![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 70%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
5,081 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 91%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJZ%3C/text%3E%3C/svg%3E)
Hi @RobM,
Welcome to the Microsoft Q&A platform!
According to your description, it seems like you are dealing with a scenario where Microsoft Exchange or an email security gateway is flagging an email due to its attachment policies, potentially due to a file type that is not allowed per your organization's email policies.
The "cid:" part in the file name indicates that this "attachment" is actually a Content-ID, which is used in HTML emails to embed images (or other files) directly within the email rather than attaching them separately. These embedded images are part of the email's MIME content and are not typically considered attachments in the traditional sense; however, some security systems might still flag them because they technically are files being sent along with the email.
If these are false positives and you want to accommodate such files, you would need to adjust your email security gateway or Exchange transport rules to allow these types of embedded images. Here's how you might approach this:
- Check your current email attachment policies to understand why these types of emails are being quarantined. It might be due to size, file extension, or some other filter that is interpreting the embedded content incorrectly.
- Adjust your transport rules to allow certain types of content. Be cautious with this, as you don't want to inadvertently allow actual malicious content through.
- If these emails are coming from a trusted source, you might consider whitelisting the sender or domain to prevent these emails from getting flagged.
- If the quarantine is due specifically to a block on certain file types, you can modify the rule to allow the specific file type in question or to handle embedded content differently.
Please feel free to contact me if you have any queries.
Best,
Jake Zhang