UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36

Steps to reproduce the problem:
Would be great to have a GPO that would block certain file type downloads, e.g. .exe, .vba, .xlsm, etc.

These are a major attack vector currently for virus's, typically as download links in phishing/scam emails.

Would also be great to have a domain whitelist, to allow downloading of these file types from whitelisted domains.

Scenario example: block all macro enabled excel files (.xlsm), except those from whitelisted domain 'adobe.com'.

What is the expected behavior?

What went wrong?
N/A, feature request.

Did this work before? N/A 

Chrome version: 67.0.3396.99  Channel: stable
OS Version: 10.0
Flash Version: 

Would shut down a lot of attack vectors currently used.