We occasionally get these emails that are obviously spam but they somehow make it through Mail Security for Exchange. I want to create a rule in Symantec Mail Security for Exchange that will block/reject anything with an attachment that shows up with an extension of *.zip.txt. For example, one type that i have seen says it comes from Intuit (again, its obviously a spam) but it has an attachment named Payroll.zip.txt, or an attachment named FAX_2618363_263836.zip.txt
I'll see these spams from time to time with increased frequency and then they seem to disappear for a while, and then a few weeks or a month later I'll see a bunch more. I figured that the Mail Security definitions might handle these to some degree, but it seems the spammers may be figuring out ways around the filters after a while
I believe that SEP on our client machines will block these if someone inadvertently tries to open/execute the attachment, but i would just rather they not come through at all. I don't want to outright block .zip files, since we do have legitimate cases where we might receive these, also blocking .txt is not really an option either. Can I create a rule that will recognize the *.zip.txt pattern while still allowing Mail Security to process zip and txt files as usual?
We are running version 7.0.1.66 at the moment