Follow these steps.

  • Log into your office 365 Administrator portal
  • From the top bar, select, "Admin", then select "Exchange"
  • From the Left Side bar, select "Mail Flow"
  • From the top bar select "Rules"
  • Click on the "+" icon and select "Create A New Rule"
  • First, Click on the "More Options" link at the bottom of the screen Back, to the top of the screen, In the "Name" box, give the rule a name.
  • From the "Apply this rule if..." drop down box, hover the mouse over "Any attachment" and from the pop out box, select "file extension includes these words"
  • In the "Specify words or phrases" box, enter each extension you wish to block individually and without a . in front of the extension and click the "+" icon after each - To remove one, select the extension and use the "-" icon. - Once complete, select "OK"
  • Next, from the "Do the following.." drop down box, hover the mouse over "Block the message" and form the pop out box, select any applicable action. The best one to use is "reject the message and include an explanation" - you will be asked to specify a rejection reason, here you would typically have a basic explanation "'This message is rejected due to Mail Security. If this is not a Robot change your attachment to a .Rar file or Contact your IT.'
  • Next, you can if you wish further configure the rule for exceptions and auditing, this is not necessary but optional. When finished click on the "save" button.