This is what I found:

Oct 21 12:40:45 email amavis[163786]: (163786-18) Blocked BANNED (.exe,Tile-209537.iwa) {DiscardedInternal}, ORIGINATING LOCAL [31.166.67.11]:56544 [31.166.67.11] ESMTP/ESMTP <jasier@77-m.com> -> <hilal@77-m.com>, (ESMTPSA://[31.166.67.11]:56544), Queue-ID: 4CGQTZ0vSLz18J6m, Message-ID: <2CC8A4F6-DEA0-46E4-A4D7-BB1C2F5BE67F@77-m.com>, mail_id: t8FXPvg4hwXx, b: z4pEYfRs6, Hits: -, size: 8206244, Subject: "Fwd: (2 )Oct 2020 Payroll", From: <jasier@77-m.com>, X-Mailer: Apple_Mail_(2.3608.120.23.2.4), helo=[192.168.1.154], b.key=(?^mix:T=(9|386|LeChiffre|aaa|abc|aepl|ani|aru|atm|aut|b64|bat|bhx|bkd|blf|bll|bmw|boo|bps|bqf|breaking_bad|buk|bup|bxz|cc|ccc|ce0|ceo|cfxxe|chm|cih|cla|class|cmd|com|cpl|crinf|crjoker|crypt|cryptolocker|cryptowall|ctbl|cxq|cyw|dbd|delf|dev|dlb|dli|dll|dllx|dom|drv|dx|dxz|dyv|dyz|ecc|exe|exe-ms|exe1|exe_renamed|exx|ezt|ezz|fag|fjl|fnr|fuj|good|gzquar|hlp|hlw|hqx|hsq|hts|iva|iws|jar|js|kcd|keybtc@inbox_com|let|lik|lkh|lnk|locky|lok|lol!|lpaq5|magic|mfu|micro|mim|mjg|mjz|nls|oar|oc...
Oct 21 12:40:45 email amavis[163786]: (163786-18) ...x|osa|ozd|pcx|pgm|php2|php3|pid|pif|plc|pr|pzdc|qit|qrn|r5a|rhk|rna|rsc_tmp|s7p|scr|shs|ska|smm|smtmp|sop|spam|ssy|swf|sys|tko|tps|tsa|tti|ttt|txs|upa|uu|uue|uzy|vb|vba|vbe|vbs|vbx|vexe|vxd|vzr|wlpginstall|ws|wsc|wsf|wsh|wss|xdu|xir|xlm|xlv|xnt|xnxx|xtbl|xxe|xxx|xyz|zix|zvz|zzz)(,|\\t)), b.com=(?^mix:T=(9|386|LeChiffre|aaa|abc|aepl|ani|aru|atm|aut|b64|bat|bhx|bkd|blf|bll|bmw|boo|bps|bqf|breaking_bad|buk|bup|bxz|cc|ccc|ce0|ceo|cfxxe|chm|cih|cla|class|cmd|com|cpl|crinf|crjoker|crypt|cryptolocker|cryptowall|ctbl|cxq|cyw|dbd|delf|dev|dlb|dli|dll|dllx|dom|drv|dx|dxz|dyv|dyz|ecc|exe|exe-ms|exe1|exe_renamed|exx|ezt|ezz|fag|fjl|fnr|fuj|good|gzquar|hlp|hlw|hqx|hsq|hts|iva|iws|jar|js|kcd|keybtc@inbox_com|let|lik|lkh|lnk|locky|lok|lol!|lpaq5|magic|mfu|micro|mim|mjg|mjz|nls|oar|ocx|osa|ozd|pcx|pgm|php2|php3|pid|pif|plc|pr|pzdc|qit|qrn|r5a|rhk|rna|rsc_tmp|s7p|scr|shs|ska|smm|smtmp|sop|spam|ssy|swf|sys|tko|tps|tsa|tti|ttt|txs|upa|uu|uue|uzy|vb|vba|vbe|vbs|vbx|ve...
Oct 21 12:40:45 email amavis[163786]: (163786-18) ...xe|vxd|vzr|wlpginstall|ws|wsc|wsf|wsh|wss|xdu|xir|xlm|xlv|xnt|xnxx|xtbl|xxe|xxx|xyz|zix|zvz|zzz)(,|\\t)), b.rhs=DISCARD, b.parts=P=p023,L=1,M=multipart/alternative | P=p024,L=1/2,M=multipart/mixed | P=p003,L=1/2/2,M=application/octet-stream,T=zip,N=77AppsPayrollTemplate.pages | P=p146,L=1/2/2/122,T=exe,N=Tile-209537.iwa, P=p023,L=1,M=multipart/alternative | P=p024,L=1/2,M=multipart/mixed | P=p003,L=1/2/2,M=application/octet-stream,T=zip,N=77AppsPayrollTemplate.pages | P=p193,L=1/2/2/169,T=exe,N=DataList-185121.iwa, ..., 4487 ms

Oct 21 12:40:45 email postfix/amavis/smtp[176711]: 4CGQTZ0vSLz18J6m: to=<hilal@77-m.com>, relay=127.0.0.1[127.0.0.1]:10026, delay=12, delays=7.4/0/0/4.5, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=163786-18 - BANNED: .exe,Tile-209537.iwa)

Thanks for the response. The file type is actually an macOS file format called .pages and not an .exe
and it does not show up in the Quarantined Emails. Please advise

Thank you for that. it seems .iwa is a macOS file type. Can you please help me with the syntax as I am not familiar with Amasvid.