Limit Outlook on the Web attachments to OneDrive for Business

Brass Contributor

One of my customers has several security concerns when they move to Exchange Online. One of the questions is about insecure mail attachments when access is allowed by using public/home computers.

For that reason we want to limit attachments to trusted file sources like OneDrive for Business. 


Is it possible to limit the attachment source to that places? If yes, how can I achieve that?

Please answer and include a helpful link on how to configure that.







4 Replies
One approach would be to specify in Exchange Online that all attachments are stripped, but given that's how lots of people still work it is not a good idea.
A better approach would be utilise Advanced Threat Protection (part of the O365 E5 bundle) as it will scan the attachments and open them in a "detonation chamber" to ensure they are safe before being passed on to the end user.

Hi Lorayn,


thank you for the response. As far as I understood that feature the method only affects incoming mail/attachments, while my customer also wants to include attachments which his users may attach to outgoing / internal mail.

Do you know / can you provide a link for this and how I can also scan attachments before I send a mail using Exchange Online?






Malware scanning is already done on messages being sent out. See this FAQ:

You're right, but that is not really some kind of "protection". Try that: 

1. include some Macro Virus to a word document

2. enable password protection to that document

3. try to send that out using Outlook on the Web.


In this case the scan is successful and I can still send this message, including the attachment. 

I want to prevent users from doing that.