Categories
Microsoft 365

How to: add any filetype to your anti-malware policy

It is easily to select some filetypes to block for inbound email in an Exchange Online anti-malware policy. But what if the filetype you want to block is not listed? I will explain in this post how to block them.

Cause

You have configured an anti-malware policy in Exchange Online and selected the filetypes that you want to block for inbound email. But during the selection of filetypes, you notice that not all filetypes are listed that you want to block. Like a .dmg file for your Mac users or an .doc file that may contains a VB- script.

Solution

The solution is PowerShell. You can only add those unwanted filetypes by connecting to the Exchange Online PowerShell. In this case we will add and remove filetypes from the ‘default’ anti-malware policy. If you got a custom anti-malware policy, just rename ‘default’ into your anti-malware policy name.

First run:

(Get-MalwareFilterPolicy -Identity Default).FileTypes

Now you have all your filetypes that you select in the GUI, you notice that you do not see a dot before the filetypes. Do not add a dot when adding filetypes to the policy with PowerShell. In the following command we will add ‘dmg’ and ‘doc’ to the ‘default’ anti-malware policy.

$Values = (Get-MalwareFilterPolicy -Identity Default).FileTypes
$Values += "dmg","doc"
Set-MalwareFilterPolicy -Identity Default -EnableFileFilter $true -FileTypes $Values

To check the current FileTypes again:

(Get-MalwareFilterPolicy -Identity Default).FileTypes

To remove a FileType from the anti-malware policy we need PowerShell also to get this job done by running:

$Values = (Get-MalwareFilterPolicy -Identity Default).FileTypes
$Values.Remove("doc")
Set-MalwareFilterPolicy -Identity Default -EnableFileFilter $true -FileTypes $Values


Share this: