Gmail is going to stop people from sending JavaScript (.js) attachments in emails starting from February 13 this year. The move has come about because of security concerns regarding the safety of the files.
Google already blocks attachments like Windows executables (.exe), batch files (.bat), and Microsoft Saved Console files (.msc) from being sent via Gmail. Now JavaScript files will join this list. Post February 13, attempting to send a .js file will trigger a warning stating that some file types are blocked because they may spread viruses.
Senders are set to get a bounce message explaining why the email was blocked for inbound mail. Google is advising people who want to send non-malicious .js files to utilize storage solutions like Google Drive or Google Cloud Storage to do so.
Also Read: Google Chrome now reloads pages 28% faster than before
JavaScript attachments are especially hazardous since they run directly inside Windows Script Host automatically. Google notably hasn’t said anything about what will happen if a consumer receives an email containing such a file.
Gmail already has a number of safeguards in place to protect the safety of users. A visual indicator tool showcases a question mark sign if an individual receives a message from someone who can’t be authenticated by either Sender Policy Framework (SPF) or DKIM. It’s meant to act as protection against spam.
Another tool focuses on warning Gmail patrons about unsafe links in an email. URLs to known malware or phishing sites instantly prompt up an alert warning them away from the page.