Restricted file types

This page includes:

• Restricted file types
  • About restricted file types
  • Managing your set of restricted file types
  • Bulk import of restricted file types
  • Propagating "restricted file type" settings from a parent organization to child organizations
  • Bypassing restricted file type configurations

About restricted file types

Files of some types are particularly risky - they are prone to malicious content. For example, files of types such as .exe and .docx may be included in this category. To enhance security, you can configure Perception Point X‑Ray to restrict the entrance of files of such types into your organization - regardless of whether these files are clean or malicious. These file types are therefore called "restricted file types". A file that is of a "restricted file type" is called a restricted file. Restricted files cause the restricted verdict to be assigned to scans that are performed. The following scans are assigned the restricted verdict:

• Email: Scans of emails that include attachments that are in the list of restricted file types or URLs that include references to files that are in the list of restricted file types.

  Note: The "restricted files" functionality currently applies to the email integrations only, and not to any other integrated channels.

Note: Perception Point X‑Ray can detect restricted files even if they are: inside an attached archive file or zip file In a URL that is referenced inside the email inside a zip file that is located in a URL that is referenced inside the email In addition, the Perception Point X‑Ray "recursive unpacker" helps to detect restricted files, irrespective of the "level" at which the restricted files are located.

You can configure Perception Point X‑Ray to quarantine emails that are assigned the restricted scan verdict. For details, see Quarantine. When the scan of an email is assigned the restricted verdict - and the email is quarantined - the entire email is quarantined, not just the restricted attachment. After an email has been quarantined because it contains a restricted attachment, you can release the email in the same way that you release any quarantined email. For details, see Releasing a quarantined email.

If restricted files are not configured to be quarantined, then emails that include restricted files will be sent to the Inbox of the recipients.

Important: The Restricted file types functionality is available only if you have configured Perception Point X‑Ray to quarantine emails that are assigned the restricted scan verdict. For details, see Which verdicts cause quarantine.

You can manage a set of restricted file types for your organization - as described below.

Managing your set of restricted file types

Important: Management of Restricted file types is available only if you have configured Perception Point X‑Ray to quarantine emails that are assigned the restricted scan verdict. For details, see Which verdicts cause quarantine. The restricted file types that you configure affect all child-organizations as well. If you want restricted file types to apply to only a specific organization, select that organization in the Perception Point X‑Ray banner before configuring the restricted file types.

To view or manage the set of restricted file types for your organization:

1. In Perception Point X‑Ray, in the left navigation menu, select Account > Preferences.

2. Scroll down to the Restricted file types section.

   Important: The Restricted file types functionality is available only if you have configured Perception Point X‑Ray to quarantine emails that are assigned the restricted scan verdict. For details, see Which verdicts cause quarantine.

3. For each category, use the available controls to move file types [extensions] between the restricted and unrestricted lists.

   Note: If a required extension doesn't exist in a particular category, you can click Add File Extension to add the required file extension.

Bulk import of restricted file types

It is possible to perform a bulk import of restricted file types. This import procedure can be performed by Perception Point Support only. For assistance or more information, contact Perception Point Support [support@perception-point.io].

You can include the text template below in your email:

Subject: Bulk import of restricted file types
Hi Perception Point Support Team, Organization name: <Your org name> Please can you perform a bulk import of the restricted file types in the attached file. [Internal Reference: 1162] Please let us know when this has been done. Thank you

After Perception Point Support has performed the bulk import, check that the requested file types appear in the list of restricted file types for your organization.

Propagating "restricted file type" settings from a parent organization to child organizations

Restricted file type configurations that are set in a parent organization are NOT applied [propagated] to the child organizations. Restricted file type configurations that are required in a child organization must be configured for the child organization.

Bypassing restricted file type configurations

You may want to block all files with a specified extension, but allow these files if they come from a trusted sender. In this scenario:

1. Add the specified extension as a restricted file type.

2. Add the trusted sender to the Sender Email Address allowlist. Make sure to select "Allow all emails" for the Email allow options. For details, see Configuring the "sender email address / domain allowlist".

See also: 

• Scans