Checking anti-malware policies on containers

Iron Contributor

Do we have an up-to-date list of the container types that Exchange Online Protection traverses to inspect the contents? The documentation describes the file types EOP recognises but the later FAQ only confirms that ZIP containers are traversed. A few years ago there was documentation confirming this was one of six types that were handled. Given that some of the other types now in the recognised list are somewhat ambiguous, I find it hard to believe that all of them are traversable.

1 Reply
Answering my own question, Microsoft will be understandably reticent about the full capabilities of their anti-malware system but the MFR documentation makes it plain what attachment types rules can traverse: