For those of you with local spam filters or the ability to add custom extensions to block, here is a list of extensions you may consider blocking in your spam filter policy
Block these attachment types at the spam filter.
*.ade *.adp *.arj *.asx *.bas *.bat *.cab *.chm *.cmd *.com *.cpl *.crt *.hlp *.hta *.inf *.ins *.jar *.js *.jse *.jsp *.lib *.lnk *.mdb *.mde *.msi *.msp *.nsc *.pcd *.pif *.pptm *.ps1 *.reg *.rwa *.scr *.sct *.shs *.vb *.vbe *.vbs *.wmd *.wsc *.wsf *.wsh
Additionally you may consider scanning these closer, quarantining, or blocking:
*.rar (block any that are encrypted/can not be scanned) *.zip (block any that are encrypted/can not be scanned) *.pdf (block any that are encrypted/can not be scanned) *.xlsm (macro enabled xls) *.docm (macro enabled docs) *.doc (block any that are macro enabled if possible)