Prohibited e-mail attachments

Issue:
You received a notice that an e-mail file attachment is prohibited and you need to be able to send or receive the file.  

Explanation:
Certain file types are blocked from incoming or outgoing e-mail due to their inherent security risk.  These are generally files that contain or can contain executable code.  These are dangerous because they will execute if you open them either from within the e-mail message or if you download and open them.  Executable files can and often do contain viruses or ransomware.

Files with these file extensions are blocked:

accde dotm pptm wsf
bat docm potm wsh
chm hta ppsm xla
cil java scr xlm
cmd js shs xlam
com jse sldm xlsm
cpl mde vbe xltm
dll msi vbs  
exe pif wms  

Note that if the blocked file is a compressed file (such as ZIP or RAR), it was blocked because it contained one or more restricted files.

What to do:
If you were not expecting the file and/or do not recognize the sender, you may simply delete the message. 

Otherwise, here are a few workarounds in order to send or receive prohibited files:

  • You might be able to send or receive a file by removing the the file extension or changing it to .txt before it is sent.  The file will need to be renamed back to the original file extension after being received and downloaded.  Note that this method may not work in many cases as the scanning engine will be able to detect the file type regardless of its name.
  • Try putting the file in a password-protected ZIP file and sending that.  You will need to let the recipient know the password to open the ZIP file. (The scanning engine cannot open password-protected files, so this method "shields" the prohibited file from the scanner.)  Note that this method won't work if the recipient's email system blocks password-protected files. 
  • If the offending file is a macro-enabled Office file (e.g. docm, xlsm, pptm, etc.) and you don't actually need the macro functionality, re-save the file without macros and send it.
  • Share the file via a shared drive such as OneDrive, SharePoint, or other approved cloud service.  Be aware that the use of services not approved by UTHSCSA to transfer files with PHI or other sensitive data may violate UTHSCSA policy as well as HIPAA or other laws.  Please contact your IT Partner, the IT Service Desk, or Information Security if you are in need of advice on how to best transfer sensitive data.

If none of the options above work for you, or if you have any questions, please contact the IT Service Desk or your IT Partner for further assistance.