封鎖的郵件流程規則案例的一般附件Common attachment blocking scenarios for mail flow rules

您的組織可能會需要特定類型的郵件會封鎖或已拒絕以符合法律或規範需求,或以實作特定業務需求。本文將告訴您封鎖所有附件其中您可以設定 Exchange 中使用的傳輸規則的常見案例的範例。Your organization might require that certain types of messages be blocked or rejected in order to meet legal or compliance requirements, or to implement specific business needs. This article discusses examples of common scenarios for blocking all attachments which you can set up using transport rules in Exchange.

如需其他範例顯示如何封鎖特定附件,請參閱:For additional examples showing how to block specific attachments, see:

惡意程式碼篩選器包括常見的附件類型篩選。在 Exchange 系統管理中心 (EAC) 中,移至 [保護,然後按一下 新增 若要新增篩選器。在 Exchange Online 的入口網站中,瀏覽至 [保護],然後選取惡意軟體篩選器The malware filter includes a Common Attachment Types Filter. In the Exchange admin center (EAC), go to Protection, then click New ( Add Icon) to add filters. In the Exchange Online portal, browse to Protection, and then select Malware Filter.

若要開始實作任何這些案例封鎖特定訊息類型:To get started implementing any of these scenarios to block certain message types:

  1. 登入 Exchange 系統管理中心。Sign in to the Exchange admin center.

  2. 移至 [郵件流程] > [規則]Go to Mail flow > Rules.

  3. 按一下 新增,然後選取 [建立新的規則Click New ( Add Icon) and then select Create a new rule.

  4. 在 [名稱] 方塊中,指定規則的名稱,然後按一下 [更多選項]。In the Name box, specify a name for the rule, and then click More options.

  5. 選取條件和您想要的動作。Select the conditions and actions you want.

    請注意: 在 EAC 中,您可以輸入的最小附件大小為 1 kb,應該會偵測到大部分的附件。不過,如果您想要偵測之任何規模的每個可能的附件,您需要使用 PowerShell 1 個位元組附件大小調整為您在 EAC 中建立規則之後。若要了解如何在內部部署 Exchange 組織中開啟 Exchange 管理命令介面,請參閱開啟命令介面。若要了解如何使用 Windows PowerShell 連線至 Exchange Online,請參閱Connect to Exchange Online PowerShell。若要了解如何使用 Windows PowerShell 連線至 Exchange Online Protection,請參閱Connect to Exchange Online Protection PowerShellNote: In the EAC, the smallest attachment size that you can enter is 1 kilobyte, which should detect most attachments. However, if you want to detect every possible attachment of any size, you need to use PowerShell to adjust the attachment size to 1 byte after you create the rule in the EAC. To learn how to open the Exchange Management Shell in your on-premises Exchange organization, see Open the Shell. To learn how to use Windows PowerShell to connect to Exchange Online, see Connect to Exchange Online PowerShell. To learn how to use Windows PowerShell to connect to Exchange Online Protection, see Connect to Exchange Online Protection PowerShell.

取代_<規則名稱> 名稱的現有規則,並執行下列命令以將附件大小設為 1 個位元組:Replace <Rule Name>_ with the name of the existing rule, and run the following command to set the attachment size to 1 byte:

Set-TransportRule -Identity "<Rule Name>" -AttachmentSizeOver 1B

您將附件大小調整為 1 個位元組之後,會顯示在 EAC 中規則的值會是0.00 KBAfter you adjust the attachment size to 1 byte, the value that's displayed for the rule in the EAC is 0.00 KB.

範例 1: 封鎖郵件含有附件,並通知寄件者Example 1: Block messages with attachments, and notify the sender

如果您不想人員在您的組織傳送或接收的附件,您可以設定傳輸規則封鎖所有附件的郵件。If you don't want people in your organization to send or receive attachments, you can set up a transport rule to block all messages with attachments.

在這個範例中,會封鎖所有傳送至或來自組織之附件的郵件。In this example, all messages sent to or from the organization with attachments are blocked.

封鎖所有附件的規則

如果所有您想要做為封鎖郵件,您可能會想要停止規則處理一旦符合此規則。捲動 [規則] 對話方塊中,然後選取 [停止處理其他規則] 核取方塊。If all you want to do is block the message, you might want to stop rule processing once this rule is matched. Scroll down the rule dialog box, and select the Stop processing more rules check box.

範例 2: 通知時封鎖內送的郵件預定的收件者Example 2: Notify intended recipients when an inbound message is blocked

如果您想要拒絕郵件,但讓預定的收件者知道有何變化,您可以使用 [通知郵件的收件者] 動作。If you want to reject a message but let the intended recipient know what happened, you can use the Notify the recipient with a message action.

您可以通知訊息中包含預留位置,使其包含原始郵件的相關資訊。版面配置區必須括住兩個百分比符號 (%) 及時傳送通知訊息,將預留位置取代從原始郵件的資訊。您也可以如使用基本 HTML<巴西>、 <b>、<我>,及<img>訊息中。You can include placeholders in the notification message so that it includes information about the original message. The placeholders must be enclosed in two percent signs (%%), and when the notification message is sent, the placeholders are replaced with information from the original message. You can also use basic HTML such as <br>, <b>, <i>, and <img> in the message.

資訊類型Type of information
預留位置Placeholder
寄件者的郵件。Sender of the message.
%%從 %%%%From%%
列出在"To"列上的收件者。Recipients listed on the "To" line.
%%到 %%%%To%%
"["副本] 行上所列的收件者。Recipients listed on the "Cc" line.
%%Cc %%%%Cc%%
原始郵件的主旨。Subject of the original message.
%%主旨 %%%%Subject%%
從原始郵件標頭。這是類似的標頭中產生原始郵件的傳遞狀態通知 (DSN) 清單。Headers from the original message. This is similar to the list of headers in a delivery status notification (DSN) generated for the original message.
%%標頭 %%%%Headers%%
傳送原始郵件的日期。Date the original message was sent.
%%Messagedate %%%%MessageDate%%

在此範例中所包含的附件而傳送給組織內的人的所有郵件已都封鎖,且收件者會收到通知。In this example, all messages that contain attachments and are sent to people inside your organization are blocked, and the recipient is notified.

封鎖內送訊息時通知收件者的規則

範例 3: 修改通知的主旨列Example 3: Modify the subject line for notifications

當通知傳送給收件者時、 主旨行是原始郵件的主旨。如果您想要修改之主旨,以便更清楚收件者,您必須使用這兩個傳輸規則:When a notification is sent to the recipient, the subject line is the subject of the original message. If you want to modify the subject so that it is clearer to the recipient, you must use two transport rules:

  • 第一個規則新增至任何附件的郵件主旨開頭的 「 無法傳遞 」 這個字。The first rule adds the word "undeliverable" to the beginning of the subject of any messages with attachments.

  • 第二個規則封鎖郵件並將通知訊息傳送給寄件者使用新的原始郵件的主旨。The second rule blocks the message and sends a notification message to the sender using the new subject of the original message.

重要

這兩個規則必須具有相同的條件。規則處理順序,因此的第一個規則將新增 「 無法傳遞 」 的字和第二個規則封鎖郵件,並通知收件者。The two rules must have identical conditions. Rules are processed in order, so the first rule adds the word "undeliverable", and the second rule blocks the message and notifies the recipient.

以下是新的第一個規則看起來如果您想要新增 「 無法傳遞 」 主題:Here's what the first rule would look like if you want to add "undeliverable" to the subject:

在含附件的訊息之前加上「無法傳遞」的規則

與第二個規則的作用的封鎖與通知 (從範例 2 相同的規則):And the second rule does the blocking and notification (the same rule from Example 2):

封鎖內送訊息時通知收件者的規則

範例 4: 適用於時間限制的規則Example 4: Apply a rule with a time limit

如果您有惡意程式碼散播,可能要套用時間限制的規則,讓您暫時封鎖的附件。例如,以下規則具有 start 和 stop 日和時間:If you have a malware outbreak, you might want to apply a rule with a time limit so that you temporarily block attachments. For example, the following rule has both a start and stop day and time:

顯示時間限制的規則

另請參閱See also

Exchange Online 中的郵件流程規則 (傳輸規則)Mail flow rules (transport rules) in Exchange Online

傳輸規則 (Exchange Server 2016)Transport Rules (Exchange Server 2016)

傳輸規則 (Exchange Online Protection)Transport rules (Exchange Online Protection)