Email File Attachments
Breaking down files
Files such as spreadsheets, presentations and word documents make it easier to hide malicious code. A spam proxy firewall should be capable of completely breaking these down, analysing all components and identifying all threats. Most spam firewalls offer deep recursive analysis technology to break down all container files, analysing each one independently and taking appropriate action via content blocking policies.
Commonly used are zipped attachments. Zipped files can contain any type of file, possibly including file types not allowed through the spam proxy firewall. So being able to unzip a file no matter how deeply nested it is, and checked for all of its content is crucial. Also attachments such as Word documents can contain malicious embedded objects such as macros, html links, java scripts, other scripts and so spam proxy firewalls should be able to check this type of content as well.
Wikipedia's guide to Email Attachments