HANDS ON SharePoint
HANDS ON Teams
HANDS ON Lists
HANDS ON tek
M365 Admin
AntiMalware: Default Policy (only): Common attachment filter: Configuration Change
We’re making some changes to common attachment filter settings for the Default policy (only) in the Anti-malware policy. The earlier default selection value of the ‘Quarantine the message’ is changed to ‘Reject the message with NDR’.
In Anti-malware policies, under the protection settings for ‘Enable the common attachment filter’, there are two notification options when an email contains any attachment matching the configured file types. They are:
- Reject the message with a non-delivery receipt (NDR)
- Quarantine the message.
These two notification options are added to the common attachments filter few months ago. When this was added, the option ‘Quarantine the message’ was selected in the default policy.
The change now being introduced is to update this option to ‘Reject the message with a non-delivery receipt (NDR)’ for all customers. This change is to allow faster response on the part of the sender to resend any important emails which might be quarantined (and delayed to the intended receipt) due to any attachment with matching blocked file type. We’re also aligning the setting for this control in the Standard and Strict preset security policies to ‘Reject the message with a non-delivery receipt (NDR)’. This change will also reduce the messages in quarantine. Quarantined messages need to be reviewed and released by the SecOps team and allow the sender to take action.
When will this happen:
We will begin rolling this out early May and expect to complete by mid-June.
How this will affect your organization:
This change will update the specific setting in the default policy. Any message which was quarantined until now because of the matching file type will now be rejected with an NDR.
If you would rather quarantine the messages, then you will need to create a new policy with ‘Quarantine the message’ selected or, you need to revert the selection to ‘Quarantine the message’ after this change is rolled out.
What you need to do to prepare:
Please click Additional Information to learn more.
If you would rather quarantine the messages, then you are requested need to create a new policy with ‘Quarantine the message’ selected or, you need to revert the selection to ‘Quarantine the message’ after this change is rolled out.
Message ID: MC544793
No comments yet