Attachments are particularly prone to leaks and attacks and, with Gmail for Business, you can create rules to control them based on their type, name, and size so that you can define how they should be handled.
Gmail uses binary file-type detection for most common types to prevent users from trying to bypass the rules by changing the file extension. To get started, click on CONFIGURE to set up a new rule:
Let's start by adding a short description for this rule and then selecting the type of messages this rule should target:
The next step is to define what this rule will be targeting in the messages. You can create expressions that target attachments by type, name, or size. You must choose whether you need to make this rule active if any of the conditions are a match, or only when all the conditions are met, choose the one that you need, and click ADD to add a new expression. You can add many different expressions, even if they are of different types. This gives you great flexibility so you can be as broad or accurate as required:
- The first option is to match them by File Type. You will see a list of the supported file types, so just select the ones you wish to target. You can also define Custom file types. If you wish to add many file types, write them, separated by commas. By the way, there is no need to worry about executable files since they are rejected by default:
- The next option allows you to target attachments by File name by simply writing what you want to target as part of the filename. It's best to keep this as short as possible, but you can target numerous filename expressions if you so require:
- The last option is to target attachments according to their Message size. This will include both the body and all attachments and it will target all messages above the number of megabytes you write in the field, which must be a round number:
The last setting of an attachment compliance rule defines what must be done with messages that meets the rule's criteria, thereby allowing you to do any of the following:
- Modify message: Let it through, but with modifications, such as removing the attachment
- Reject message: Reject the entire message and send a notification back to the sender
- Quarantine message: Route the message to one of the quarantines so an administrator can choose what to do