Block attachments by MIME type or filename

We’re seeing a wave of infected zip files coming through. In the normal
course of business we get perhaps one legitimate zip file per year and a
few hundred infected ones. Any ideas on how to prevent our support staff
from downloading the zip files from tickets based on MIME type or filename?