Data protection policy that triggers MIME type has been applied to PDF or image files even though MIME type of attached files is not selected.
Listed MIME type: application/octet-stream
Not listed MIME type: application/pdf, image/png etc.
Email security cloud
Application/octet-stream is the default value for a binary file. The meaning of this MIME type is “unknown binary” file. It represents any kind of binary data.
Examples of the reasons that attachment files are detected:
Note: Even if the attachment file is detected as application/octet-stream, Data Protection detail report may not have a reference for the file detected. The report is designed to list attached files to the email, not a file that is found inside of the attachment.
To avoid unexpected trigger by application/octet-stream, instead of listing application/octet-stream in Attachment MIME Type List, use attachment Filename list condition with file extensions (e.g. *.exe, *.bin) and the MIME type list is recommended.
Example:
CONTAINS (2) Rule(s)
Rule 1
Attachment MIME Type List (excluding application/octet-stream)
OR
Rule 2
Attachment MIME Type List (application/octet-stream only)
AND
Attachment Filename List (executable file extensions)
Note: The presented solution is just recommendation and cannot be considered as authoritative configuration of Email security cloud because the final settings should be always adjusted by administrator to the end client needs.