Hier zeige ich Ihnen, wie Sie die aktuell blockierten Dateiendungen in der Malware-Regel „POL_AntiMalware“ abrufen, anpassen und die Regel aktivieren oder deaktivieren können. Diese Schritte helfen Ihnen dabei, die Sicherheit Ihrer E-Mail-Umgebung zu erhöhen, indem Sie potenziell gefährliche Anhänge effektiv verwalten.
1. Abrufen der aktuell blockierten Dateiendungen
Um die derzeit in der Malware-Regel „POL_AntiMalware“ blockierten Dateiendungen zu überprüfen, verwenden Sie das folgende PowerShell-Kommando:
Get-MalwareFilterPolicy -Identity "POL_AntiMalware" | Select -Expand FileTypes
Erklärung:
- Get-MalwareFilterPolicy: Ruft die Einstellungen der angegebenen Malware-Filterrichtlinie ab.
- -Identity „POL_AntiMalware“: Spezifiziert die zu überprüfende Richtlinie.
- Select -Expand FileTypes: Zeigt die Liste der blockierten Dateiendungen an.
Diese Liste zeigt alle Dateiendungen, die derzeit von der Regel blockiert werden.
2. Anpassen der blockierten Dateiendungen
Um die Liste der blockierten Dateiendungen zu ändern, verwenden Sie das folgende Kommando:
Set-MalwareFilterPolicy -Identity "POL_AntiMalware" -FileTypes @("001","7z","ace","arj","bin","bz","bz2","bzip","bzip2","cab","cpio","deb","dmg","fat","gz","gzip","hfs","img","iso","lha","lzma","lz","lzh","mht","mime","ntfs","r00","r01","r02","r03","r04","r05","r06","r07","r08","r09","r10","r11","r12","r13","r14","r15","r16","r17","r18","r19","r20","r21","r22","r23","r24","r25","r26","r27","r28","r29","rev","rpm","smi","squashfs","swm","tar","taz","tbz","tbz2","tgz","tpz","txz","uu","uue","uuencode","vhd","webarchive","wim","xar","xxe","xz","z","asax","ashx","asp","bas","btm","cla","class","csh","ksh","mhtm","mhtml","pl","plg","ps1","ps1xml","ps2","ps2xml","psc1","psc2","sh","vb","wml","xbap","xdp","app","bat","cmd","com","dll","exe","jar","jnlp","js","jse","lnk","msi","msp","mst","ocx","pif","scr","tlb","url","vbe","vbs","ws","wsc","wsf","wsh","accde","ade","adp","cnv","dochtml","docm","docxml","dot","dothtml","dotm","dotx","dqy","fxp","iqy","mad","maf","mag","mam","maq","mar","mas","mat","mau","mav","maw","mda","mdb","mde","mdt","mdw","mdz","mpd","one","ops","osd","pot","potm","ppa","ppam","pps","ppsm","ppsx","pptm","pst","pub","pwz","sldm","slk","vbp","vsmacros","vss","vst","vsto","vsw","wbk","wiz","xla","xlam","xld","xlk","xll","xlsb","xlsm","xlt","xltm","xlw","xmls","xmlx","xnk","386","3gr","ani","application","appref-ms","appx","appxbundle","appxmanifest","blg","camp","cdmp","cer","chm","cnt","compositefont","cpl","crl","crt","der","drv","fon","gadget","grp","hlp","hpj","ht","hta","htt","hxs","igp","inf","ini","ins","isp","job","key","msc","msh","msh1","msh1xml","msh2","msh2xml","mshxml","pnf","prf","prg","reg","scf","sct","settingcontent-ms","shb","shs","sys","tmp","ttf","vxd","wbt") -EnableFileFilter $true -ZapEnabled $true
Erklärung:
- Set-MalwareFilterPolicy: Ändert die Einstellungen der angegebenen Malware-Filterrichtlinie.
- -Identity „POL_AntiMalware“: Spezifiziert die zu ändernde Richtlinie.
- -FileTypes @(„…“): Eine Array-Liste der Dateiendungen, die Sie blockieren möchten.
- -EnableFileFilter $true: Aktiviert den Dateitypfilter.
- -ZapEnabled $true: Aktiviert die automatische Entfernung erkannter Malware aus Postfächern.
Hinweis: Ersetzen Sie die Dateiendungen in der Liste entsprechend Ihren Anforderungen. Die oben angegebene Liste ist umfangreich und deckt viele potenziell gefährliche Dateitypen ab.
3. Aktivieren oder Deaktivieren der Malware-Regel
Aktivieren der Regel:
Enable-MalwareFilterRule -Identity "POL_AntiMalware"
Deaktivieren der Regel:
Disable-MalwareFilterRule -Identity "POL_AntiMalware"
Hinterlasse jetzt einen Kommentar