The attachment filter SHOULD attempt to determine the true file type and assess the file extension.

Why This Matters

Attackers often disguise malicious executables or scripts by wrapping them in innocuous file extensions. Without true file type inspection, a PDF attachment could actually be a .exe or .vbs file that evades detection and compromises your Exchange Online environment. Enabling this filter ensures that the attachment handler checks the actual binary signature, not just the label.

What Aether365 Checks

Aether365 verifies that your attachment filter is configured to inspect the true file type of attachments, comparing it against the declared file extension. This check is displayed in the Aether365 dashboard under your Microsoft 365 security checks.