Create a Microsoft Exchange Email Transport Rule

1. Log in to the Microsoft Exchange Admin Center.
2. Create the outbound and inbound connectors.

   Skip this step if you have already created both the outbound and inbound connectors.
3. Select Mail flowRulesAdd a ruleCreate a new rule to create a new email transport rule.

4. Configure the email transport rule conditions.

   1. Enter a Name for the email transport rule.
   2. Specify the email recipient.

      This instructs Microsoft Exchange to forward the email to Enterprise DLP before it leaves your network when the email recipient is outside your organization.

      1. For Apply this rule if, select The recipient.
      2. For the recipient, select is external/internal. When prompted to select the recipient location, select Outside the organization
         Click Save to continue.

   3. Specify Microsoft Exchange Connector you created as the transport target for email inspection.

      1. For Do the following, select redirect the message to.
      2. For the transport target, select the following connector. When prompted, select the outbound connector.
         Click Save to continue.

   4. Add an exception for emails that exceed the maximum message size supported by Enterprise DLP.

      Enterprise DLP supports inspection of email messages up to 20 MB in size. Larger email messages are not supported and should not be forwarded to Enterprise DLP.

      1. In the s Except If field, select The message.
      2. Select size is greater than or equal to. When prompted, enter the following maximum-supported message size KB:

         20480

   5. Add an exception for emails that were already inspected by Enterprise DLP.

      1. In the Except if condition, click the add symbol (

         ) to add a new Or condition.
      2. Select the The message headers condition.
      3. For the Or condition action, select matches any of these words.
      4. Click Enter text to set the message header to x-panw-inspected.
      5. Click Enter words and enter true.
         Click Add and select the word you added. Click Save to continue.

   6. Click Next to continue.
5. Configure the email transport rule settings.

   1. For the Rule mode, ensure Enforce is selected.

      This setting is enabled by default when a new transport rule is created.
   2. (Optional) Configure the rest of the email transport rule settings as needed.
   3. Click Next to continue.
   4. Save.
6. Review the email transport rule configuration and click Finish.

   Click Done when prompted that the email transport rule was successfully created. You are redirected back to the Microsoft Exchange Rules page.
7. Modify the email transport rule priority as needed.

   To change the priority of a transport rule, select the transport rule and Move Up or Move Down as needed.

   A proper rule hierarchy is recommended to ensure emails successfully forward to Enterprise DLP.

   • The email transport rule should always be the highest priority rule relative to the other transport rules required for Email DLP.
   • Any email encryption rules not created as part of the Email DLP configuration must be ordered below the transport rules created for Email DLP. Enterprise DLP cannot inspect encrypted emails.
   • There is no impact in regards to priority between the quarantine transport rules, block transport rule, encrypt transport rule, or any other transport rules that exist.
     After Enterprise DLP inspects and returns the email back to Microsoft Exchange, the appropriate transport rule action will occur based on the email header.