This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I understand we can block all incoming messages with attachments based on this article: https://learn.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/common-attachment-blocking-scenarios
And I would have thought I could set up mail rules for individual users to block attachments and generate an auto-reply, but I've never seen that work correctly. Even if it did, those rules would apply to the user account, not a mail group. If this were the only option, we could possibly set up a user account as the group and just provide shared access to it, but that's definitely not a work-around we would want to take.
What we want to do is block incoming emails with attachments (or attachments over a certain size, either way would be OK) being sent to a mail group, rather than to an individual account. Is there a way to do that? If so, could you help me understand how we would set this up? I would prefer not to block attachments to individual user accounts, just to specific mail groups, regardless of the membership of the group (i.e., members of the group should still be able to receive large attachments, as long as those attachments are emailed directly to the user email address, instead of to the group email address).
I am writing here to confirm with you any update about this thread now.
If the suggestion below helps, please feel free to accept it as an answer to help more people.
Do you mean that:
If so, you cannot achieve it so far, because SentTo predicate does not allow distribution groups:
Here may be a workaround for you:
If you want to block the emails with attachments to group and individual mailbox, you could use the "The recipient is a member of"
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Aren't Mailtips only visible to other users on the tenant? I'm solely concerned about emails from customers (external accounts). We have another method for them to provide us files and want to prevent them sending files to our support groups by email.
I don't think I understand the logic: why would Exchange support blocking file attachments to individual users, but not to groups?
Thanks,
Colin
It is by design:
You could try with this one:
About this one, if you send an email to this group and another individual mailbox (Such as OnlineList1 and User1), all of them will not receive this email.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thanks, I'll investigate that. I thought I had tried that before and in my tests, the sender never received the rejection message, but I'm not certain I had used the same condition you've recommended here. Thanks!
Try to test with an internal mailbox first. If the internal mailbox could receive NDR, it means your tenant blocks sending NDR to external mailbox. You could use the command below to check about it:
Get-RemoteDomain | fl *NDR*