Unexpected attachment files are triggering Data Protection policy due to MIME type: application/octet-stream
search cancel

Unexpected attachment files are triggering Data Protection policy due to MIME type: application/octet-stream

book

Article ID: 172484

calendar_today

Updated On: 02-19-2025

Products

Email Security.cloud

Issue/Introduction

Data protection policy that triggers MIME type has been applied to PDF or image files even though MIME type of attached files is not selected.

 

Listed MIME type: application/octet-stream

Not listed MIME type: application/pdf, image/png etc.

 

Environment

Email security cloud

Cause

Application/octet-stream is the default value for a binary file. The meaning of this MIME type is “unknown binary” file. It represents any kind of binary data.

 

Examples of the reasons that attachment files are detected:

  1. There is no file extension.
  2. There is no applicable MIME type for a file that is found within a PDF file.

 

Note: Even if the attachment file is detected as application/octet-stream, Data Protection detail report may not have a reference for the file detected. The report is designed to list attached files to the email, not a file that is found inside of the attachment.

 

Resolution

To avoid unexpected trigger by application/octet-stream, instead of listing application/octet-stream in Attachment MIME Type List, use attachment Filename list condition with file extensions (e.g. *.exe, *.bin) and the MIME type list is recommended.

 

Example:

CONTAINS (2) Rule(s)
Rule 1

Attachment MIME Type List  (excluding application/octet-stream)

OR
Rule 2

Attachment MIME Type List  (application/octet-stream only)

AND

Attachment Filename List  (executable file extensions)

 

Note: The presented solution is just recommendation and cannot be considered as authoritative configuration of Email security cloud because the final settings should be always adjusted by administrator to the end client needs.