Skip to content

Create a new safe attachment policy in Office 365

Published by lazy-admin on Mar 12, 2019

Last updated on Apr 4, 2019

Create a new safe attachment policy in Office 365

Let’s look at how to create a safe attachment policy in Office 365 using Advance Thread Protection (ATP).

To get started navigate to Microsoft 365 Security & Compliance Center. Sign in using your admin account credentials.

From the Security and Compliance Center scroll down and click on Thread management > Policy.

Click on ATP Safe Attachment

A screenshot of a cell phone Description automatically generated

Click on + to create a new Safe Attachment Policy.

A picture containing screenshot Description automatically generated

Provide a Name and Description for the policy

Under Select the action for unknown malware in attachments, choose from one of the following options:

    • Off. Attachments will not be scanned for malware.
    • Monitor. Continues delivering the message after malware is detected and tracks the scanning results.
    • Block. Blocks the current and future emails and attachments with detected malware.
    • Replace. Blocks the attachments with detected malware but continues to deliver the message body to the user.
    • Dynamic delivery. Immediately delivers the message body without attachments and reattaches attachments after scanning if they are found to be safe.

Note: Dynamic Delivery is the only delivery method which will not delay the delivery of emails to the end user.

A screenshot of a cell phone Description automatically generated

Under Redirect attachment on detection, you can select bot or just one.

  • If you want to forward attachments that are blocked, replaced, or monitored to a security administrator in your organization for further investigation, check the Enable redirect checkbox and enter an email address.
  • You can also have those attachments forwarded if the scanning process should time out by selecting the Apply the above selection if malware scanning for attachments times out or error occurs

A screenshot of a cell phone Description automatically generated

Next you need to apply the policy, Under Applied To click the drop-down list to add the condition.

The following conditions are available:

  • The recipient is
  • The recipient domain is
  • The recipient is a member of

You can also add exceptions. For example, you can apply to the whole domain and then exclude a recipient i.e. accounts.

A screenshot of a cell phone Description automatically generated

When you done with the changes, click on Save.

Note: You can set up multiple Safe Attachments policies for your organization. These policies will be applied in the order they’re listed on the ATP Safe Attachments page. It can take up to 30 minutes for the Safe Attachments policy changes to take effect.

 

 


Post Views: 1,058

Sharing is caring!

Published inATPOffice 365ThatLazyAdmin Blog

Be First to Comment

Leave a Reply

Your email address will not be published.