Blocking certain file attachments, Exchange 2007

We use and Exchange 2007 Server with Forefront (both on SP1......I'm upgrading next week!)  I want to be able to block certain file attachments to cut down on some of the rubbish we have been getting (Namely HTML, ZIP and RAR).  Forefront has a file filter, I have enabled it for ZIP but they still come through....there is no such checkbox for HTML or RAR.  How do I do this?
LVL 3
-Juddy-Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

-Juddy-Author Commented:
Sorry, that's 'an Exchange server' not 'and'.
0
-Juddy-Author Commented:
Applies to: Exchange Server 2010
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Todd GerbertIT ConsultantCommented:
I didn't catch that... a Google search for "exchange 2007 attachment filter" turned up that Experts Exchange question, which was specifically asked for 2007 and the asker accepted the answer - so I just assumed it was correct. ;)
At any rate, the second entry in that Google search turned up http://technet.microsoft.com/en-us/library/aa997139(EXCHG.80).aspx (looks like the commands are the same anyway).
0
-Juddy-Author Commented:
It appears that this only works on an Edge server.....we just have a hub server....drat.
0
Todd GerbertIT ConsultantCommented:
You mean you have a single Exchange server, or you don't have control over the Edge server - just the Hub Transport server?

0
WaseemsCommented:
from powershell run the following command
Enable-TransportAgent -Identity "Attachment Filter agent"

then

Add-AttachmentFilterEntry -Name *.RAR -Type FileName
Add-AttachmentFilterEntry -Name *.ZIP -Type FileName
0
hamadaabdelkaderCommented:
0
Todd GerbertIT ConsultantCommented:
The link I posted above says:
By default, the Attachment Filter agent is enabled on the computer that has the Edge Transport server role installed... To enable the Attachment Filter agent if it is not enabled, run the following command: Enable-TransportAgent -Identity "Attachment Filtering agent"
That doesn't mean you can only do it on an Edge Transport server, just that if it's not an Edge (i.e. you have a single-server installation) the agents aren't enabled by default.
Generally speaking, I think, if something applies to an Edge Transport role it should also apply to a single-server installation.
0
-Juddy-Author Commented:
We have a single Exchange server.
0
-Juddy-Author Commented:
Waseems, when I run the command I get the following error:


Enable-TransportAgent : Transport Agent "Attachment Filter agent" is not found.
Parameter name: Identity
At line:1 char:22
+ Enable-TransportAgent <<<<  -Identity "Attachment Filter agent"
    + CategoryInfo          : InvalidArgument: (:) [Enable-TransportAgent], Ar
   gumentException
    + FullyQualifiedErrorId : 6EE84613,Microsoft.Exchange.Management.AgentTask
   s.EnableTransportAgent

0
-Juddy-Author Commented:
tgerbert, any of the commands on that page return:

The term 'Add-AttachmentFilterEntry' is not recognized as the name of a cmdlet,
 function, script file, or operable program. Check the spelling of the name, or
 if a path was included, verify that the path is correct and try again.
At line:1 char:26
+ Add-AttachmentFilterEntry <<<<  -Name *.EXE -Type FileName
    + CategoryInfo          : ObjectNotFound: (Add-AttachmentFilterEntry:Strin
   g) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
0
WaseemsCommented:
try installing antispam on hub transport first
from Exchange management shell
navigate to C:\Program Files\Microsoft\Exchange Server\Scripts
then run .\install-antispamagents.ps1
rerun the previous commands again
0
WaseemsCommented:
you can use also transport rule to block message with certain extensions
0
-Juddy-Author Commented:
Waseems, I have the anti-spam agents installed already, just not attachment filter!
0
-Juddy-Author Commented:
I think the simple answer is that with Exchange 2007 and Forefront SP1, this is not viable.  Transport rules can be created to some extent, but an Edge subscription is what would give me what I need.  Thanks anyway guys.
0
WaseemsCommented:
did you try exchange transport rule when header contains .zip or .rar and the action to bounce message back (transport rule can be found under organization configuration - transport)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.