New-MalwareFilterPolicy
This cmdlet is available in on-premises Exchange and in the cloud-based service. Some parameters and settings might be exclusive to one environment or the other.
Use the New-MalwareFilterPolicy cmdlet to create malware filter policies in your organization.
For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.
Syntax
Default (Default)
New-MalwareFilterPolicy
[-Name] <String>
[-Action <MalwareFilteringAction>]
[-AdminDisplayName <String>]
[-BypassInboundMessages <Boolean>]
[-BypassOutboundMessages <Boolean>]
[-Confirm]
[-CustomAlertText <String>]
[-CustomExternalBody <String>]
[-CustomExternalSubject <String>]
[-CustomFromAddress <SmtpAddress>]
[-CustomFromName <String>]
[-CustomInternalBody <String>]
[-CustomInternalSubject <String>]
[-CustomNotifications <Boolean>]
[-DomainController <Fqdn>]
[-EnableExternalSenderAdminNotifications <Boolean>]
[-EnableExternalSenderNotifications <Boolean>]
[-EnableFileFilter <Boolean>]
[-EnableInternalSenderAdminNotifications <Boolean>]
[-EnableInternalSenderNotifications <Boolean>]
[-ExternalSenderAdminAddress <SmtpAddress>]
[-FileTypeAction <FileTypeFilteringAction>]
[-FileTypes <String[]>]
[-InternalSenderAdminAddress <SmtpAddress>]
[-QuarantineTag <String>]
[-RecommendedPolicyType <RecommendedPolicyType>]
[-WhatIf]
[-ZapEnabled <Boolean>]
[<CommonParameters>]
Description
New policies that you create using this cmdlet aren't applied to users and aren't visible in admin centers. You need to use the MalwareFilterPolicy parameter on the New-MalwareFilterRule or Set-MalwareFilterRule cmdlets to associate the policy with a rule.
You need to be assigned permissions before you can run this cmdlet. Although this article lists all parameters for the cmdlet, you might not have access to some parameters if they aren't included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet.
Examples
Example 1
New-MalwareFilterPolicy -Name "Contoso Malware Filter Policy" -EnableInternalSenderAdminNotifications $true -InternalSenderAdminAddress admin@contoso.com
This example creates a new malware filter policy named Contoso Malware Filter Policy with the following settings:
- Block messages that contain malware in on-premises Exchange, or quarantine the message in Exchange Online.
- Notify the administrator admin@contoso.com when malware is detected in a message from an internal sender.
Parameters
-Action
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE
This parameter is available only in on-premises Exchange.
The Action parameter specifies the action to take when malware is detected in a message. Valid values are:
- DeleteMessage: Handles the message without notifying the recipients. This value is the default.
- DeleteAttachmentAndUseDefaultAlert: Delivers the message, but replaces all attachments with a file named Malware Alert Text.txt that contains the default alert text.
- DeleteAttachmentAndUseCustomAlert: Delivers the message, but replaces all attachments with a file named Malware Alert Text.txt that contains the custom alert text specified by the CustomAlertText parameter.
Parameter properties
| Type: | MalwareFilteringAction |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-AdminDisplayName
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The AdminDisplayName parameter specifies a description for the policy. If the value contains spaces, enclose the value in quotation marks (").
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-BypassInboundMessages
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE
This parameter is available only in on-premises Exchange.
The BypassInboundMessages parameter enables or disables malware filtering on incoming messages (messages entering the organization). Valid values are:
- $true: Malware filtering is disabled on inbound messages.
- $false: Malware filtering is enabled on inbound messages. This value is the default.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-BypassOutboundMessages
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE
This parameter is available only in on-premises Exchange.
The BypassOutboundMessages parameter enables or disables malware filtering on outgoing messages (messages leaving the organization). Valid values are:
- $true: Malware filtering is disabled on outbound messages.
- $false: Malware filtering is enabled on outbound messages. This value is the default.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Confirm
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.
- Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax:
-Confirm:$false. - Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-CustomAlertText
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE
This parameter is available only in on-premises Exchange.
The CustomAlertText parameter specifies the custom text to use in the replacement attachment named Malware Alert Text.txt. If the value contains spaces, enclose the value in quotation marks (").
This parameter is meaningful only when the value of the Action parameter is DeleteAttachmentAndUseCustomAlert.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-CustomExternalBody
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The CustomExternalBody parameter specifies the custom body to use in notification messages for malware detections in messages from external senders. If the value contains spaces, enclose the value in quotation marks (").
This parameter is meaningful only when the value of the CustomNotifications parameter is $true, and the value of at least one of the following parameters is also $true:
- EnableExternalSenderAdminNotifications
- EnableExternalSenderNotifications
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-CustomExternalSubject
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The CustomExternalSubject parameter specifies the custom subject to use in notification messages for malware detections in messages from external senders. If the value contains spaces, enclose the value in quotation marks (").
This parameter is meaningful only when the value of the CustomNotifications parameter is $true, and the value of at least one of the following parameters is also $true:
- EnableExternalSenderAdminNotifications
- EnableExternalSenderNotifications
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-CustomFromAddress
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The CustomFromAddress parameter specifies the custom From address to use in notification messages for malware detections in messages from internal or external senders.
This parameter is meaningful only when the value of the CustomNotifications parameter is $true, and the value of at least one of the following parameters is also $true:
- EnableExternalSenderAdminNotifications
- EnableExternalSenderNotifications
- EnableInternalSenderAdminNotifications
- EnableInternalSenderNotifications
Parameter properties
| Type: | SmtpAddress |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-CustomFromName
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The CustomFromName parameter specifies the custom From name to use in notification messages for malware detections in messages from internal or external senders. If the value contains spaces, enclose the value in quotation marks (").
This parameter is meaningful only when the value of the CustomNotifications parameter is $true, and the value of at least one of the following parameters is also $true:
- EnableExternalSenderAdminNotifications
- EnableExternalSenderNotifications
- EnableInternalSenderAdminNotifications
- EnableInternalSenderNotifications
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-CustomInternalBody
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The CustomInternalBody parameter specifies the custom body to use in notification messages for malware detections in messages from internal senders. If the value contains spaces, enclose the value in quotation marks (").
This parameter is meaningful only when the value of the CustomNotifications parameter is $true, and the value of at least one of the following parameters is also $true:
- EnableInternalSenderAdminNotifications
- EnableInternalSenderNotifications
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-CustomInternalSubject
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The CustomInternalSubject parameter specifies the custom subject to use in notification messages for malware detections in messages from internal senders. If the value contains spaces, enclose the value in quotation marks (").
This parameter is meaningful only when the value of the CustomNotifications parameter is $true, and the value of at least one of the following parameters is also $true:
- EnableInternalSenderAdminNotifications
- EnableInternalSenderNotifications
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-CustomNotifications
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The CustomNotifications parameter enables or disables the customization of notification messages for malware detections. Valid values are:
- $true: Replace the default values used in notification messages with the values of the CustomFromAddress, CustomFromName, CustomExternalSubject, CustomExternalBody, CustomInternalSubject and CustomInternalBody parameters.
- $false: No customization is done to notification messages. The default values are used.
This parameter is meaningful only when the value of at least one of the following parameters is also $true:
- EnableExternalSenderAdminNotifications
- EnableExternalSenderNotifications
- EnableInternalSenderAdminNotifications
- EnableInternalSenderNotifications
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DomainController
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE
This parameter is available only in on-premises Exchange.
The DomainController parameter specifies the domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com.
Parameter properties
| Type: | Fqdn |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-EnableExternalSenderAdminNotifications
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The EnableExternalSenderAdminNotifications parameter enables or disables sending notification messages to an administrator for malware detections in messages from internal senders. Valid values are:
- $true: When malware attachments are detected in messages from external senders, a notification messages is sent to the email address that's specified by the ExternalSenderAdminAddress parameter.
- $false: Notifications aren't sent for malware attachment detections in messages from external senders. This value is the default.
Note: Admin notifications are sent only for attachments that are classified as malware.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-EnableExternalSenderNotifications
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE
This parameter is available only in on-premises Exchange.
The EnableExternalSenderNotifications parameter enables or disables sending notification messages to external senders for malware detections in their messages. Valid values are:
- $true: When malware is detected in a message from an external sender, send them a notification message.
- $false: Don't send malware detection notification messages to external message senders. This value is the default.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-EnableFileFilter
Applicable: Exchange Online, Exchange Online Protection
This parameter is available only in the cloud-based service.
The EnableFileFilter parameter enables or disables the common attachments filter (also known as common attachment blocking). Valid values are:
- $true: The common attachments filter is enabled. This value is the default.
- $false: The common attachments filter is disabled.
You specify the file types using the FileTypes parameter. A default list of values is automatically provided, but you can customize it.
You specify the action for detected files using the FileTypeAction parameter.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-EnableInternalSenderAdminNotifications
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The EnableInternalSenderAdminNotifications parameter enables or disables sending notification messages to an administrator for malware detections in messages from internal senders. Valid values are:
- $true: When malware attachments are detected in messages from internal senders, a notification messages is sent to the email address that's specified by the InternalSenderAdminAddress parameter.
- $false: Notifications aren't sent for malware attachment detections in messages from internal senders. This value is the default.
Note: Admin notifications are sent only for attachments that are classified as malware.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-EnableInternalSenderNotifications
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE
This parameter is available only in on-premises Exchange.
The EnableInternalSenderNotifications parameter enables or disables sending notification messages to internal senders for malware detections in their messages. Valid values are:
- $true: When malware is detected in a message from an internal sender, send them a notification message.
- $false: Don't send malware detection notification messages to internal message senders. This value is the default.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExternalSenderAdminAddress
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The ExternalSenderAdminAddress parameter specifies the email address of the administrator who receives notifications messages for malware detections in messages from external senders.
This parameter is meaningful only if the value of the EnableExternalSenderAdminNotifications parameter is $true.
Parameter properties
| Type: | SmtpAddress |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-FileTypeAction
Applicable: Exchange Online, Exchange Online Protection
This parameter is available only in the cloud-based service.
The FileTypeAction parameter specifies what happens to messages that contain one or more attachments where the file extension is included in the FileTypes parameter (the common attachments filter). Valid values are:
- Quarantine: Quarantine the message. Whether or not the recipient is notified depends on the quarantine notification settings in the quarantine policy that's selected for the malware filter policy by the QuarantineTag parameter.
- Reject: The message is rejected in a non-delivery report (also known as an NDR or bounce message) to the sender. The message is not available in quarantine. This value is the default.
This parameter is meaningful only when the value of the EnableFileFilter parameter is $true.
Parameter properties
| Type: | FileTypeFilteringAction |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-FileTypes
Applicable: Exchange Online, Exchange Online Protection
This parameter is available only in the cloud-based service.
The FileTypes parameter specifies the file types that are automatically blocked by the common attachments filter, regardless of content. The default values are:
ace, ani, apk, app, appx, arj, bat, cab, cmd, com, deb, dex, dll, docm, elf, exe, hta, img, iso, jar, jnlp, kext, lha, lib, library, lnk, lzh, macho, msc, msi, msix, msp, mst, pif, ppa, ppam, reg, rev, scf, scr, sct, sys, uif, vb, vbe, vbs, vxd, wsc, wsf, wsh, xll, xz, z
This parameter is meaningful only if the value of the EnableFileFilter parameter is $true.
The common attachments filter uses best effort true-typing to detect the file type regardless of the file name extension. For example, an exe file renamed to txt is detected as an exe file. If true-typing fails or isn't supported for the specified file type, then extension matching is used.
To replace the existing list of file types with the values you specify, use the syntax FileType1,FileType2,...FileTypeN. To preserve existing values, be sure to include the file types that you want to keep along with the new values that you want to add.
To add or remove file types without affecting the other file type entries, see the Examples section in the Set-MalwareFilterPolicy cmdlet topic.
Parameter properties
| Type: | String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-InternalSenderAdminAddress
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The InternalSenderAdminAddress parameter specifies the email address of the administrator who receives notifications messages for malware detections in messages from internal senders.
This parameter is meaningful only if the value of the EnableInternalSenderAdminNotifications parameter is $true.
Parameter properties
| Type: | SmtpAddress |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Name
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The Name parameter specifies the unique name of the malware filter policy. If the value contains spaces, enclose the value in quotation marks (").
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 1 |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-QuarantineTag
Applicable: Exchange Online, Exchange Online Protection
This parameter is available only in the cloud-based service.
The QuarantineTag parameter specifies the quarantine policy that's used on messages that are quarantined as malware. You can use any value that uniquely identifies the quarantine policy. For example:
- Name
- Distinguished name (DN)
- GUID
Quarantine policies define what users are able to do to quarantined messages, and whether users receive quarantine notifications. For more information about quarantine policies, see Quarantine policies.
If you don't use this parameter, the default quarantine policy that's used is named AdminOnlyAccessPolicy. For more information about this quarantine policy, see Anatomy of a quarantine policy.
To view the list of available quarantine policies, run the following command: Get-QuarantinePolicy | Format-List Name,EndUser*,ESNEnabled.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-RecommendedPolicyType
Applicable: Exchange Online, Exchange Online Protection
This parameter is available only in the cloud-based service.
The RecommendedPolicyType parameter is used for Standard and Strict policy creation as part of Preset security policies. Don't use this parameter yourself.
Parameter properties
| Type: | RecommendedPolicyType |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-WhatIf
Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection
The WhatIf switch simulates the actions of the command. You can use this switch to view the changes that would occur without actually applying those changes. You don't need to specify a value with this switch.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ZapEnabled
Applicable: Exchange Online, Exchange Online Protection
This parameter is available only in the cloud-based service.
The ZapEnabled parameter specifies whether to enable zero-hour auto purge (ZAP) for malware in cloud mailboxes. ZAP detects malware in unread messages that have already been delivered to the user's Inbox. Valid values are:
- $true: ZAP for malware is enabled. Unread messages in the user's Inbox that contain malware are moved to the Junk Email folder. This value is the default.
- $false: ZAP for malware is disabled.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
Input types
To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn't accept input data.
Outputs
Output types
To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn't return data.