we extended TE´s file blocking capabilities since engine version 6.14 (Threat Emulation Engine Update - What's New? )- here is how to use it:
How to configure Threat Emulation blade to block files according to file types
You need to enable "plain" context in case you want to block file types directly attached to e.g. an email:
Enabling plain prohibited file types
Enabling the prohibited file types feature in plain context.
On the Security Gateway, run the following command:
[Expert@HostName:0]# tecli advanced prohibited enable_plain 1