MC285906: Common attachment filter in anti-malware policy: Additional file types block by default

The ‘Common attachment filter’ option in the ‘Anti-malware’ policy helps the Administrator configure the file types (based on file extension) which need to be blocked in the emails. This block action is applied anytime the file type of any attachment in the email matches this configurated file type list. This message is associated with Microsoft 365 Roadmap ID 85611.

We’re adding file types to the common attachment filter (default block list) of the Anti-malware policy with three new file types. Please refer to Message Center for the updated list.

MC285906: Common attachment filter in anti-malware policy: Additional file types block by default

Affected Workloads

  • Exchange Online

The current pre-configured list has 96 file types. Of these 96 file types, 10 files types are selected by default in the block list. When a new policy is created, these 10 file types are selected, to be blocked, by default. Administrator can make changes to this selection by selecting more file types or making changes to existing file types. If the Administrator chooses to extend this behavior to more file types, then this is possible using PowerShell option.

As part of this enhancement to the feature, we are adding three additional file types to the default selection list. The newly added file types are ‘.iso’, ‘.cab’ and ‘.jnlp’.

Key points

  • Timing: We expect this feature to begin rolling out in early October and expect the rollout to be completed by late October.
  • Roll-out: tenant level
  • Action: Review and assess.

How this will affect your organization

Once these enhancements are rolled out, any email received by / sent from the users of your organization will be quarantined if any of the attached files matches with the newly added three file types.

What you need to do to prepare

If your organization would like to have the emails with these file types blocked, then there is no action. However, if your organization needs require that these files be allowed, then the Administrator needs to edit the Anti-Malware policies and de-select these newly added file types.

Message ID: MC285906
Published: 18 September 2021
Updated: 18 September 2021
Effective: October 4, 2021