EXOMalwareFilterPolicy

Parameters

Parameter Attribute DataType Description Allowed Values
Identity Key String The Identity parameter specifies the MalwareFilterPolicy you want to modify.
AdminDisplayName Write String The AdminDisplayName parameter specifies a description for the policy. If the value contains spaces, enclose the value in quotation marks.
CustomExternalBody Write String The CustomExternalBody parameter specifies the body of the custom notification message for malware detections in messages from external senders. If the value contains spaces, enclose the value in quotation marks.
CustomExternalSubject Write String The CustomExternalSubject parameter specifies the subject of the custom notification message for malware detections in messages from external senders. If the value contains spaces, enclose the value in quotation marks.
CustomFromAddress Write String The CustomFromAddress parameter specifies the From address of the custom notification message for malware detections in messages from internal or external senders.
CustomFromName Write String The CustomFromName parameter specifies the From name of the custom notification message for malware detections in messages from internal or external senders. If the value contains spaces, enclose the value in quotation marks.
CustomInternalBody Write String The CustomInternalBody parameter specifies the body of the custom notification message for malware detections in messages from internal senders. If the value contains spaces, enclose the value in quotation marks.
CustomInternalSubject Write String The CustomInternalSubject parameter specifies the subject of the custom notification message for malware detections in messages from internal senders. If the value contains spaces, enclose the value in quotation marks.
CustomNotifications Write Boolean The CustomNotifications parameter enables or disables custom notification messages for malware detections in messages from internal or external senders. Valid values are: $true, $false.
EnableExternalSenderAdminNotifications Write Boolean The EnableExternalSenderAdminNotifications parameter enables or disables sending malware detection notification messages to an administrator for messages from external senders. Valid values are: $true, $false.
EnableFileFilter Write Boolean The EnableFileFilter parameter enables or disables common attachment blocking - also known as the Common Attachment Types Filter.Valid values are: $true, $false.
EnableInternalSenderAdminNotifications Write Boolean The EnableInternalSenderAdminNotifications parameter enables or disables sending malware detection notification messages to an administrator for messages from internal senders. Valid values are: $true, $false.
ExternalSenderAdminAddress Write String The ExternalSenderAdminAddress parameter specifies the email address of the administrator who will receive notification messages for malware detections in messages from external senders.
FileTypeAction Write String The FileTypeAction parameter specifies what's done to messages that contain one or more attachments where the file extension is included in the FileTypes parameter (common attachment blocking). Valid values are Quarantine and Reject. The default value is Reject. Quarantine, Reject
FileTypes Write StringArray[] The FileTypes parameter specifies the file types that are automatically blocked by common attachment blocking (also known as the Common Attachment Types Filter), regardless of content.
InternalSenderAdminAddress Write String The InternalSenderAdminAddress parameter specifies the email address of the administrator who will receive notification messages for malware detections in messages from internal senders.
MakeDefault Write Boolean MakeDefault makes this malware filter policy the default policy. Valid values are: $true, $false.
QuarantineTag Write String The QuarantineTag specifies the quarantine policy that's used on messages that are quarantined as malware.
ZapEnabled Write Boolean The ZapEnabled parameter enables or disables zero-hour auto purge (ZAP) for malware. ZAP detects malware in unread messages that have already been delivered to the user's Inbox. Valid values are: $true, $false.
Ensure Write String Specifies if this MalwareFilterPolicy should exist. Present, Absent
Credential Write PSCredential Credentials of the Exchange Global Admin
ApplicationId Write String Id of the Azure Active Directory application to authenticate with.
TenantId Write String Id of the Azure Active Directory tenant used for authentication.
CertificateThumbprint Write String Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.
CertificatePassword Write PSCredential Username can be made up to anything but password will be used for CertificatePassword
CertificatePath Write String Path to certificate used in service principal usually a PFX file.
ManagedIdentity Write Boolean Managed ID being used for authentication.
AccessTokens Write StringArray[] Access token used for authentication.

Description

Create or modify a EXOMalwareFilterPolicy in your cloud-based organization.

Permissions

Exchange

To authenticate with Microsoft Exchange, this resource required the following permissions:

Roles

  • Transport Hygiene, Security Admin, View-Only Configuration, Security Reader

Role Groups

  • Organization Management

Examples

Example 1

This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.

Configuration Example
{
    param(
        [Parameter()]
        [System.String]
        $ApplicationId,

        [Parameter()]
        [System.String]
        $TenantId,

        [Parameter()]
        [System.String]
        $CertificateThumbprint
    )
    Import-DscResource -ModuleName Microsoft365DSC

    node localhost
    {
        EXOMalwareFilterPolicy 'ConfigureMalwareFilterPolicy'
        {
            Identity                               = "IntegrationMFP"
            CustomNotifications                    = $False
            EnableExternalSenderAdminNotifications = $False
            EnableFileFilter                       = $False
            EnableInternalSenderAdminNotifications = $False
            FileTypeAction                         = "Quarantine"
            FileTypes                              = @("ace", "ani", "app", "cab", "docm", "exe", "iso", "jar", "jnlp", "reg", "scr", "vbe", "vbs")
            QuarantineTag                          = "AdminOnlyAccessPolicy"
            ZapEnabled                             = $True
            Ensure                                 = "Present"
            ApplicationId         = $ApplicationId
            TenantId              = $TenantId
            CertificateThumbprint = $CertificateThumbprint
        }
    }
}

Example 2

This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.

Configuration Example
{
    param(
        [Parameter()]
        [System.String]
        $ApplicationId,

        [Parameter()]
        [System.String]
        $TenantId,

        [Parameter()]
        [System.String]
        $CertificateThumbprint
    )
    Import-DscResource -ModuleName Microsoft365DSC

    node localhost
    {
        EXOMalwareFilterPolicy 'ConfigureMalwareFilterPolicy'
        {
            Identity                               = "IntegrationMFP"
            CustomNotifications                    = $False
            EnableExternalSenderAdminNotifications = $False
            EnableFileFilter                       = $False
            EnableInternalSenderAdminNotifications = $False
            FileTypeAction                         = "Quarantine"
            FileTypes                              = @("ace", "ani", "app", "cab", "docm", "exe", "iso", "jar", "jnlp", "reg", "scr", "vbe", "vbs")
            QuarantineTag                          = "AdminOnlyAccessPolicy"
            ZapEnabled                             = $False # Updated Property
            Ensure                                 = "Present"
            ApplicationId         = $ApplicationId
            TenantId              = $TenantId
            CertificateThumbprint = $CertificateThumbprint
        }
    }
}

Example 3

This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.

Configuration Example
{
    param(
        [Parameter()]
        [System.String]
        $ApplicationId,

        [Parameter()]
        [System.String]
        $TenantId,

        [Parameter()]
        [System.String]
        $CertificateThumbprint
    )
    Import-DscResource -ModuleName Microsoft365DSC

    node localhost
    {
        EXOMalwareFilterPolicy 'ConfigureMalwareFilterPolicy'
        {
            Identity                               = "IntegrationMFP"
            Ensure                                 = "Absent"
            ApplicationId         = $ApplicationId
            TenantId              = $TenantId
            CertificateThumbprint = $CertificateThumbprint
        }
    }
}