Enterprise DLP
Create a Microsoft Exchange Block Transport Rule
Table of Contents
Expand All
|
Collapse All
Enterprise DLP Docs
Create a Microsoft Exchange Block Transport Rule
Create a Microsoft Exchange Block transport rule to specify the action Microsoft
Exchange takes when an email contains sensitive data and is blocked.
- Log in to the Microsoft Exchange Admin Center.Create the outbound and inbound connectors.Skip this step if you have already created both the outbound and inbound connectors.Select Mail flowRulesAdd a ruleCreate a new rule to create a new email transport rule.Configure the Block transport rule conditions.
- Enter a Name for the Block transport rule.Add the Block email message header.The Block header is added by the DLP cloud service when an inspected email contains sensitive information that is blocked.
- For Apply this rule if, select The message headers....
- Select includes any of these words.
- Click Enter Text. When promoted, enter the following.x-panw-actionClick Save to continue.Click Enter words. When prompted, enter the following and Add:blockSelect the word you added. Click Save to continue.Specify the action Microsoft Exchange takes when an email header includes the Block header added by Enterprise DLP.
- For Do the following, select Block the message.
- Select reject the message and include an explanation. When prompted, enter the explanation for why the email was blocked.This is the response members of your organization receive when an outbound email is blocked.Click Save to continue.
Click Next to continue.Configure the Block transport rule settings.- For the Rule mode, ensure Enforce is selected.This setting is enabled by default when a new transport rule is created.(Optional) Configure the rest of the Block transport rule settings as needed.Click Next to continue.Save.Review the Block transport rule configuration and click Finish.Click Done when prompted that the Block transport rule was successfully created. You are redirected back to the Microsoft Exchange Rules page.Modify the email transport rule priority as needed.To change the priority of a transport rule, select the transport rule and Move Up or Move Down as needed.A proper rule hierarchy is recommended to ensure emails successfully forward to Enterprise DLP for inspection.
- The email transport rule should always be the highest priority rule relative to the other transport rules required for Enterprise DLP inspection.
- Any email encryption rules not created as part of the Email DLP configuration must be ordered below the transport rules created for Enterprise DLP inspection. Enterprise DLP cannot inspect encrypted emails.
- There is no impact in regards to priority between the quarantine transport rules, block transport rule, encrypt transport rule, or any other transport rules that exist.After Enterprise DLP inspects and returns the email back to Microsoft Exchange, the appropriate transport rule action will occur based on the email header.