IMail - Rules to filter file attachments

Question/Problem: How do I filter incoming attached files that could possibly contain a virus?

Answer/Solution: Create Inbound Rules to filter messages that contain attachments.
1.) Click on the hostname in IMail Administrator and select the Inbound Rules tab.
2.) Click Add
3.) From the dropdown box, select "If the Body text".
4.) In the text box, paste the following: name=.{1,64}\.scr
(That is, filter messages if name= is followed by .scr within the next sixty four characters.)
5.) Click Add Condition
6.) Select the action to be taken.

Create additional Rules for the other file extensions you want to filter:

name=.{1,64}\.exe
name=.{1,64}\.vbs
name=.{1,64}\.shs
name=.{1,64}\.com

(That is, filter messages if name= is followed by .com within the next sixty four characters. The initial "." means "match any character". This is qualified by {1,64} so that it is changed to "match one to 64 occurrences of any character. It is further qualified by the last part of the expression "\.exe". The \ is used to escape the dot character so that you are telling the engine to look for a dot as a literal character, not an operator, as the dot was used earlier versions.)

(Versions before 8 do not support the {1,64} syntax. Use name=.*\.exe instead.)

You will need to specify the subfolder where you would like the mail to go; if you want the mail deleted, enter NUL in the "send to mailbox" field.

See this article for more details:
IMail - How to use Rules to clean up SPAM mail

IMail Server 8.2 User's Guide - Using Delivery Rules to Filter Spam

Some mail clients start the attached file line with "begin 6" rather than "name=".

begin 6.{1,64}\.exe
begin 6.{1,64}\.scr
begin 6.{1,64}\.vbs
begin 6.{1,64}\.shs
begin 6.{1,64}\.com

Note that Filtered messages can be directed to a sub-mailbox, (spambox.mbx) in the user's folder for the user to whom the message was addressed. You can point a rule to NUL (instead of a sub-mailbox such as spambox) if you want filtered messages to be deleted.

2.) You can manually write the rule into a text file named rules.ima. (This file should be in the Top Directory for your domain(s) or it can be in the mailbox directories for individual users.) You will need the complete Rule format in the rules.ima file:

B~name=.{1,64}\.exe:spambox