Skip to content

Ensuring Anti-Malware Protection for Accepted Domains in Exchange Online

In today’s threat landscape, securing email domains against malware is a critical task for IT administrators. This article provides a PowerShell script designed to audit your organization’s accepted domains in Exchange Online, ensuring that each domain is protected by an anti-malware filter.

The script checks if specific anti-malware policies are applied to each domain and confirms that all domains are covered, whether by custom policies or the default settings. This helps administrators ensure that no domain is left vulnerable to malware attacks.

Here is the script:

Connect-ExchangeOnline

$acceptedDomains = Get-AcceptedDomain

$malwarePolicies = Get-MalwareFilterPolicy

Check if each domain has an anti-malware filter applied

Section titled “Check if each domain has an anti-malware filter applied”

$domainsWithMalwareProtection = @()

foreach ($domain in $acceptedDomains) { $isProtected = $false foreach ($policy in $malwarePolicies) {

If the policy is applied to specific domains, check if the current domain is included

Section titled “If the policy is applied to specific domains, check if the current domain is included”

if ($policy.AppliedTo -contains $domain.DomainName) { $isProtected = $true break } }

If no specific policy is applied, it is covered by the default policy

Section titled “If no specific policy is applied, it is covered by the default policy”

if (-not $isProtected) { $isProtected = $true } $domainsWithMalwareProtection += [PSCustomObject]@{ DomainName = $domain.DomainName IsProtected = $isProtected } }

$domainsWithMalwareProtection | Format-Table -AutoSize

Disconnect-ExchangeOnline -Confirm:$false