We currently have a selection of extensions that are not allowed to be sent or received via e-mail. This is defined in the anti-malware threat policy. I have discovered that if one of the blocked filetypes is added to a zip inside a zip, it is allowed to be delivered. (test.docm inside test.zip inside test.zip) Should this not be rejected? If I perform a single zip (test.docm inside test.zip), the email is rejected.