File Access Control allows upload

we are currently trying to implement some restrictive file access rules.
If possible we would like for some users to only upload Office-Documents (xls, xlsx, doc, docx) and create folders as well. All other operations should return an error or forbidden message.

However the behaviour is really odd and it seems to be possible to create files of all mime types. Editing, deleting, etc is then blockd.
Is there an option to also block the upload of such files? I am uploading through the web interface.