Solved

Blocking certain file attachments, Exchange 2007

Posted on 2010-08-20
17
2,321 Views
Last Modified: 2012-06-27
We use and Exchange 2007 Server with Forefront (both on SP1......I'm upgrading next week!)  I want to be able to block certain file attachments to cut down on some of the rubbish we have been getting (Namely HTML, ZIP and RAR).  Forefront has a file filter, I have enabled it for ZIP but they still come through....there is no such checkbox for HTML or RAR.  How do I do this?
0
Comment
Question by:-Juddy-
  • 8
  • 4
  • 4
  • +1
17 Comments
 
LVL 3

Author Comment

by:-Juddy-
ID: 33488400
Sorry, that's 'an Exchange server' not 'and'.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33488466
0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33488489
Applies to: Exchange Server 2010
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33488537
I didn't catch that... a Google search for "exchange 2007 attachment filter" turned up that Experts Exchange question, which was specifically asked for 2007 and the asker accepted the answer - so I just assumed it was correct. ;)
At any rate, the second entry in that Google search turned up http://technet.microsoft.com/en-us/library/aa997139(EXCHG.80).aspx (looks like the commands are the same anyway).
0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33488634
It appears that this only works on an Edge server.....we just have a hub server....drat.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33488742
You mean you have a single Exchange server, or you don't have control over the Edge server - just the Hub Transport server?

0
 
LVL 7

Expert Comment

by:Waseems
ID: 33489002
from powershell run the following command
Enable-TransportAgent -Identity "Attachment Filter agent"

then

Add-AttachmentFilterEntry -Name *.RAR -Type FileName
Add-AttachmentFilterEntry -Name *.ZIP -Type FileName
0
 

Expert Comment

by:hamadaabdelkader
ID: 33490912
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33491824
The link I posted above says:
By default, the Attachment Filter agent is enabled on the computer that has the Edge Transport server role installed... To enable the Attachment Filter agent if it is not enabled, run the following command: Enable-TransportAgent -Identity "Attachment Filtering agent"
That doesn't mean you can only do it on an Edge Transport server, just that if it's not an Edge (i.e. you have a single-server installation) the agents aren't enabled by default.
Generally speaking, I think, if something applies to an Edge Transport role it should also apply to a single-server installation.
0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33499870
We have a single Exchange server.
0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33499902
Waseems, when I run the command I get the following error:


Enable-TransportAgent : Transport Agent "Attachment Filter agent" is not found.
Parameter name: Identity
At line:1 char:22
+ Enable-TransportAgent <<<<  -Identity "Attachment Filter agent"
    + CategoryInfo          : InvalidArgument: (:) [Enable-TransportAgent], Ar
   gumentException
    + FullyQualifiedErrorId : 6EE84613,Microsoft.Exchange.Management.AgentTask
   s.EnableTransportAgent

0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33499973
tgerbert, any of the commands on that page return:

The term 'Add-AttachmentFilterEntry' is not recognized as the name of a cmdlet,
 function, script file, or operable program. Check the spelling of the name, or
 if a path was included, verify that the path is correct and try again.
At line:1 char:26
+ Add-AttachmentFilterEntry <<<<  -Name *.EXE -Type FileName
    + CategoryInfo          : ObjectNotFound: (Add-AttachmentFilterEntry:Strin
   g) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
0
 
LVL 7

Expert Comment

by:Waseems
ID: 33500536
try installing antispam on hub transport first
from Exchange management shell
navigate to C:\Program Files\Microsoft\Exchange Server\Scripts
then run .\install-antispamagents.ps1
rerun the previous commands again
0
 
LVL 7

Expert Comment

by:Waseems
ID: 33500568
you can use also transport rule to block message with certain extensions
0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33500694
Waseems, I have the anti-spam agents installed already, just not attachment filter!
0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33520899
I think the simple answer is that with Exchange 2007 and Forefront SP1, this is not viable.  Transport rules can be created to some extent, but an Edge subscription is what would give me what I need.  Thanks anyway guys.
0
 
LVL 7

Accepted Solution

by:
Waseems earned 500 total points
ID: 33521040
did you try exchange transport rule when header contains .zip or .rar and the action to bounce message back (transport rule can be found under organization configuration - transport)
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
This video discusses moving either the default database or any database to a new volume.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question