Blog | G5 Cyber Security

Block External Attachment Downloads in Office 365

G5 Cyber Security

TL;DR

This guide shows you how to stop users from downloading attachments sent by people outside your organisation in Office 365. We’ll use Exchange Online Transport rules to achieve this.

Step-by-step Guide

  1. Understand the Approach

    2. We’ll create a transport rule that checks if an email comes from outside your company (an external sender). If it does, and has attachments, we’ll block users from downloading them. This doesn’t stop the email itself; it just prevents attachment access.

  2. Access Exchange Admin Center

    3. You need to be a Global Administrator or have the Mail Flow permissions role to do this. Sign in to the Exchange admin center.

  3. Create a New Transport Rule
    1. Navigate to Mail flow > Rules.
    2. Click the + Add rule button, then select Create a new rule.
    3. Give your rule a descriptive name (e.g., ‘Block External Attachment Downloads’).
  4. Configure Rule Conditions: Identify External Senders
    1. Click Add condition > Sender is external. This identifies emails from outside your organisation.
    2. Click Add condition > Has attachments.
  5. Configure Rule Actions: Block Attachment Access
    1. Click Add action > Modify message properties.
    2. Select Set attachment options from the dropdown.
    3. Check the box for Block attachments.
    4. Leave other options unchecked.
  6. Configure Rule Exceptions (Optional)

    7. You might want to exclude certain senders or domains from this rule. For example, trusted partners.

    1. Click Add exception > choose the appropriate exception condition (e.g., ‘Sender is a member of’).
    2. Specify the sender(s) you want to exclude.
  7. Review and Enable the Rule
    1. Review all your settings carefully.
    2. Click Save.
    3. The rule is enabled by default. If not, toggle it on.
  8. Test the Rule

    9. Send an email from a non-company account with an attachment to a user in your organisation. The user should receive the email but be unable to download the attachment.

  9. Advanced Configuration (Optional): Using PowerShell

    10. For more complex scenarios, you can use PowerShell:

    New-TransportRule -Name "Block External Attachment Downloads" -FromDomain *@*.com -HasAttachments $true -AttachmentOptions Block

    Replace @*.com with the domains you want to block. You’ll need to connect to Exchange Online PowerShell first.

Exit mobile version