Ok, you have enabled the common attachment filter for your organization to NOT Allow Attachments of a certain type. Great. Here’s the rub….some of those attachment extensions, while most of the time should be blocked occasionally need to be allowed.
In most cases you don’t worry because you use Quarantine settings in MS Security and either you are an admin or the user (Depending on the policy you choose) can release the message. But what if it is an automated system and the blocked extension needs to get through?
Mitigating Blocked Attachments
You can minimize any of the delays a blocked attachment may cause by creating a policy that will let it though. Go to https://security.microsoft.com/safeattachmentv2 in the security portal and click on “+Create” to add a policy:
Give your policy a name and a description:
Pick who this policy applies to:
A note about the above screen. In most cases, it is only a sub-group of users who need to be exempt from attachment blocking. You wouldn’t want to enable this for everyone. Remember, we are mitigating not giving the organization a “carte blanche” with regard to attachments! You also can create this rule as an exclude rule instead.
Once the policy is created, click “Submit”.
What Allow attachments Does in this Example?
The Account(s) that have this policy assigned to them will allow attachments through but if malware is detected, it will track the scanning results. As a failsafe, the policy DefaultFullAccessWithNotificationPolicy has also been assigned. The account that sent the blocked message will get a notification in their inbox that the message was blocked. It can quickly be released with a mouse click to not disrupt the email flow.
It is not a “silver bullet” solution but it can make sure the email keeps flowing. Especially with automated systems that have minimal intervention.
Now you have a way to Allow Attachments safely!