I plan to have an external domain with an MX record pointing to my edge firewall. The inbound mail will hit the NAT and be redirected to the SMTP service running on my SharePoint WFE. What is the best way to secure this setup against SPAM and malware arriving in attachments?

Also, I understand there's and "advanced" inbound email configuration that somehow uses Exchange. Does this method require physical access to the drop folder or is there some sort of connector from Exchange into SharePoint? We use cloud-hosted Exchange so I don't know if this "advanced" method would be available. Has anyone done this?

• Edited by Golfarama 13 hours 8 minutes ago added/need additional info