Essential Security Rules For Microsoft Office 365

The standard email malware protection in Office 365 is quite basic and if your account was not setup by a Microsoft Partner or Office 365 specialist you may not have these three basic rules in place.

  • Malware Filter, turn on Common Attachment Types Filter
  • Block any attachment that has executable content
  • Any attachment's file extension matches the following list:
    app, arj, bas, bat, cgi, chm, cmd, com, cpl, dll, exe, hta, inf, ini, ins, iqy, jar, js, jse, lnk, mht, mhtm, mhtml, msh, msh1, msh2, msh1xml, msh2xml, msi, ocx, pcd, pif, pl, ps1, ps1xml, ps2, ps2xml, psc1, psc2, py, reg, scf, scr, sct, sh, shb, shs, url, vb, vbe, vbs, vbx, ws, wsc, wsf, wsh

Add these rules in your Office 365 portal by selecting Admin Centers - Exchange - protection - malware filter

Set the Common Attachment Types Filter to On. Notice that .docm may be in the list, which you may want to remove.


Add the remaining rules in your Office365 portal by selecting Admin Centers - Exchange - mail flow - rules - new and make sure you click ‘More options…’ otherwise you cannot see the option for Any attachment… has executable content.

Any attachment's file extension matches .....

cgi, chm, cmd, com, cpl, dll, exe, hta, inf, ini, ins, jar, js, jse, lnk, mht, mhtm, mhtml, msi, 
ocx, pcd, pif, pl, py, reg, scr, sct, sh, shb, shs, url, vb, vbe, vbs, vbx, ws, wsc, wsf, wsh