Default risk level for file attachments

Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista, WindowsXP

This policy setting allows you to manage the default risk level for file types. To fully customize the risk level for file attachments, you may also need to configure the trust logic for file attachments. High Risk: If the attachment is in the list of high-risk file types and is from the restricted zone, Windows blocks the user from accessing the file. If the file is from the Internet zone, Windows prompts the user before accessing the file. Moderate Risk: If the attachment is in the list of moderate-risk file types and is from the restricted or Internet zone, Windows prompts the user before accessing the file. Low Risk: If the attachment is in the list of low-risk file types, Windows will not prompt the user before accessing the file, regardless of the file's zone information. If you enable this policy setting, you can specify the default risk level for file types. If you disable this policy setting, Windows sets the default risk level to moderate. If you do not configure this policy setting, Windows sets the default risk level to moderate.

• User
  Do not preserve zone information in file attachments

  At least Windows XP Professional with SP2
• User
  Hide mechanisms to remove zone information

  At least Windows XP Professional with SP2
• User
  Inclusion list for high risk file types

  At least Windows XP Professional with SP2
• User
  Inclusion list for low file types

  At least Windows XP Professional with SP2
• User
  Inclusion list for moderate risk file types

  At least Windows XP Professional with SP2
• User
  Notify antivirus programs when opening attachments

  At least Windows XP Professional with SP2
• User
  Trust logic for file attachments

  At least Windows XP Professional with SP2