Attachments can be dangerous when they come from attackers. They can be dangerous if they come from a trusted but infected contact.
But, many times they are important files.
Today, we loose one email with an order from UNILEVER.
The receiver need to know this mail is coming with this attachments. May be is better to send anyway the mail, but with a message writting "THIS MAIL CAME WITH THIS XXXXXXXX ATTACHEMENTS, and have been remove due xxxx"
Especially files with OFFICE format are widely used and dangerous due to the possibility of containing and executing macros. But, they also come with valuable information for the company.
For security reasons, I must block the entry of these files. But, in order to work I need them.
On June I suggested: (and I receive a mail from support about this function is in process)
MAIL event:
* Forbidden Attachment
* Enabled
* Email
* Message Received
* Condition: When user received forbidden attachment extension
ACTION:
* Action: Send email
* Frequency: None
* From: admin
* To: # toaddress #
* Subject: Message with forbidden attachment to you
* Body: # toaddress # has received a new message with this forbidden extension: "xxx" from # fromaddress #. Subject: # subject # Size: # sizekb # KB Spam Level: # spamlevel #
NEW SUGGESTION
Today I think would be better (and may be easier) to allow the email but without the attachement and one NOTE with the detail about the removed file