Receive many anonymos mails with attachements .zip


I have a mailbox (Exchange 2013) receive always many anonymos emails with zip attachements, of course i guess it's malisious mails how can i block the flow of this emails
I enabled and configured the native anti-spam and the mailware protection on Exchange but my problem not resolved
Example of mail:

Earl <>
mer. 21/09/2016 15:54
À :
 1 pièce jointe

Your message is ready to be sent with the following file or link


Note: To protect against computer viruses, e-mail programs may prevent
sending or receiving certain types of file attachments.  Check your e-mail
security settings to determine how attachments are handled.
Mohamed Amine LIMAMEAsked:
Who is Participating?
Dr. KlahnConnect With a Mentor Principal Software EngineerCommented:
If your SMTP receiver is not already doing this, consider add blocking using the active spam blocking lists.  This should cut the size of the problem down significantly, possibly to a level where it can be handled by the unfortunate recipients.

Using the following four lists, the amount of spam getting through has fallen by 90% on my server.


Blocking all email containing ZIP file attachments is certainly possible, but it cripples anyone who wants to send a compressed attachment.
*** Hopeleonie ***IT ManagerCommented:
Which Anti-spam solution do you use?
*** Hopeleonie ***IT ManagerCommented:
We use Barracuda to block our Spam. It has reduced 99% of our Spam. The MS inbuilt solution was not enough for us.
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Mohamed Amine LIMAMEAuthor Commented:
@Dr. Klahn

I configured the:

but problem not solved
Dr. KlahnPrincipal Software EngineerCommented:
Does the mail receiver's log show emails being refused as spam?  If not, add   That will certainly cause some incoming email to be rejected.  If it does not, then it is possible the blocks are not actually active.

Also check the full header expansion of several of the spams to see where the routing shows it came from.  Note that this can be deceptive as much spam tries to obfuscate the actual source.  If (for example) the routing shows that it is emanating from within your network, then it is might be bypassing all filters; in that case, find the infected machine(s) and shut them down.
Mohamed Amine LIMAMEAuthor Commented:
I configured the:
Connection Filtering Agent in FrontEND

and i configured also the IPBlockListProvider:

problem almost solved  90% but i continue to receive some a few mails
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.