An asterisk * in the title indicates the field is mandatory.
If a field has a default value, it is shown in the Description column.
If the field type is an array, the Field Name has a .[n] suffix, where n is the array index placeholder.
Object and array field names are listed to provide context. If a field belongs to an object or an array, the full field name is shown in dot separated notation.

Title

Description

Details

AdminDisplayName

The AdminDisplayName parameter specifies a description for the policy. If the value contains spaces, enclose the value in quotation marks (").

Field Name: AdminDisplayName
Type: String

CustomFromAddress

The CustomFromAddress parameter specifies the From address of the custom notification message that's sent to an internal or external sender when a message contains malware. This parameter is required when the CustomNotifications parameter is set to $true.

Field Name: CustomFromAddress
Type: String

OrganizationId

Field Name: OrganizationId
Type: String

ZapEnabled

PARAMVALUE: $true | $false

Field Name: ZapEnabled
Type: Boolean

BypassInboundMessages

This parameter is available only in on-premises Exchange 2016. The BypassInboundMessages parameter skips or enforces malware scanning on incoming messages. Valid input for this parameter is $true or $false. The default value is $false. This means malware scanning occurs on incoming messages by default.

Field Name: BypassInboundMessages
Type: Boolean

Action

The Action parameter specifies the action to take when malware is detected in a message. Valid values for this parameter are: BlockMessage: blocks the message when malware is detected. ReplaceWithDefaultAlert: delivers the message, but replaces the message contents with the default alert text when malware is detected. ReplaceWithCustomAlert: delivers the message, but replaces the message contents with the custom alert text specified by the AlertText parameter when malware is detected. The default value is BlockMessage.

Field Name: Action
Type: String

CustomExternalSubject

The CustomExternalSubject parameter specifies the subject of the custom notification message that's sent to an external sender when a message contains malware. This parameter is required when the CustomNotifications parameter is set to $true.

Field Name: CustomExternalSubject
Type: String

BypassOutboundMessages

This parameter is available only in on-premises Exchange 2016. The BypassOutboundMessages parameter skips or enforces malware scanning on outgoing messages. Valid input for this parameter is $true or $false. The default value is $false. This means malware scanning occurs on outgoing messages by default.

Field Name: BypassOutboundMessages
Type: Boolean

CustomAlertText

The CustomAlertText parameter specifies the custom alert text to insert in the message when malware is detected and the value of the Action parameter is set to ReplaceWithCustomAlert. This parameter is required when the CustomNotifications parameter is set to $true.

Field Name: CustomAlertText
Type: String

WhenCreatedUTC

Field Name: WhenCreatedUTC
Type: String
Format: date-time

EnableInternalSenderAdminNotifications

The EnableExternalSenderAdminNotifications parameter enables or disables sending notification messages to an administrator when malware is detected in messages from internal senders. Valid input for this parameter is $true or $false. The default value is $false. Specify the administrator to receive the notification messages by using the InternalSenderAdminAddress parameter.

Field Name: EnableInternalSenderAdminNotifications
Type: Boolean

CustomFromName

The CustomExternalFromName parameter specifies the From name of the custom notification message that's sent to internal or external senders when a message contains malware. This parameter is required when the CustomNotifications parameter is set to $true.

Field Name: CustomFromName
Type: String

EnableExternalSenderAdminNotifications

The EnableExternalSenderAdminNotifications parameter enables or disables sending notification messages to an administrator when malware is detected in messages from external senders. Valid input for this parameter is $true or $false. The default value is $false. Specify the administrator to receive the notification messages by using the ExternalSenderAdminAddress parameter.

Field Name: EnableExternalSenderAdminNotifications
Type: Boolean

ObjectClass

Field Name: ObjectClass.[n]
Type: Array

PSShowComputerName

Field Name: PSShowComputerName
Type: Boolean

PSComputerName

Field Name: PSComputerName
Type: String

CustomInternalSubject

The CustomInternalSubject parameter specifies the subject of the custom notification message that's sent to an internal sender when a message contains malware. This parameter is required when the CustomNotifications parameter is set to $true.

Field Name: CustomInternalSubject
Type: String

CustomNotifications

The CustomNotifications parameter enables or disables the custom notification message to the sender when the message contains malware. Valid input for this parameter is $true or $false. The default value is $false. If you enable custom notification messages by setting this parameter to $true, you specify the details of the custom notification message using the CustomFromAddress,CustomFromName, CustomExternalSubject, CustomExternalBody, CustomInternalSubject, and CustomInternalBody parameters.

Field Name: CustomNotifications
Type: Boolean

FileTypes

The FileTypes parameter specifies the file types that are blocked by common attachment blocking. The default values are: ace ani app docm exe jar reg scr vbe vbs You enable or disable common attachment blocking by using the EnableFileFilter parameter. Common attachment blocking uses best effort true-typing to detect the file type regardless of the file name extension. If true-typing fails or isn't supported for the specified file type, then extension matching is used. For example, ps1 files are Windows PowerShell scripts, but their true type is text. To replace the existing list of file types with the values you specify, use the syntax <FileType1>,<FileType2>.... To preserve existing values, be sure to include the file types that you want to keep along with the new values that you want to add. To add or remove file types without affecting the other file type entries, see the Examples section in the Set-MalwareFilterPolicy cmdlet topic.

Field Name: FileTypes.[n]
Type: Array

CustomExternalBody

The CustomExternalBody parameter specifies the body of the custom notification message that's sent to an external sender when a message contains malware. This parameter is required when the CustomNotifications parameter is set to $true.

Field Name: CustomExternalBody
Type: String

DistinguishedName

Field Name: DistinguishedName
Type: String

OriginatingServer

Field Name: OriginatingServer
Type: String

Name *

The Name parameter specifies a name for the malware filter policy. If the value contains spaces, enclose the value in quotation marks (").

Field Name: Name
Type: String

ExternalSenderAdminAddress

The ExternalSenderAdminAddress parameter specifies the email address of the administrator who will receive notifications messages when messages from external senders contain malware. Notification messages are sent to the specified email address only if the EnableExternalSenderAdminNotifications parameter is set to $true.

Field Name: ExternalSenderAdminAddress
Type: String

EnableExternalSenderNotifications

The EnableExternalSenderNotifications parameter enables or disables sending notification messages to senders when malware is detected in messages from external senders. Valid input for this parameter is $true or $false. The default value is $false.

Field Name: EnableExternalSenderNotifications
Type: Boolean

InternalSenderAdminAddress

The InternalSenderAdminAddress parameter specifies the email address of the administrator who will receive notifications messages when messages from external senders contain malware. Notification messages are sent to the specified email address only if the EnableInternalSenderAdminNotifications parameter is set to $true.

Field Name: InternalSenderAdminAddress
Type: String

EnableFileFilter

The EnableFileFilter parameter enables or disables common attachment blocking. Valid values are: $true Common attachment blocking is enabled. $false Common attachment blocking is disabled. To configure the blocked file types, use the FileTypes parameter.

Field Name: EnableFileFilter
Type: Boolean

WhenCreated

Field Name: WhenCreated
Type: String
Format: date-time

EnableInternalSenderNotifications

The EnableExternalSenderAdminNotifications parameter enables or disables sending notification messages to senders when malware is detected in messages from internal senders. Valid input for this parameter is $true or $false. The default value is $false.

Field Name: EnableInternalSenderNotifications
Type: Boolean

CustomInternalBody

The CustomInternalBody parameter specifies the body of the custom notification message that's sent to an internal sender when a message contains malware. This parameter is required when the CustomNotifications parameter is set to $true.

Field Name: CustomInternalBody
Type: String

ExchangeVersion

Field Name: ExchangeVersion
Type: String

IsDefault

Field Name: IsDefault
Type: Boolean

DomainController

This parameter is available only in on-premises Exchange 2016. The DomainController parameter specifies the domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com.

Field Name: DomainController
Type: String

ObjectCategory

Field Name: ObjectCategory
Type: String

IsValid

Field Name: IsValid
Type: Boolean

WhenChanged

Field Name: WhenChanged
Type: String
Format: date-time

WhenChangedUTC

Field Name: WhenChangedUTC
Type: String
Format: date-time

ObjectState

Field Name: ObjectState
Type: String

Identity

The Identity parameter specifies the malware filter policy that you want to view. You can use any value that uniquely identifies the policy. For example, you can use the name, GUID or distinguished name (DN) of the malware filter policy.

Field Name: Identity
Type: String

RunspaceId

Field Name: RunspaceId
Type: String

Guid

Field Name: Guid
Type: String

Field Name: Id
Type: String

Model: device/exchangeonline/MalwareFilterPolicy

Model Details