Malware Filter Rules

Copper Contributor

Hey guys,


I've got a Problem: I've created multiple Malware Filter Rules which all have Extension Filter activated. But now only the rule with Priority 0 blocks extensions like ".docm". Is this normal? Is it possible to solve this?


Thanks in advance...

5 Replies
Do you perhaps have the "stop processing other rules" option toggled? A message trace would tell you that (the detailed one):

Also check the conditions/exceptions, make sure that the message is actually matching them.

@Vasil Michev 


Thanks for your tip, but I can't find the option to stop other rules from being processed... Where can I find it? I know where to find it for anti-spam rules but not for malwarefilter rules.

best response confirmed by cedric_menzi (Copper Contributor)
Oh, that's on me, I though you're talking about mail flow rules... Lost in translation again :)
When it comes to Malware filter policies, processing is always stopped once the first matching policy is triggered, as detailed here:
So if you have multiple policies, you need to scope them to cover different users/groups/domains, otherwise any "lower" priority policy will be ignored.
@Vasil Michev
I guess I'll have to search for another solution. :( Thanks for your help!

Have you considered as a bolt on? (I work for Spambrella) Far easier to administer and uses enterprise services stacked on the backend for optimum performance. 85% of the Spambrella customer base are O365/Azure users.