Configure Attachment Filtering
.gif "Cc526518.chm_head_left(en-us,TechNet.10).gif") |
|
.gif "Cc526518.chm_head_right(en-us,TechNet.10).gif") |
Configure Attachment Filtering
By default, the Attachment Filter agent is not enabled on the computer that has the Hub Transport server role installed. To determine whether the Attachment Filter agent is enabled on a Hub Transport server, run the Get-TransportAgent cmdlet.
To enable the Attachment Filter agent if it is not enabled, run the following command: <pre IsFakePre="true" xmlns="https://www.w3.org/1999/xhtml">Enable-TransportAgent -Identity "Attachment Filter agent" </pre>
Add a New Attachment Filter Entry
Exchange Server 2007 lets you configure multiple attachment filters on each Edge Transport server. If you have more than one Edge Transport server that accepts e-mail that you want to filter, you must configure the same attachment filter on each Edge Transport server.
To add a new attachment filter that filters e-mail attachments that have a specific MIME content type, use the following command: <pre IsFakePre="true" xmlns="https://www.w3.org/1999/xhtml">Add-AttachmentFilterEntry -Name <MIMEContentType> -Type ContentType</pre>
For example, if you want to filter all JPEG images by using an attachment filter, run the following command on each Edge Transport server:
<pre IsFakePre="true" xmlns="https://www.w3.org/1999/xhtml">Add-AttachmentFilterEntry -Name image/jpeg -Type ContentType</pre>
To add a new attachment filter that filters e-mail attachments based on a file name or file name extension, run the following command: <pre IsFakePre="true" xmlns="https://www.w3.org/1999/xhtml">Add-AttachmentFilterEntry -Name <FileName> -Type FileName </pre>
For example, if you want to filter all e-mail attachments that have the file name extension EXE, run the following command: <pre IsFakePre="true" xmlns="https://www.w3.org/1999/xhtml">Add-AttachmentFilterEntry -Name *.EXE -Type FileName</pre>
Note
If you want to filter e-mail attachments that have a specific file name, you can specify that file name in the Name parameter when you specify the FileName value in the Type parameter. You must enclose the file name in double quotation marks if the file name contains a space.
Configure Attachment Filtering Behavior
You configure attachment filtering for each Edge Transport server role. All attachment filter entries that run on an Edge Transport server role use the same attachment filtering behavior. The following parameters are available on each Edge Transport server role to configure attachment filtering behavior:
- RejectResponse - This parameter specifies the string response that is included in the non-delivery report (NDR) message if an e-mail message that has a filtered e-mail attachment is returned to the sender.
- Action - This parameter specifies how attachment filtering handles an attachment that matches an attachment filter entry. The default value is Strip. Valid values include:
- Reject - Use this value to prevent both the e-mail message and attachment from being delivered to the recipient and to issue a NDR failure message to the sender.
- Strip - Use this value to remove the attachment from the e-mail message. This value allows the message and other attachments that do not match an entry on the attachment block list to be delivered to the recipient. A notification that the attachment was blocked is added to the e-mail message.
- SilentDelete - Use this value to prevent both the e-mail message and attachment from being delivered to the recipient. A notification that the e-mail message and attachment were blocked is not returned to the sender.
- ConnectorException - This parameter specifies a list of connectors that should be excluded from attachment filtering. Attachment filters are not applied to e-mail messages that are received through these connections.
To configure attachment filtering on an Edge Transport server role, use the Set-AttachmentFilterListConfig cmdlet. For example, the following command configures the RejectResponse parameter: <pre IsFakePre="true" xmlns="https://www.w3.org/1999/xhtml">Set-AttachmentFilterListConfig -Action-Reject -RejectResponse "The attachment you included in your e-mail message was not allowed. Your e-mail message cannot be delivered. Please remove the e-mail attachment, and send your message again." </pre>
Configure Attachment Filtering
Run the following command to create a new attachment filter entry: <pre IsFakePre="true" xmlns="https://www.w3.org/1999/xhtml">Add-AttachmentFilterEntry </pre> Run the following command to configure the behavior of attachment filter entries on a specific Edge Transport server role: FakePre-c2220180495b46f983cba96ab59b3b59-cf99929b3ed54746bad685269ab69a06
The following Exchange Management Shell commands enable you to modify the configuration settings of the Attachment Filter agent:
- Add-AttachmentFilterEntry
- Get-AttachmentFilterEntry
- Remove-AttachmentFilterEntry
- Get-AttachmentFilterListConfig
- Set-AttachmentFilterListConfig