EXOMalwareFilterPolicy¶
Parameters¶
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| Identity | Key | String | The Identity parameter specifies the MalwareFilterPolicy you want to modify. | |
| AdminDisplayName | Write | String | The AdminDisplayName parameter specifies a description for the policy. If the value contains spaces, enclose the value in quotation marks. | |
| CustomExternalBody | Write | String | The CustomExternalBody parameter specifies the body of the custom notification message for malware detections in messages from external senders. If the value contains spaces, enclose the value in quotation marks. | |
| CustomExternalSubject | Write | String | The CustomExternalSubject parameter specifies the subject of the custom notification message for malware detections in messages from external senders. If the value contains spaces, enclose the value in quotation marks. | |
| CustomFromAddress | Write | String | The CustomFromAddress parameter specifies the From address of the custom notification message for malware detections in messages from internal or external senders. | |
| CustomFromName | Write | String | The CustomFromName parameter specifies the From name of the custom notification message for malware detections in messages from internal or external senders. If the value contains spaces, enclose the value in quotation marks. | |
| CustomInternalBody | Write | String | The CustomInternalBody parameter specifies the body of the custom notification message for malware detections in messages from internal senders. If the value contains spaces, enclose the value in quotation marks. | |
| CustomInternalSubject | Write | String | The CustomInternalSubject parameter specifies the subject of the custom notification message for malware detections in messages from internal senders. If the value contains spaces, enclose the value in quotation marks. | |
| CustomNotifications | Write | Boolean | The CustomNotifications parameter enables or disables custom notification messages for malware detections in messages from internal or external senders. Valid values are: $true, $false. | |
| EnableExternalSenderAdminNotifications | Write | Boolean | The EnableExternalSenderAdminNotifications parameter enables or disables sending malware detection notification messages to an administrator for messages from external senders. Valid values are: $true, $false. | |
| EnableFileFilter | Write | Boolean | The EnableFileFilter parameter enables or disables common attachment blocking - also known as the Common Attachment Types Filter.Valid values are: $true, $false. | |
| EnableInternalSenderAdminNotifications | Write | Boolean | The EnableInternalSenderAdminNotifications parameter enables or disables sending malware detection notification messages to an administrator for messages from internal senders. Valid values are: $true, $false. | |
| ExternalSenderAdminAddress | Write | String | The ExternalSenderAdminAddress parameter specifies the email address of the administrator who will receive notification messages for malware detections in messages from external senders. | |
| FileTypeAction | Write | String | The FileTypeAction parameter specifies what's done to messages that contain one or more attachments where the file extension is included in the FileTypes parameter (common attachment blocking). Valid values are Quarantine and Reject. The default value is Reject. | Quarantine, Reject |
| FileTypes | Write | StringArray[] | The FileTypes parameter specifies the file types that are automatically blocked by common attachment blocking (also known as the Common Attachment Types Filter), regardless of content. | |
| InternalSenderAdminAddress | Write | String | The InternalSenderAdminAddress parameter specifies the email address of the administrator who will receive notification messages for malware detections in messages from internal senders. | |
| MakeDefault | Write | Boolean | MakeDefault makes this malware filter policy the default policy. Valid values are: $true, $false. | |
| QuarantineTag | Write | String | The QuarantineTag specifies the quarantine policy that's used on messages that are quarantined as malware. | |
| ZapEnabled | Write | Boolean | The ZapEnabled parameter enables or disables zero-hour auto purge (ZAP) for malware. ZAP detects malware in unread messages that have already been delivered to the user's Inbox. Valid values are: $true, $false. | |
| Ensure | Write | String | Specifies if this MalwareFilterPolicy should exist. | Present, Absent |
| Credential | Write | PSCredential | Credentials of the Exchange Global Admin | |
| ApplicationId | Write | String | Id of the Azure Active Directory application to authenticate with. | |
| TenantId | Write | String | Id of the Azure Active Directory tenant used for authentication. | |
| CertificateThumbprint | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | |
| CertificatePassword | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | |
| CertificatePath | Write | String | Path to certificate used in service principal usually a PFX file. | |
| ManagedIdentity | Write | Boolean | Managed ID being used for authentication. | |
| AccessTokens | Write | StringArray[] | Access token used for authentication. |
Description¶
Create or modify a EXOMalwareFilterPolicy in your cloud-based organization.
Permissions¶
Exchange¶
To authenticate with Microsoft Exchange, this resource required the following permissions:
Roles¶
- Transport Hygiene, Security Admin, View-Only Configuration, Security Reader
Role Groups¶
- Organization Management
Examples¶
Example 1¶
This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.
Configuration Example
{
param(
[Parameter()]
[System.String]
$ApplicationId,
[Parameter()]
[System.String]
$TenantId,
[Parameter()]
[System.String]
$CertificateThumbprint
)
Import-DscResource -ModuleName Microsoft365DSC
node localhost
{
EXOMalwareFilterPolicy 'ConfigureMalwareFilterPolicy'
{
Identity = "IntegrationMFP"
CustomNotifications = $False
EnableExternalSenderAdminNotifications = $False
EnableFileFilter = $False
EnableInternalSenderAdminNotifications = $False
FileTypeAction = "Quarantine"
FileTypes = @("ace", "ani", "app", "cab", "docm", "exe", "iso", "jar", "jnlp", "reg", "scr", "vbe", "vbs")
QuarantineTag = "AdminOnlyAccessPolicy"
ZapEnabled = $True
Ensure = "Present"
ApplicationId = $ApplicationId
TenantId = $TenantId
CertificateThumbprint = $CertificateThumbprint
}
}
}
Example 2¶
This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.
Configuration Example
{
param(
[Parameter()]
[System.String]
$ApplicationId,
[Parameter()]
[System.String]
$TenantId,
[Parameter()]
[System.String]
$CertificateThumbprint
)
Import-DscResource -ModuleName Microsoft365DSC
node localhost
{
EXOMalwareFilterPolicy 'ConfigureMalwareFilterPolicy'
{
Identity = "IntegrationMFP"
CustomNotifications = $False
EnableExternalSenderAdminNotifications = $False
EnableFileFilter = $False
EnableInternalSenderAdminNotifications = $False
FileTypeAction = "Quarantine"
FileTypes = @("ace", "ani", "app", "cab", "docm", "exe", "iso", "jar", "jnlp", "reg", "scr", "vbe", "vbs")
QuarantineTag = "AdminOnlyAccessPolicy"
ZapEnabled = $False # Updated Property
Ensure = "Present"
ApplicationId = $ApplicationId
TenantId = $TenantId
CertificateThumbprint = $CertificateThumbprint
}
}
}
Example 3¶
This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.
Configuration Example
{
param(
[Parameter()]
[System.String]
$ApplicationId,
[Parameter()]
[System.String]
$TenantId,
[Parameter()]
[System.String]
$CertificateThumbprint
)
Import-DscResource -ModuleName Microsoft365DSC
node localhost
{
EXOMalwareFilterPolicy 'ConfigureMalwareFilterPolicy'
{
Identity = "IntegrationMFP"
Ensure = "Absent"
ApplicationId = $ApplicationId
TenantId = $TenantId
CertificateThumbprint = $CertificateThumbprint
}
}
}