File Extension File Type | Microsoft 1 specification

		Chapter 5: Protection 79

	File Extension	File Type
	.msp	Microsoft Windows Installer patch

	.mst	Microsoft Visual Test source files

	.pcd	Photo CD image, Microsoft Visual compiled script

	.pif	Shortcut to MS-DOS programs

	.reg	Registration entries

	.scr	Screen saver

	.sct	Windows script component

	.shb	Shell Scrap object

	.shs	Shell Scrap object

	.url	Internet shortcut

	.vb	VBscript file

	.vbe	VBscript encoded script file

	.vbs	VBscript file

Note: Not all attachments considered to be dangerous are blocked by this patch. For example, the Microsoft Access file types .mda and .mdz are not blocked, nor are zipped versions of any of the above files.

It is good practice to quarantine all suspect content, where it can be examined individually before deciding whether it can be safely passed on or not.

While this security patch can be useful in preventing the use of unauthorized attachments, it is important to remember that for it to work across the user community, it depends on everyone using a client with the patch. Therefore, to be fully protected you would need to ensure not only that MAPI clients each contained the patch, but also prevent access via POP3, IMAP4, or HTTP.

For more information about the Outlook Security Patch, see the knowledge base article Q262631.

Many organizations prohibit the receipt of scripts written in Microsoft Visual Basic® Scripting Edition (VBScripts) through e-mail. If you choose to do this, it will not prohibit those who want to receive and run VBScripts from doing so, for they can simply ask the sender to use a different file extension and then change it back to .vbs on arrival. It will, however, prevent the running of VBScripts that have not been pre-arranged. If you wish to go further in preventing the effects of VBScripts, you will need to prevent them from running at the client at all.

Again, the best way of dealing with the threat of attachments is to educate the user community.

Image 87

Microsoft 1 manual File Extension File Type

Contents

Version Exchange 2000 Operations Guide Isbn Contents Enterprise Monitoring Change and Configuration Management Protection SupportGlossary Page Vii Content LeadKey Authors ReviewersPage Microsoft Operations Framework MOF Introduction SLA Efficiency, Continuity, and Security How to Use This Guide Efficiency Continuity Capacity and Availability Management Chapter Outlines Protection Planning and Deployment Features Service Level Agreements Performance Recovery Related Topics SummaryPage Capacity and Availability Management Chapter Sections Capacity Management Capacity and Availability Management Microsoft Exchange 2000 Operations Version Availability Management Service Hours Minimizing System Failures Service Availability Decreasing Single Points of Failure Increasing the Reliability of Exchange Minimizing System Recovery Time Performance Tuning Making Changes to the Registry No Performance Optimizer Optimizable Features Tuning Considerations Tuning the Message Transfer Agent MTAUpgrading from Exchange 5.5 to Exchange Mailroot Directory Location Tuning Smtp Transport Smtp File Handles Hkeylocal Store and ESE Tuning Online Store MaintenanceActive Directory Checking Message Deletion and Online Defragmentation Online Backups First Storage Group Choosing the Correct Maintenance Strategy Store-Database Cache Size Extensible Storage Engine ESE Heaps Microsoft Exchange 2000 Operations Version Log Buffers Tuning Active Directory Integration Type SET Maxactivequeries to 40 and press Enter Tuning Outlook Web Access OWA Setting OWA Properties Hardware Upgrades Page Change and Configuration Management Change Management PrerequisitesDefining Change Type Request for Change Is Submitted to Change Manager Change Is Passed to IT Executive Committee for Approval Change Manager Assesses the RFC Change Process Evaluation Change Is Passed to the Change Owner Scripting Minor and Standard Changes Minor and Standard Changes Security Software Control and DistributionDocumentation Configuration Management Tools for Configuration Management Configuration Management and Change ManagementConfiguration Items Microsoft Exchange 2000 Operations Guide Version Hardware Server Printer Software Exchange Hotfix Configuration Management Relationships Nine Configuration Items with Relationships Between Them Maintaining the Configuration Management Database Defining Configuration ItemsConfiguration Management and Exchange Ownership Change Management Security BackupAdministering System Policies Exchange System Policies Summary Enterprise Monitoring System Monitor Performance Monitoring Exipc Exchange 2000 Objects and Counters to Monitor Smtp Service or Resource Performance Object MSExchangeIS Mailbox and MSExchangeIS Public Information Store CountersSmtp Server MSExchangeIS MSExchangeMTA and MSExchangeMTAConnections Windows 2000 Objects and Counters to Monitor MSExchangeIM Virtual ServersMSExchangeAL Subsystem Object Counter Exchange Comments Subsystem Object Counter Exchange Comments Centralized Monitoring Event Viewer Event Monitoring Centralized Event Monitoring Log Files Adding Services to the Default Configuration Availability MonitoringMonitoring and Status Tool Notifications Monitoring Resources Centralized Availability Monitoring StatusDisabling Server Monitoring Client Monitoring Summary Page Chapter End Point Chapter Start Point Protection Against Hacking Firewall Operations Maintaining Firewall Availability Dealing With Security Breaches Source Destination Service Protocol and portAnti-Virus Measures Monitoring Against Hacker Intrusion Staying Current Dealing With Virus Infection File Extensions and File Types Blocking Attachments at the Client File Extension File Type Backing Up Disaster Recovery Procedures Protection Disk Imaging Offline Backup To connect an Exchange 2000 mailbox to another user Recovering Individual MessagesRecovering Lost Mailboxes Restoring Recovering Exchange Stores and Storage Groups Recovering Exchange After Active Directory Failure Full Exchange Server Recovery Alternate Server Recovery Recovery Testing Summary Page Support Reducing End User Support Costs Providing Support for End Users Support Problem Reporting Notifying Users Dealing with User Problems Exchange Problem Management Support Summary Active Directory Services Interfaces Adsi Access Control Entry ACEAccess Control List ACL Active Directory Connector ADC Asymmetric Cipher Administration groupActiveX Data Objects ADO Adsi Edit Collaboration Data Objects CiphersClear item Collaboration Data Objects CDO for Windows Connection Agreement CA Conferencing Management Service CMSConfiguration Connection Agreement ConfigCA Conference Technology Provider CTP Domain controller Domain modeDomain Name Services DNS Domain tree DSAccess Epoxy Exchange Conferencing Services ECSEnterprise Encryption Forest also known as enterprise Event ServiceExipc formerly known as Epoxy Extensible Storage Engine ESE also known as JET Instant Messaging IM Installable File System IFSGroup Hash Functions Link State Algorithm LSA Internet Messaging Access Protocol version 4 IMAP4Lightweight Directory Access Protocol Ldap Joint Engine Technology JET Metabase Metabase update serviceName Service Provider Interface Nspi Messaging Application Programming Interface Mapi Post Office Protocol version 3 POP3 Outlook Web AccessOpaque item Policy Resource mailbox Recipient Update Service RUSRemote Procedure Calls RPC Resource Routing Engine Routing Group Connector RGCRouting service Routing group Simple Message Transfer Protocol Smtp SchemaSecure Hash Algorithm version Security principal Store Site Replication Service SRSSite Consistency Checker SCC also known as the Skcc Storage group User Principal Name UPN System attendant120 User Web-DAV Web Storage System509