o365-malware-policy.ps1

<# CIAOPS
Script provided as is. Use at own risk. No guarantees or warranty provided.

Description - Configure a new Exchange Online malware filtering policy

Source - https://github.com/directorcia/Office365/blob/master/o365-malware-policy.ps1

Prerequisites = 1
1. Ensure Exchange online PowerShell module installed or updated

More scripts available by joining http://www.ciaopspatron.com

#>

## Variables
$systemmessagecolor = "cyan"
$processmessagecolor = "green"
## Separate multiple domains with comma (,) e.g."domain1.com", "domain2.com", "domain3.com"
$domains = "M365B555418.onmicrosoft.com"
$policyname = "Configured Policy"
$rulename = "Configured Recipients"

## If you have running scripts that don't have a certificate, run this command once to disable that level of security
## set-executionpolicy -executionpolicy bypass -scope currentuser -force

Clear-Host

write-host -foregroundcolor $systemmessagecolor "Script started`n"

write-host -foregroundcolor $processmessagecolor "Set new malware policy"

$policyparams = @{
    "Name" = $policyname;
    'Action' =  'deletemessage';
    'Enablefilefilter' =  $true;
    'Enableinternalsendernotifications' =  $true;
    'Zap' = $true
}
new-malwarefilterpolicy @policyparams

write-host -foregroundcolor $processmessagecolor "Set new malware filter rule"

$ruleparams = @{
     'name' = $rulename;
     'comments' = 'This is a custom policy added via a PowerShell script';
     'malwarefilterpolicy' = $policyname; ## this needs to match the above policy name
     'recipientdomainis' = $domains; ## this needs to match the domains you wish to protect in your tenant
     'Priority' = 0;
     'Enabled' = $true
} 

New-malwarefilterrule @ruleparams

write-host -foregroundcolor $systemmessagecolor "Script complete`n"