This is a security feature of Discus. Imagine if your board were running on an NT server which allowed CGI scripts to be executed anywhere, and someone uploaded the "FORMAT.EXE" and then ran it. This would be bad. Discus prevents this from happening, thus making attachment uploading secure.

Recognized file types are configured with your attachments.conf file. Documentation for customizing that file can be found within the file itself. Any files with a MIME type not recognized with the attachments.conf file will be given the .unk extension, which stands for "unknown." This will prevent it from being executed as a script or posing other security risks to your server.

To learn how to add a new recognized MIME type, see How to add a new MIME type for attachment uploading.