ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Unexpected attachment files are triggering Data Protection policy due to MIME type: application/octet-stream

book

Article ID: 172484

calendar_today

Updated On:

Products

Email Security.cloud

Issue/Introduction

Data protection policy that triggers MIME type has been applied to PDF or image files even though MIME type of attached files is not selected.

 

Listed MIME type: application/octet-stream

Not listed MIME type: application/pdf, image/png etc.

 

Cause

application/octet-stream is the default value for a binary file. The meaning of this MIME type is “unknown binary” file. It represents any kind of binary data.

 

Examples of the reasons that attachment files are detected:

  1. There is no file extension.
  2. There is no applicable MIME type for a file that is found within a PDF file.

 

Note: Even if the attachment file is detected as application/octet-stream, Data Protection detail report may not have a reference for the file detected. The report is designed to list attached files to the email, not a file that is found inside of the attachment.

 

Resolution

To avoid unexpected trigger by application/octet-stream, instead of listing application/octet-stream in Attachment MIME Type List, using attachment Filename list condition with file extensions (e.g. *.exe, *.bin) and the MIME type list is recommended.

 

Example:

CONTAINS (2) Rule(s)
Rule 1

Attachment MIME Type List  (excluding application/octet-stream)

OR
Rule 2

Attachment MIME Type List  (application/octet-stream only)

AND

Attachment Filename List  (executable file extensions)