Skip to content

EXOMalwareFilterPolicy

Parameters

Parameter Attribute DataType Description Allowed Values
Identity Key String The Identity parameter specifies the MalwareFilterPolicy you want to modify.
Action Write String The Action parameter specifies the action to take when malware is detected in a message. Possible values are DeleteMessage,DeleteAttachmentAndUseDefaultAlert and DeleteAttachmentAndUseCustomAlert. The default value is DeleteMessage. DeleteMessage, DeleteAttachmentAndUseDefaultAlert, DeleteAttachmentAndUseCustomAlert
AdminDisplayName Write String The AdminDisplayName parameter specifies a description for the policy. If the value contains spaces, enclose the value in quotation marks.
CustomAlertText Write String The CustomAlertText parameter specifies the custom text to use in the replacement attachment named Malware Alert Text.txt. If the value contains spaces, enclose the value in quotation marks.
CustomExternalBody Write String The CustomExternalBody parameter specifies the body of the custom notification message for malware detections in messages from external senders. If the value contains spaces, enclose the value in quotation marks.
CustomExternalSubject Write String The CustomExternalSubject parameter specifies the subject of the custom notification message for malware detections in messages from external senders. If the value contains spaces, enclose the value in quotation marks.
CustomFromAddress Write String The CustomFromAddress parameter specifies the From address of the custom notification message for malware detections in messages from internal or external senders.
CustomFromName Write String The CustomFromName parameter specifies the From name of the custom notification message for malware detections in messages from internal or external senders. If the value contains spaces, enclose the value in quotation marks.
CustomInternalBody Write String The CustomInternalBody parameter specifies the body of the custom notification message for malware detections in messages from internal senders. If the value contains spaces, enclose the value in quotation marks.
CustomInternalSubject Write String The CustomInternalSubject parameter specifies the subject of the custom notification message for malware detections in messages from internal senders. If the value contains spaces, enclose the value in quotation marks.
CustomNotifications Write Boolean The CustomNotifications parameter enables or disables custom notification messages for malware detections in messages from internal or external senders. Valid values are: $true, $false.
EnableExternalSenderAdminNotifications Write Boolean The EnableExternalSenderAdminNotifications parameter enables or disables sending malware detection notification messages to an administrator for messages from external senders. Valid values are: $true, $false.
EnableExternalSenderNotifications Write Boolean The EnableExternalSenderNotifications parameter enables or disables notification messages for malware detections in messages from external senders. Valid values are: $true, $false.
EnableFileFilter Write Boolean The EnableFileFilter parameter enables or disables common attachment blocking - also known as the Common Attachment Types Filter.Valid values are: $true, $false.
EnableInternalSenderAdminNotifications Write Boolean The EnableInternalSenderAdminNotifications parameter enables or disables sending malware detection notification messages to an administrator for messages from internal senders. Valid values are: $true, $false.
EnableInternalSenderNotifications Write Boolean The EnableInternalSenderNotifications parameter enables or disables notification messages for malware detections in messages from internal senders. Valid values are: $true, $false.
ExternalSenderAdminAddress Write String The ExternalSenderAdminAddress parameter specifies the email address of the administrator who will receive notification messages for malware detections in messages from external senders.
FileTypes Write StringArray[] The FileTypes parameter specifies the file types that are automatically blocked by common attachment blocking (also known as the Common Attachment Types Filter), regardless of content.
InternalSenderAdminAddress Write String The InternalSenderAdminAddress parameter specifies the email address of the administrator who will receive notification messages for malware detections in messages from internal senders.
MakeDefault Write Boolean MakeDefault makes this malware filter policy the default policy. Valid values are: $true, $false.
ZapEnabled Write Boolean The ZapEnabled parameter enables or disables zero-hour auto purge (ZAP) for malware. ZAP detects malware in unread messages that have already been delivered to the user's Inbox. Valid values are: $true, $false.
Ensure Write String Specifies if this MalwareFilterPolicy should exist. Present, Absent
Credential Write PSCredential Credentials of the Exchange Global Admin
ApplicationId Write String Id of the Azure Active Directory application to authenticate with.
TenantId Write String Id of the Azure Active Directory tenant used for authentication.
CertificateThumbprint Write String Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.
CertificatePassword Write PSCredential Username can be made up to anything but password will be used for CertificatePassword
CertificatePath Write String Path to certificate used in service principal usually a PFX file.

EXOMalwareFilterPolicy

Description

Create or modify a new EXOMalwareFilterPolicy in your cloud-based organization.

Examples

Example 1

This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.

Configuration Example
{
    param(
        [Parameter(Mandatory = $true)]
        [PSCredential]
        $credsGlobalAdmin
    )
    Import-DscResource -ModuleName Microsoft365DSC

    node localhost
    {
        EXOMalwareFilterPolicy 'ConfigureMalwareFilterPolicy'
        {
            Identity                               = "Default"
            Action                                 = "DeleteMessage"
            CustomNotifications                    = $False
            EnableExternalSenderAdminNotifications = $False
            EnableExternalSenderNotifications      = $False
            EnableFileFilter                       = $False
            EnableInternalSenderAdminNotifications = $False
            EnableInternalSenderNotifications      = $False
            FileTypes                              = @("ace", "ani", "app", "cab", "docm", "exe", "iso", "jar", "jnlp", "reg", "scr", "vbe", "vbs")
            ZapEnabled                             = $True
            Ensure                                 = "Present"
            Credential                             = $credsGlobalAdmin
        }
    }
}