Applies to: Exchange Server 2013, Exchange Online

Topic Last Modified: 2012-07-18

Use the New-MalwareFilterPolicy cmdlet to create malware filter policies in your organization.

For information about the parameter sets in the Syntax section below, see Syntax.

Syntax


New-MalwareFilterPolicy -Name <String> [-Action <DeleteMessage \| DeleteAttachmentAndUseDefaultAlertText \| DeleteAttachmentAndUseCustomAlertText>] [-AdminDisplayName <String>] [-BypassInboundMessages <$true \| $false>] [-BypassOutboundMessages <$true \| $false>] [-Confirm [<SwitchParameter>]] [-CustomAlertText <String>] [-CustomExternalBody <String>] [-CustomExternalSubject <String>] [-CustomFromAddress <SmtpAddress>] [-CustomFromName <String>] [-CustomInternalBody <String>] [-CustomInternalSubject <String>] [-CustomNotifications <$true \| $false>] [-DomainController <Fqdn>] [-EnableExternalSenderAdminNotifications <$true \| $false>] [-EnableExternalSenderNotifications <$true \| $false>] [-EnableInternalSenderAdminNotifications <$true \| $false>] [-EnableInternalSenderNotifications <$true \| $false>] [-ExternalSenderAdminAddress <SmtpAddress>] [-IgnoreDehydratedFlag <SwitchParameter>] [-InternalSenderAdminAddress <SmtpAddress>] [-Organization <OrganizationIdParameter>] [-WhatIf [<SwitchParameter>]]

New-MalwareFilterPolicy -Name <String> [-Action
<DeleteMessage | DeleteAttachmentAndUseDefaultAlertText |
DeleteAttachmentAndUseCustomAlertText>] [-AdminDisplayName
<String>] [-BypassInboundMessages <$true | $false>]
[-BypassOutboundMessages <$true | $false>] [-Confirm
[<SwitchParameter>]] [-CustomAlertText <String>]
[-CustomExternalBody <String>] [-CustomExternalSubject
<String>] [-CustomFromAddress <SmtpAddress>]
[-CustomFromName <String>] [-CustomInternalBody
<String>] [-CustomInternalSubject <String>]
[-CustomNotifications <$true | $false>] [-DomainController
<Fqdn>] [-EnableExternalSenderAdminNotifications <$true |
$false>] [-EnableExternalSenderNotifications <$true |
$false>] [-EnableInternalSenderAdminNotifications <$true |
$false>] [-EnableInternalSenderNotifications <$true |
$false>] [-ExternalSenderAdminAddress <SmtpAddress>]
[-IgnoreDehydratedFlag <SwitchParameter>]
[-InternalSenderAdminAddress <SmtpAddress>] [-Organization
<OrganizationIdParameter>] [-WhatIf
[<SwitchParameter>]]

Examples

EXAMPLE 1

This example creates a new malware filter policy named Contoso Malware Filter Policy with the following settings:

Block messages that contain malware.
Don't notify the message sender when malware is detected in the message.
Notify the administrator admin@contoso.com when malware is detected in a message from an internal sender.

	Copy Code
New-MalwareFilterPolicy -Name "Contoso Malware Filter Policy" -EnableInternalSenderAdminNotifications $true -InternalSenderAdminAddress admin@contoso.com

Detailed Description

You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the "Anti-malware" entry in the Anti-Spam and Anti-Malware Permissions topic.

Parameters

Parameter	Required	Type	Description
Name	Required	System.String	The Name parameter specifies a name for the malware filter policy. If the value contains spaces, enclose the value in quotation marks (").
Action	Optional	Microsoft.Exchange.Data.Directory.SystemConfiguration.MalwareFilteringAction	The Action parameter specifies the action to take when malware is detected in a message. Valid values for this parameter are: `BlockMessage`: blocks the message when malware is detected. `ReplaceWithDefaultAlert`: delivers the message, but replaces the message contents with the default alert text when malware is detected. `ReplaceWithCustomAlert`: delivers the message, but replaces the message contents with the custom alert text specified by the AlertText parameter when malware is detected. The default value is `BlockMessage`.
AdminDisplayName	Optional	System.String	The AdminDisplayName parameter specifies a description for the malware filter policy. If the value contains spaces, enclose the value in quotation marks (").
BypassInboundMessages	Optional	System.Boolean	The BypassInboundMessages parameter skips or enforces malware scanning on incoming messages. Valid input for this parameter is `$true` or `$false`. The default value is `$false`. This means malware scanning occurs on incoming messages by default.
BypassOutboundMessages	Optional	System.Boolean	The BypassOutboundMessages parameter skips or enforces malware scanning on outgoing messages. Valid input for this parameter is `$true` or `$false`. The default value is `$false`. This means malware scanning occurs on outgoing messages by default.
Confirm	Optional	System.Management.Automation.SwitchParameter	The Confirm switch causes the command to pause processing and requires you to acknowledge what the command will do before processing continues. You don't have to specify a value with the Confirm switch.
CustomAlertText	Optional	System.String	The CustomAlertText parameter specifies the custom alert text to insert in the message when malware is detected and the value of the Action parameter is set to `ReplaceWithCustomAlert`. This parameter is required when the CustomNotifications parameter is set to `$true`.
CustomExternalBody	Optional	System.String	The CustomExternalBody parameter specifies the body of the custom notification message that's sent to an external sender when a message contains malware. This parameter is required when the CustomNotifications parameter is set to `$true`.
CustomExternalSubject	Optional	System.String	The CustomExternalSubject parameter specifies the subject of the custom notification message that's sent to an external sender when a message contains malware. This parameter is required when the CustomNotifications parameter is set to `$true`.
CustomFromAddress	Optional	Microsoft.Exchange.Data.SmtpAddress	The CustomFromAddress parameter specifies the From address of the custom notification message that's sent to an internal or external sender when a message contains malware. This parameter is required when the CustomNotifications parameter is set to `$true`.
CustomFromName	Optional	System.String	The CustomExternalFromName parameter specifies the From name of the custom notification message that's sent to internal or external senders when a message contains malware. This parameter is required when the CustomNotifications parameter is set to `$true`.
CustomInternalBody	Optional	System.String	The CustomInternalBody parameter specifies the body of the custom notification message that's sent to an internal sender when a message contains malware. This parameter is required when the CustomNotifications parameter is set to `$true`.
CustomInternalSubject	Optional	System.String	The CustomInternalSubject parameter specifies the subject of the custom notification message that's sent to an internal sender when a message contains malware. This parameter is required when the CustomNotifications parameter is set to `$true`.
CustomNotifications	Optional	System.Boolean	The CustomNotifications parameter enables or disables the custom notification message to the sender when the message contains malware. Valid input for this parameter is `$true` or `$false`. The default value is `$false`. If you enable custom notification messages by setting this parameter to `$true`, you specify the details of the custom notification message using the CustomFromAddress,CustomFromName, CustomExternalSubject, CustomExternalBody, CustomInternalSubject, and CustomInternalBody parameters.
DomainController	Optional	Microsoft.Exchange.Data.Fqdn	The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory.
EnableExternalSenderAdminNotifications	Optional	System.Boolean	The EnableExternalSenderAdminNotifications parameter enables or disables sending notification messages to an administrator when malware is detected in messages from external senders. Valid input for this parameter is `$true` or `$false`. The default value is `$false`. Specify the administrator to receive the notification messages by using the ExternalSenderAdminAddress parameter.
EnableExternalSenderNotifications	Optional	System.Boolean	The EnableExternalSenderNotifications parameter enables or disables sending notification messages to senders when malware is detected in messages from external senders. Valid input for this parameter is `$true` or `$false`. The default value is `$false`.
EnableInternalSenderAdminNotifications	Optional	System.Boolean	The EnableExternalSenderAdminNotifications parameter enables or disables sending notification messages to an administrator when malware is detected in messages from internal senders. Valid input for this parameter is `$true` or `$false`. The default value is `$false`. Specify the administrator to receive the notification messages by using the InternalSenderAdminAddress parameter.
EnableInternalSenderNotifications	Optional	System.Boolean	The EnableExternalSenderAdminNotifications parameter enables or disables sending notification messages to senders when malware is detected in messages from internal senders. Valid input for this parameter is `$true` or `$false`. The default value is `$false`.
ExternalSenderAdminAddress	Optional	Microsoft.Exchange.Data.SmtpAddress	The ExternalSenderAdminAddress parameter specifies the email address of the administrator who will receive notifications messages when messages from external senders contain malware. Notification messages are sent to the specified email address only if the EnableExternalSenderAdminNotifications parameter is set to `$true`.
IgnoreDehydratedFlag	Optional	System.Management.Automation.SwitchParameter	This parameter is reserved for internal Microsoft use.
InternalSenderAdminAddress	Optional	Microsoft.Exchange.Data.SmtpAddress	The InternalSenderAdminAddress parameter specifies the email address of the administrator who will receive notifications messages when messages from external senders contain malware. Notification messages are sent to the specified email address only if the EnableInternalSenderAdminNotifications parameter is set to `$true`.
Organization	Optional	Microsoft.Exchange.Configuration.Tasks.OrganizationIdParameter	The Organization parameter is reserved for internal Microsoft use.
WhatIf	Optional	System.Management.Automation.SwitchParameter	The WhatIf switch instructs the command to simulate the actions that it would take on the object. By using the WhatIf switch, you can view what changes would occur without having to apply any of those changes. You don't have to specify a value with the WhatIf switch.

Input Types

To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn’t accept input data.

Return Types

To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn’t return data.