Create email rules to prevent ransomware

Microsoft 365 helps protect your business against ransomware by preventing potentially dangerous files, like JavaScript, batch, and executables, from being opened in Outlook. To increase this level of protection by adding rules that block or warn you of additional types of files, follow these steps.

Try it!

  1. From the admin center at, choose Exchange under Admin centers.

  2. From the menu on the left, choose mail flow.

  3. On the rules tab, choose the arrow next to the plus (+) symbol, and then choose Create a new rule.

  4. On the new rule page, enter a name for your rule, scroll to the bottom, and then choose More options.

  5. Under Apply this rule if, select Any attachment, and then select file extension includes these words.

  6. In the box under specify words or phrases, enter the file extensions that you want the rule to be applied to, such as file extensions that can contain macros. Use the plus (+) symbol to add them one at a time.

    Learn more about file types by reading Protect against ransomware.

  7. Scroll down to review your list, and then choose OK.

  8. On the new rule page, choose add condition, and then choose a condition under Do the following.

  9. You have many rule options to choose from, but in this example we'll choose to Notify the recipient with a message.

  10. Enter message text for your notification, and then chose OK.

  11. Optional: On the new rule page, choose add exception, and enter any details for exceptions to your rule, such as messages from trusted senders.

  12. On the new rule page, choose Save, and review the rule summary information provided.