It seems that there are always new file extensions being added to the blacklist on our antivirus software and email filtering programs. There is a running list of the standard "dangerous" file types- EXE, SCR, EML, BAT, PIF, etc., etc.
A few months back a virus was going around (Korvar or Winevar) which automatically added CEO as an executable file extension in the registry. Nothing much happened with that virus, but it led to the question of how many people may now be able to execute a CEO file and not even know it?
Sometime down the road a new virus could be written to take advantage of the fact that there are computers out there that will execute a CEO file and that most antivirus and email filters won't block a CEO file.
So, here is the question: instead of adding each new file type that becomes a threat to the blacklist, wouldn't it be easier to block email attachments by default and set up a white list of the 2 or 3 file types you feel are safe?
In my opinion it makes sense. From what I can see though the current email and antivirus software just isn't set up for that kind of system. They are set up to work on the blacklist system.