You are here: Blog Block Cryptolocker on Exchange 2013

Block Cryptolocker on Exchange 2013

-log into your EXCHANGE ADMIN CENTER (EAC) with an Admin account.
-click on the Admin in the upper right hand corner.
-select Exchange.
-go to Mail Flow on the left.
-make sure you are on Rules.
-click the + (to Create New Rule).
-name it Block EXE.
-in the Apply this rule if... drop down select Any attachment's content includes...
-click the Enter words...
-type EXE
-hit the + (you should not see EXE where the Enter words... was).
-(if you want to add other extensions like BAT, MSI, CMD and so on, you can just click in that same spot).
-in the Do the following... drop down selected Reject the message with the explanation...
-type in: Executable content not allowed. 
-leave the Audit this rule with severity level: checked drop down as is (Not specified).
-choose a mode for this rule: radio button should be on Enforce.
-now hit Save

Now add a second rule. This time when setting up the rule in mail flow, you need to:

-click on 'more options' (at the bottom of the rule).
-go back to 'apply this rule if' (at the top)
-select 'any attachment' then 'has executable content'.

Maybe I'll add a video here. Contact me if you really want one.

Want to hire us?

Please fill out our request for proposal (RFP) form here and we'll get in touch with you shortly.

RFP & Quote

Contact Dak Networks

Please contact us at the following.