Safe Attachments

Malicious users are always looking for ways to hide their payload inside naive-looking attachments. For instance, an employee in your accounting department is more likely to open a PDF document if the names appear to be an invoice.

Starting v6.7, Xeams allow users as well as administrators to look inside an attached document safely by converting the attachment to plain text. This mean the converted document will not contain any:

  • Macros
  • Embedded Attachments
  • HTML links
  • JavaScripts

Supported Documents

Following file extensions are supported.
ExtensionsDescription
*.doc, *.docx, *.dot, *.dotx Microsoft Word Files
*.xls, *.xlsx, *.xlt, *.xltx Microsoft Excel Sheets
*.ppt, *.pptx Powerpoint Presentations
*.pub Microsoft Publisher
*.pdf Adobe PDF
*.rtf Rich Text Format
*.txt, *.eml, *.log, *.csv Plain text.
*.zip, *.tar, *.jar, *.gz, *.7z, *.ar, *.arj Compressed archives.
winmail.dat Attachments file occasionally created by Outlook.

How to View

  • Log in to the web interface. This feature is available for both admin as well as non-admin users.
  • Search the desired message
  • Click the subject of the message to display its contents
  • If the attachment is supported, you will see a link that says: View as Text. See image below.
    View Attachments as Text

Conversion Errors

Often spammers masquerade the actual document by changing their file extension. For example, someone can create a harmful macro in MS Excel and change the file extension to *.CSV, which is a harmless extension. Therefore, if someone renames an Excel document with *.csv as file extension, MS Excel will still be able to open it and run the macro. This happens because MS Excel is very forgiving in terms of formatting errors. Xeams on the other hand is very strict. An Excel spreadsheet renamed as CSV will only display garbage data.

Another example is to create an MS Word document but rename the file extension from *.docx to *.rtf. MS Word will open this renamed document without any problem. However, trying to open the same document in Xeams will result in an error.

Bottom line: If Xeams is not able to open a document, there is a very good chance deceptive tricks are used by the sender and therefore, it is recommended not to open it.

Text Formatting

The goal of this feature is to peek into an otherwise, richly formatted document without opening it. Therefore, the format of the exported text is often entirely different from the actual document.