Among the email attachment extensions that should not be opened at all, or if completely necessary, should be open in the special secure environment, are:
.reg Possible Windows registry attack
.chm Possible compiled Help file-based virus
.cnf Possible SpeedDial attack
.hta Possible Microsoft HTML archive attack
.ins Possible Microsoft Internet Comm. Settings attack
.jse Possible Microsoft JScript attack
.lnk Possible Eudora *.lnk security hole attack
.ma_ Possible Microsoft Access Shortcut attack
.pif Possible MS-Dos program shortcut attack
.scf Possible Windows Explorer Command attack
.sct Possible Microsoft Windows Script Component attack
.shb Possible document shortcut attack
.shs Possible Shell Scrap Object attack
.vbe or .vbs Possible Microsoft Visual Basic script attack
.wsc .wsf .wsh Possible Microsoft Windows Script Host attack
.xnk Possible Microsoft Exchange Shortcut attack
.scr Possible virus hidden in a screensaver
.bat Possible malicious batch file script
.cmd Possible malicious batch file script
.cpl Possible malicious control panel item
.mhtml Possible Eudora meta-refresh attack
Deny all other double file extensions. This catches any hidden filenames.
