Over the past weeks, I’ve been having a PM conversation with one of our users. He was replying via email and included some attachments for me to look at. Most of these were pdfs but one was a zip file and because zip files were not an allowed attachment type in authorized extensions
, that file was stripped from the PM. So far so good.
The problem is: we only found out today that I was missing that file. He was assuming that I had received all the files (including the zip file) and I was not aware that there was a zip file.
So I’d like to suggest that when discourse removes/ignores an attachment from an incoming email, that it makes this removal transparent in the post that the email produces. A minimal way of doing this would be to always list all attached file names at the end of the email but only render allowed attachments as hyperlinks. Of course, that is likely to raise questions so that it probably makes sense to add an explanation next to the non-linked file names, e.g. “(Attachment removed: unauthorized file extension)”, but since this problem is not likely to occur very often, it may suffice to leave it uncommented.
Related: Stripping incoming email attachments doesn't notify sender