to do this via Smartermail interface as system admin.
I say this without in anyway criticizing ST developers, but doesn't it make basic sense to have this kind of thing baked in to the server? Attachment scanning and filtering?