Because of the increasing number of malicious worms hidden inside electronic mail (email) attachments, computer networks typically operate in a restricted mode. For example, a gateway server within a computer network may control access to the computer network from a public network or other private networks. The gateway server may be used to block emails that include attachments with particular file types. The emails that are blocked generally include those types of attachments that are identified as potentially transporting and hiding malicious code (Mal-Ware) or internet based worms or viruses. For example, a computer network may operate to automatically block all emails that include .exe, .scr. pif, zip files, or other executable attachments and files. The blocking of the emails prevents the malicious files from being executed or opened, which in turn prevents the activation of the worm or virus.
In the restricted mode, the gateway server may operate to block, or quarantine, emails with such types of attachments when entering or leaving the computer network. In some cases, neither the email nor the attachment is ever received by the desired recipient. In other cases, the gateway server may strip the email of the attachment before sending the email to the desired recipient. While some of the attachments may contain viruses, others may contain legitimate business-related software or data. Thus, conventional modes of restricting email attachments simply by stripping all files of a certain type, may impede the communication of genuine business or other legitimate email.