My continuing journey in to the joys of having a non-standard Edge server configuration, just to have a lab to muck around in!
Certain file types, mainly .exe were being deleted and replaced with a simple .txt with the name of the deleted file attached to the original email. So I got evil.exe.txt rather than evil.exe.
I turned to Google for Powershell commands on how to configure the Edge server, since the GUI showed nothing active in the Transport rules tab.
Found this command Get-TransportAgent cmdlet to view the configuration of a transport agent on a computer that has the Edge Transport server role or the Hub Transport server role installed in a Microsoft Exchange Server 2007 organization.
http://technet.microsoft.com/en-us/library/bb123536(EXCHG.80).aspx
[PS] C:\Documents and Settings\Elvis>Get-TransportAgent
Identity Enabled Priority
——– ——- ——–
Connection Filtering Agent True 1
Address Rewriting Inbound Agent True 2
Edge Rule Agent True 3
Content Filter Agent True 4
Sender Id Agent True 5
Sender Filter Agent True 6
Recipient Filter Agent True 7
Protocol Analysis Agent True 8
Attachment Filtering Agent True 9
Address Rewriting Outbound Agent True 10
This lead me to believe my naughty server was blocking by default and this proved me right:
http://technet.microsoft.com/en-us/library/aa997139(EXCHG.80).aspx
By the magic of changing Enable to Disable, I modify the Powershell command and ran it.
Disable-TransportAgent -Identity “Attachment Filtering agent”
[PS] C:\Documents and Settings\Elvis>Get-TransportAgent
Identity Enabled Priority
——– ——- ——–
Connection Filtering Agent True 1
Address Rewriting Inbound Agent True 2
Edge Rule Agent True 3
Content Filter Agent True 4
Sender Id Agent True 5
Sender Filter Agent True 6
Recipient Filter Agent True 7
Protocol Analysis Agent True 8
Attachment Filtering Agent False 9
Address Rewriting Outbound Agent True 10
And as if by magic, my .exe came through to Outlook untouched.
Hopefully, a useful reference if other oddities happen again!
Should reaaaaaallllly think about learning PowerShell sooner rather than later …
I’ve the same problem, you know how can disable the attachment detection in compressed file like .zip?
You can remove the type of attachment being scanned.
Check that .zip are in the blocked group using the powershell cmdlets:
Get-AttachmentFilterEntry and Get-AttachmentFilterEntry
You should see a file type for .Zip. Use
Remove-AttachmentFilterEntry filename:*.zip
And that should allow them through. For more info
http://technet.microsoft.com/en-us/library/aa997139(EXCHG.80).aspx or Google “Remove-AttachmentFilterEntry”
Make sure you do a backup of your configuration first and try this on your test system first!