A content filtering rule to block based on attachment name with a list of extensions (*.vb, *.ca, for example) has been configured in Symantec Mail Security for Microsoft Exchange (SMSMSE), but files without those extensions are blocked.
Event Type: Warning
Event Source: Symantec Mail Security for Microsoft Exchange
Event Category: Content Enforcement Rules
Event ID: 291
Description: The message "None" located in Administrator/Drafts has violated the following policy settings: Scan: Auto-Protect
Rule: Example rule
The following actions were taken on it: The attachment "myfile.vbs " was Quarantined for the following reason(s): A Filtering Rule was violated.
Mail Security for Exchange 7.10
When configuring a new content rule, the option for "Whole Term" is disabled by default. The Whole term adds padding at the end of the extention so the system reads it as *.VB<space>, i.e., a third character in the string.
So file extensions are matched at the end of a file name and not in the middle.
For versions prior to 7.9:
Enable the Whole Term option in the rule: