Email Security/Exchange Online - Ensure the Common Attachment Types Filter is Enabled

 










Summary

Users can easily block known and custom malicious file types from being attached to emails via the Common Attachment Types Filter.

Reason

If the known malicious files are blocked, then, it will obviously help in preventing malware-infested files from infecting a host.

What If?

The blocking of common malicious file types does not affect the modern computing environments.

How to?

To enable the Common Attachment Types Filter, use the Microsoft 365 Admin Center:
  1. Go to the Microsoft Admin Center and click Security.
  2. Under Email & collaboration > Policies & rules > Threat policies.
  3. Now, select Anti-malware and pick the highest priority policy.
  4. In the Edit tab under at the bottom click on Edit protection settings, check the Enable the common attachments filter. 

To enable the Common Attachment Types Filter, use the Exchange Online PowerShell Module:
  1. Connect to Exchange Online using Connect-ExchangeOnline.
  2. Now, run the following Exchange Online PowerShell command: 

Set-MalwareFilterPolicy -Identity Default -EnableFileFilter $true

Monitor:

To verify the Common Attachment Types Filter is enabled, use the Microsoft 365 Admin Portal:
  1. Go to the Microsoft Admin Center and click Security.
  2. Under Email & collaboration > Policies & rules > Threat policies.
  3. Now, select Anti-malware and pick the highest priority policy.
  4. In the Edit tab under Edit protection settings, verify that the Enable the common attachments filter has the value of 'On'.

To verify the Common Attachment Types Filter is enabled, use the Exchange Online PowerShell Module:
  1. Connect to Exchange Online using Connect-ExchangeOnline.
  2. Now, run the following Exchange Online PowerShell command: 

Set-MalwareFilterPolicy -Identity Default | Select-Object EnableFileFilter

      3. Now, verify that EnableFileFilter is set to True.












































Comments

Popular posts from this blog

Deployment (Part 3)

Deployment (Part 1)

Project Resourcing (Part 2)