As referenced in the Release Notes for release 10.5.1, in order to add a list of blocked attachments it is necessary to connect to Encryption Management Server with ssh and edit the file:

/etc/ovid/prefs.xml

Before editing the file, it is good practice to take a backup of it:

cp /etc/ovid/prefs.xml /var/lib/ovid/customization/prefs.xml.bak

The tag of the prefs.xml file that needs to be edited is this:

        <blocked-file-types />

This article contains the list of 115 file extensions that Microsoft Outlook blocks by default. In order to block these extensions, you would change the <blocked-file-types> tag to this. Note that multiple extensions are separated with a semi-colon:

        <blocked-file-types>ade;adp;app;asp;aspx;asx;bas;bat;cer;chm;cmd;cnt;com;cpl;crt;csh;der;diagcab;exe;fxp;gadget;grp;hlp;hpj;hta;htc;inf;ins;isp;its;jar;jnlp;js;jse;ksh;lnk;mad;maf;mag;mam;maq;mar;mas;mat;mau;mav;maw;mcf;mda;mdb;mde;mdt;mdw;mdz;msc;msh;msh1;msh2;mshxml;msh1xml;msh2xml;msi;msp;mst;msu;ops;osd;pcd;pif;pl;plg;prf;prg;printerexport;ps1;ps1xml;ps2;ps2xml;psc1;psc2;psd1;psdm1;pst;py;pyc;pyo;pyw;pyz;pyzw;reg;scf;scr;sct;shb;shs;theme;tmp;url;vb;vbe;vbp;vbs;vhd;vhdx;vsmacros;vsw;webpnp;website;ws;wsc;wsf;wsh;xbap;xll;xnk</blocked-file-types>

Hundreds of file extensions can be included in the <blocked-file-types> tag if required.

In a clustered environment, after saving your changes to the /etc/ovid/prefs.xml, ensure it is replicated to other cluster members by running this command:

pgprepctl file /etc/ovid/prefs.xml

Then restart the tomcat service with this command:

pgpsysconf --restart tomcat

When a Web Email Protection user clicks on the Add attachment button, browses to and selects a blocked attachment type and then clicks on the Attach button, this message is displayed:

The user can then either attach an acceptable attachment or cancel the operation.