Help CenterIn today’s threat landscape, securing email domains against malware is a critical task for IT administrators. This article provides a PowerShell script designed to audit your organization's accepted domains in Exchange Online, ensuring that each domain is protected by an anti-malware filter.
The script checks if specific anti-malware policies are applied to each domain and confirms that all domains are covered, whether by custom policies or the default settings. This helps administrators ensure that no domain is left vulnerable to malware attacks.
Here is the script:
# Connect to Exchange OnlineConnect-ExchangeOnline# Get the list of all accepted domains$acceptedDomains = Get-AcceptedDomain# Get the list of all anti-malware policies$malwarePolicies = Get-MalwareFilterPolicy# Check if each domain has an anti-malware filter applied$domainsWithMalwareProtection = @()foreach ($domain in $acceptedDomains) {$isProtected = $falseforeach ($policy in $malwarePolicies) {# If the policy is applied to specific domains, check if the current domain is includedif ($policy.AppliedTo -contains $domain.DomainName) {$isProtected = $truebreak}}# If no specific policy is applied, it is covered by the default policyif (-not $isProtected) {$isProtected = $true}$domainsWithMalwareProtection += [PSCustomObject]@{DomainName = $domain.DomainNameIsProtected = $isProtected}}# Output the results$domainsWithMalwareProtection | Format-Table -AutoSize# Disconnect from Exchange OnlineDisconnect-ExchangeOnline -Confirm:$false