Solved

Blocking certain file attachments, Exchange 2007

Posted on 2010-08-20
17
2,374 Views
Last Modified: 2012-06-27
We use and Exchange 2007 Server with Forefront (both on SP1......I'm upgrading next week!)  I want to be able to block certain file attachments to cut down on some of the rubbish we have been getting (Namely HTML, ZIP and RAR).  Forefront has a file filter, I have enabled it for ZIP but they still come through....there is no such checkbox for HTML or RAR.  How do I do this?
0
Comment
Question by:-Juddy-
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 4
  • 4
  • +1
17 Comments
 
LVL 3

Author Comment

by:-Juddy-
ID: 33488400
Sorry, that's 'an Exchange server' not 'and'.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33488466
0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33488489
Applies to: Exchange Server 2010
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33488537
I didn't catch that... a Google search for "exchange 2007 attachment filter" turned up that Experts Exchange question, which was specifically asked for 2007 and the asker accepted the answer - so I just assumed it was correct. ;)
At any rate, the second entry in that Google search turned up http://technet.microsoft.com/en-us/library/aa997139(EXCHG.80).aspx (looks like the commands are the same anyway).
0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33488634
It appears that this only works on an Edge server.....we just have a hub server....drat.
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33488742
You mean you have a single Exchange server, or you don't have control over the Edge server - just the Hub Transport server?

0
 
LVL 7

Expert Comment

by:Waseems
ID: 33489002
from powershell run the following command
Enable-TransportAgent -Identity "Attachment Filter agent"

then

Add-AttachmentFilterEntry -Name *.RAR -Type FileName
Add-AttachmentFilterEntry -Name *.ZIP -Type FileName
0
 

Expert Comment

by:hamadaabdelkader
ID: 33490912
0
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 33491824
The link I posted above says:
By default, the Attachment Filter agent is enabled on the computer that has the Edge Transport server role installed... To enable the Attachment Filter agent if it is not enabled, run the following command: Enable-TransportAgent -Identity "Attachment Filtering agent"
That doesn't mean you can only do it on an Edge Transport server, just that if it's not an Edge (i.e. you have a single-server installation) the agents aren't enabled by default.
Generally speaking, I think, if something applies to an Edge Transport role it should also apply to a single-server installation.
0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33499870
We have a single Exchange server.
0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33499902
Waseems, when I run the command I get the following error:


Enable-TransportAgent : Transport Agent "Attachment Filter agent" is not found.
Parameter name: Identity
At line:1 char:22
+ Enable-TransportAgent <<<<  -Identity "Attachment Filter agent"
    + CategoryInfo          : InvalidArgument: (:) [Enable-TransportAgent], Ar
   gumentException
    + FullyQualifiedErrorId : 6EE84613,Microsoft.Exchange.Management.AgentTask
   s.EnableTransportAgent

0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33499973
tgerbert, any of the commands on that page return:

The term 'Add-AttachmentFilterEntry' is not recognized as the name of a cmdlet,
 function, script file, or operable program. Check the spelling of the name, or
 if a path was included, verify that the path is correct and try again.
At line:1 char:26
+ Add-AttachmentFilterEntry <<<<  -Name *.EXE -Type FileName
    + CategoryInfo          : ObjectNotFound: (Add-AttachmentFilterEntry:Strin
   g) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
0
 
LVL 7

Expert Comment

by:Waseems
ID: 33500536
try installing antispam on hub transport first
from Exchange management shell
navigate to C:\Program Files\Microsoft\Exchange Server\Scripts
then run .\install-antispamagents.ps1
rerun the previous commands again
0
 
LVL 7

Expert Comment

by:Waseems
ID: 33500568
you can use also transport rule to block message with certain extensions
0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33500694
Waseems, I have the anti-spam agents installed already, just not attachment filter!
0
 
LVL 3

Author Comment

by:-Juddy-
ID: 33520899
I think the simple answer is that with Exchange 2007 and Forefront SP1, this is not viable.  Transport rules can be created to some extent, but an Edge subscription is what would give me what I need.  Thanks anyway guys.
0
 
LVL 7

Accepted Solution

by:
Waseems earned 500 total points
ID: 33521040
did you try exchange transport rule when header contains .zip or .rar and the action to bounce message back (transport rule can be found under organization configuration - transport)
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Unable to create lists in Exchange 2013 1 32
Exchange Mail forwarding 9 41
Active Directory Powershell Script 9 37
email archiving on exchange 2010 16 27
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question