Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.enneo.ai/llms.txt

Use this file to discover all available pages before exploring further.

Enneo automatically evaluates each file attachment based on its MIME type and — if technically available — its actual file type. The result is a risk class that controls how the system deals with the attachment: in storage, display, and transmission.

Risk Classes

Each attachment is assigned to one of three classes:
  • safe — File types that are considered harmless (e.g., PDF, DOCX, XLSX, JPEG, PNG, MP3, MP4). These files are stored and displayed normally.
  • risky — File types with increased risk potential (e.g., ZIP, RAR, 7z, TAR, EML, application/octet-stream). These files are stored, but a warning message is displayed to the user before opening.
  • dangerous — Executable or potentially malicious file types (e.g., EXE, MSI, Binary). These files are not stored; the attachment is replaced with a text file that includes a notification.
If the MIME type cannot be assigned to any of the lists, the system automatically classifies the attachment as risky. In addition to checking the MIME type, it is checked whether the file is marked as executable on the file system. If so, regardless of the MIME type, it is treated as dangerous.

System Behavior

During Email Import:
Dangerous attachments (dangerous) are not stored in the system. Instead, Enneo creates a text file that informs the user about the removal. The original content is lost. For outgoing messages and notes:
When adding attachments to a reply or internal note, the system checks the risk class before storing. For unauthenticated contexts (e.g., through the external API without a profile), both risky and dangerous are blocked. For authenticated users, only dangerous is blocked. In the User Interface:
Attachments of the risky class can be opened, but a confirmation dialog is displayed before opening. Attachments of the dangerous class are disabled and cannot be opened.

Configuration

The three lists — Safe, Risky, Dangerous — can be configured in the settings under Advanced Settings → General → Attachment Security List. Each list contains MIME type strings. Changes immediately affect the behavior for newly incoming emails and file uploads; existing attachments are not reclassified retroactively.
Archive formats like ZIP or RAR are classified as risky by default because their content cannot be checked without decompressing. In environments where such formats are regularly and legitimately used, a shift to the safe list might be practical — but should be consciously decided.

Classification

Attachment Security does not replace antivirus infrastructure. It provides a structured first filter layer based on known MIME types and protects from accidentally storing or opening obviously dangerous file formats. For higher security requirements, subsequent verification at the network level or by a virus scanner should take place.