Solved

Blocking certain file attachments, Exchange 2007

Posted on 2010-08-20
17
2,212 Views
Last Modified: 2012-06-27
We use and Exchange 2007 Server with Forefront (both on SP1......I'm upgrading next week!)  I want to be able to block certain file attachments to cut down on some of the rubbish we have been getting (Namely HTML, ZIP and RAR).  Forefront has a file filter, I have enabled it for ZIP but they still come through....there is no such checkbox for HTML or RAR.  How do I do this?
0
Comment
Question by:-Juddy-
  • 8
  • 4
  • 4
  • +1
17 Comments
 
LVL 3

Author Comment

by:-Juddy-
Comment Utility
Sorry, that's 'an Exchange server' not 'and'.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
Comment Utility
0
 
LVL 3

Author Comment

by:-Juddy-
Comment Utility
Applies to: Exchange Server 2010
0
 
LVL 33

Expert Comment

by:Todd Gerbert
Comment Utility
I didn't catch that... a Google search for "exchange 2007 attachment filter" turned up that Experts Exchange question, which was specifically asked for 2007 and the asker accepted the answer - so I just assumed it was correct. ;)
At any rate, the second entry in that Google search turned up http://technet.microsoft.com/en-us/library/aa997139(EXCHG.80).aspx (looks like the commands are the same anyway).
0
 
LVL 3

Author Comment

by:-Juddy-
Comment Utility
It appears that this only works on an Edge server.....we just have a hub server....drat.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
Comment Utility
You mean you have a single Exchange server, or you don't have control over the Edge server - just the Hub Transport server?

0
 
LVL 7

Expert Comment

by:Waseems
Comment Utility
from powershell run the following command
Enable-TransportAgent -Identity "Attachment Filter agent"

then

Add-AttachmentFilterEntry -Name *.RAR -Type FileName
Add-AttachmentFilterEntry -Name *.ZIP -Type FileName
0
 

Expert Comment

by:hamadaabdelkader
Comment Utility
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 33

Expert Comment

by:Todd Gerbert
Comment Utility
The link I posted above says:
By default, the Attachment Filter agent is enabled on the computer that has the Edge Transport server role installed... To enable the Attachment Filter agent if it is not enabled, run the following command: Enable-TransportAgent -Identity "Attachment Filtering agent"
That doesn't mean you can only do it on an Edge Transport server, just that if it's not an Edge (i.e. you have a single-server installation) the agents aren't enabled by default.
Generally speaking, I think, if something applies to an Edge Transport role it should also apply to a single-server installation.
0
 
LVL 3

Author Comment

by:-Juddy-
Comment Utility
We have a single Exchange server.
0
 
LVL 3

Author Comment

by:-Juddy-
Comment Utility
Waseems, when I run the command I get the following error:


Enable-TransportAgent : Transport Agent "Attachment Filter agent" is not found.
Parameter name: Identity
At line:1 char:22
+ Enable-TransportAgent <<<<  -Identity "Attachment Filter agent"
    + CategoryInfo          : InvalidArgument: (:) [Enable-TransportAgent], Ar
   gumentException
    + FullyQualifiedErrorId : 6EE84613,Microsoft.Exchange.Management.AgentTask
   s.EnableTransportAgent

0
 
LVL 3

Author Comment

by:-Juddy-
Comment Utility
tgerbert, any of the commands on that page return:

The term 'Add-AttachmentFilterEntry' is not recognized as the name of a cmdlet,
 function, script file, or operable program. Check the spelling of the name, or
 if a path was included, verify that the path is correct and try again.
At line:1 char:26
+ Add-AttachmentFilterEntry <<<<  -Name *.EXE -Type FileName
    + CategoryInfo          : ObjectNotFound: (Add-AttachmentFilterEntry:Strin
   g) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
0
 
LVL 7

Expert Comment

by:Waseems
Comment Utility
try installing antispam on hub transport first
from Exchange management shell
navigate to C:\Program Files\Microsoft\Exchange Server\Scripts
then run .\install-antispamagents.ps1
rerun the previous commands again
0
 
LVL 7

Expert Comment

by:Waseems
Comment Utility
you can use also transport rule to block message with certain extensions
0
 
LVL 3

Author Comment

by:-Juddy-
Comment Utility
Waseems, I have the anti-spam agents installed already, just not attachment filter!
0
 
LVL 3

Author Comment

by:-Juddy-
Comment Utility
I think the simple answer is that with Exchange 2007 and Forefront SP1, this is not viable.  Transport rules can be created to some extent, but an Edge subscription is what would give me what I need.  Thanks anyway guys.
0
 
LVL 7

Accepted Solution

by:
Waseems earned 500 total points
Comment Utility
did you try exchange transport rule when header contains .zip or .rar and the action to bounce message back (transport rule can be found under organization configuration - transport)
0

Featured Post

Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now