Blocking Attachments With Executable Content
I don’t know whats going on in the past few weeks but the sheer amount of zeroday exploits via email have risen. To protect yourselves against this I would recommend setting up a transport rule to drop or reject any email with executable content. This can be done for Exchange 2013 or Office365 (Exchange Online).
- Login to Exchange Admin Center using administrative credentials
- On the left pane select “Mail flow”
- On the top pane select “ Rules”
- Click on the “+” sign and select create a new rule
- Give a name to the rule and select “more options” at the bottom of the page.
- Under “Apply the rule if” Select “Any attachment has executable content”
- Under “Do the following” Select “Reject the message with explanation” and input your text.
- Save the rule.