Many of those are already include in the normal file type rule. Just check out the firs tab and the are listed
Like .bat and .com etc
You will need to be mindful on some of the other types. The sea uses true file type checking, you will not be able to explicitly make a mime type rule..
That been said the appliance can read mime files.
For example if you
Copy con file.exe
Test
‘Z
Then mime encode it as a .wav file.. first off the appliance will know that the file contains.. txt and exe and wav..
The appliance will also see that the file is actually a text file and only renamed to a .exe in this case it would also trigger a suspicious rule because the attachment does not match the ttf as its called a .wav file
In regards to scanning on the mime type as well, its kind of moot because its already triggered multiple ttf detections.
Only the full pure message for unix program will allow you to scan extension, ttf and mimetype and put it all into a single rule. For the sea, concentrate on file types and extensions ..
I would use a quarantine and continue action . This will deliver a message split with no attachment thus alerting the user and providing a way to release it.. keep in mind users can not release keywords or viruse rules ..
