Allow Attachments With Safe Attachments Policy

Allow Attachments

Ok, you have enabled the common attachment filter for your organization to NOT Allow Attachments of a certain type. Great. Here’s the rub….some of those attachment extensions, while most of the time should be blocked occasionally need to be allowed.

In most cases you don’t worry because you use Quarantine settings in MS Security and either you are an admin or the user (Depending on the policy you choose) can release the message. But what if it is an automated system and the blocked extension needs to get through?

Mitigating Blocked Attachments

You can minimize any of the delays a blocked attachment may cause by creating a policy that will let it though. Go to in the security portal and click on “+Create” to add a policy:

Allow Attachments

Give your policy a name and a description:

Allow Attachments

Pick who this policy applies to:

Allow Attachments

A note about the above screen. In most cases, it is only a sub-group of users who need to be exempt from attachment blocking. You wouldn’t want to enable this for everyone. Remember, we are mitigating not giving the organization a “carte blanche” with regard to attachments! You also can create this rule as an exclude rule instead.

Allow Attachments

Once the policy is created, click “Submit”.

Allow Attachments

What Allow attachments Does in this Example?

The Account(s) that have this policy assigned to them will allow attachments through but if malware is detected, it will track the scanning results. As a failsafe, the policy DefaultFullAccessWithNotificationPolicy has also been assigned. The account that sent the blocked message will get a notification in their inbox that the message was blocked. It can quickly be released with a mouse click to not disrupt the email flow.

It is not a “silver bullet” solution but it can make sure the email keeps flowing. Especially with automated systems that have minimal intervention.

Now you have a way to Allow Attachments safely!

Avatar photo

I am an IT professional with over twenty years experience in the field. I have supported thousands of users over the years. The organizations I have worked for range in size from one person to hundreds of people. I have performed support from Help Desk, Network / Cloud Administration, Network Support, Application Support, Implementation and Security.

Pin It on Pinterest