Recently, I have started to receive many emails with *.docm attachments. One of my colleagues decided that this was the scan he have requested, opened it, and we’ve ended up with the content of his computer completely encrypted, as well as the content of our public folder. You can see the notification he received on the screen (please see below).

Anyway, a good practice is to always have a current backup, and store it with different credentials than regular users. So after successful restore we were up and running again.

However, I have wondered how to add a custom attachment type to the list of already existing attachment filter rules in Kerio Connect (current version 9.1). Looking at the configuration interface, it was not straight forward. All you have to do is just simply type in the extension you want to block, and choose the action (don’t forget to Apply afterwards).

Go to ‘Configuration’ -> ‘Attachment Filter’. Choose ‘Add’. Type in your description, and type your desired file extension you want to block instead of *.bin. That’s it. Don’t forget to Apply the changes.