Maybe you've noticed already, but when using the anti-spam features in Exchange Sever 2010 there's no option to change the attachment filtering mechanism in the Exchange Management Console. In the console you can manage all settings, except the Attachment Filtering. But attachment filtering is performed, both by the Edge Transport Server and the Hub Transport Server (if enabled of course).And attachment filtering is the last step in the complete chain of anti-spam filtering, after connection filtering, Sender/Recipient filtering and Content filtering.
Attachment Filtering can be performed on MIME content type, filename or filename extension. The actions performed by attachment filtering can be:
Reject - the message will be rejected and an NDR will be returned to the sender;
Silent delete - the message will be deleted and no NDR will be returned to the sender. Note that the recipient won't get a notification either;
Strip - the attachment will be removed from the message and the message will be delivered. A notification text is added to the message to notify the recipient an attachment was removed.
To see an overview of the attachment filtering configuration you can use the following command:
To filter for example JPG attachment from incoming messages you can use the following command:
Add-AttachmentFilterEntry -Name image/jpeg -Type ContentType
To configure the action that needs to be taken you have to use the Set-AttachmentFilterListConfig cmdlet, like this:
Set-AttachmentFilterListConfig -Action -Reject -RejectResponse "The attachment in your message is not allowed and your message is not delivred. Please remove the e-mail attachment, and send your message again."
This way the message containing the attachment is rejected and a notification message is returned to the sender.