Trust logic for file attachments

Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista, WindowsXP

This policy setting allows you to configure the logic that Windows uses to determine the risk for file attachments. Preferring the file handler instructs Windows to use the file handler data over the file type data. For example, trust notepad.exe, but don't trust .txt files. Preferring the file type instructs Windows to use the file type data over the file handler data. For example, trust .txt files, regardless of the file handler. Using both the file handler and type data is the most restrictive option. Windows chooses the more restrictive recommendation which will cause users to see more trust prompts than choosing the other options. If you enable this policy setting, you can choose the order in which Windows processes risk assessment data. If you disable this policy setting, Windows uses its default trust logic, which prefers the file handler over the file type. If you do not configure this policy setting, Windows uses its default trust logic, which prefers the file handler over the file type.

No explicit registry values are set for enabled or disabled states.

• User
  Default risk level for file attachments

  At least Windows XP Professional with SP2
• User
  Do not preserve zone information in file attachments

  At least Windows XP Professional with SP2
• User
  Hide mechanisms to remove zone information

  At least Windows XP Professional with SP2
• User
  Inclusion list for high risk file types

  At least Windows XP Professional with SP2
• User
  Inclusion list for low file types

  At least Windows XP Professional with SP2
• User
  Inclusion list for moderate risk file types

  At least Windows XP Professional with SP2
• User
  Notify antivirus programs when opening attachments

  At least Windows XP Professional with SP2