We are looking at using our Ironport system to block attachments and move them to Policy Quarantine. We currently use another product but the licensing will expire shortly.
In looking at using the Ironport, we have ran into some issues of it not quarantining everything that we want. We have setup the Incoming Content filter to use the "File Info" for Executables, but it is not quarantining everything. Some of the things not put in quarantine are files with the following extension: .com, .bat and .reg just to name a few.
In our environment, we don't allow executables and multimedia files to be received directly by our users. We would like to know what others are doing in this situation and is there a "plug-in" that can be added to quarantine more attachments?