MailChannels’ blocked attachment policy is consistent with the policies of major providers such as Gmail, Microsoft Outlook, Yahoo, and others. For reference, see Gmail’s blocked attachments policy.
Blocked file extensions
The following attachment file extensions are blocked on both inbound and outbound mail:ade | adp | apk | appx | appxbundle |
bat | cab | chm | cmd | com |
cpl | diagcab | diagcfg | diagpkg | dll |
dmg | ex | ex_ | exe | hta |
img | ins | iso | isp | jar |
jnlp | js | jse | lib | lnk |
mde | mjs | msc | msi | msix |
msixbundle | msp | mst | nsh | pif |
ps1 | scr | sct | shb | sys |
vb | vbe | vbs | vhd | vxd |
wsc | wsf | wsh | xll |
Why these file types are blocked
These extensions are associated with files that can run code or alter system behavior:| Category | Extensions |
|---|---|
| Executables and installers | exe, msi, appx, apk, dmg, iso, cab |
| Scripts and macros | js, vbs, ps1, jse, vb, wsf |
| Shortcuts and control files | lnk, cpl, msc, pif |
| Virtual disks and images | iso, img, vhd |
| Java-related files | jar, jnlp |
| Diagnostic and config packages | diagcab, diagcfg, diagpkg |
| Libraries and system files | dll, sys, lib, xll, vxd |
How blocking works
When MailChannels detects a blocked file type as an attachment, the message is rejected during the SMTP transaction and the sender receives a bounce (NDR) containing an error such as:Safe alternatives
Instead of emailing blocked file types, use one of the following approaches:- File-sharing services — use enterprise cloud storage, managed SFTP, or a secure portal to share files with intended recipients.
- Code and scripts — share as text snippets via a developer platform, repository, or collaboration tool rather than attaching executables.
- Restrict access to intended recipients only.
- Set an expiration date on the shared link.
- Enable download notifications where available.
- Avoid public links unless necessary.
Troubleshooting
If your message was rejected due to a blocked attachment:- Do not attempt to bypass the block by renaming the file extension or placing it in a weakly-protected archive — archives may still be scanned and blocked.
- Use an approved file-sharing method instead.
- If you believe the file was blocked in error, contact support with the original file name, timestamp, sender and recipient addresses, and the full bounce message text.