Forefront
United States (English) Sign in
Home Unified Access Gateway Forefront Identity Manager Previous Versions Library Forums
4 out of 4 rated this helpful - Rate this topic

Policy Rules

 

Applies to: Office 365 for enterprises, Live@edu, Forefront Online Protection for Exchange

Topic Last Modified: 2012-05-02

In addition to spam and virus filtering, the Forefront Online Protection for Exchange (FOPE) Administration Center Policy Rules let you enforce specific company regulations and policies by configuring customizable filtering rules. You can create a specific set of rule options that match messages based on specific match expressions or match options and take a specific action against them when they are being processed by the Hosted Filtering service.

For example, you can create a policy rule that will reject any incoming emails that have a certain word or phrase in the Subject or Body field. You can also create a policy rule that will reject emails with certain attachments files or just encrypt emails based on specific email headers. Additionally, Policy Rules let you add and manage large lists of values (such as list of IP addresses, domains, email addresses, file names, files extensions and keywords) for multiple policy rules by uploading a file (Dictionary) and linking these files in multiple policy rules.

To watch a video that guides you through the Users and Policy tabs in the FOPE Administration Center, see Forefront Online Protection for Exchange: Administration Center 103 You can also view a video about encryption policy rules; see Encryption Policy Rules in Exchange Hosted Encryption. Both of these are English language-only videos.

For email filtering policy rules, you can use one of the following syntax options to identify strings or text such as particular characters, words, numbers or patterns of characters in emails:

  • Basic (a mixture of CSV and a simple string-wildcard syntax)
  • RegEx (a subset of characters of the regular expression syntax)

The following are some of the most commonly used policy rules, with information about how to implement them.

Always accept mail from a domain

  1. Click New Policy Rule from the Tasks pane of the Policy Rules sub-tab on the Administration tab in the FOPE Administration Center.

  2. From the Traffic Scope menu, select Inbound messages.

  3. From the Action menu, select Allow.

  4. In the Domains match: field of the Sender section, under Match – New Policy Rule, enter the domain you want to allow mail from.

  5. Click Save Policy Rule to add the rule.

noteNote:
Messages allowed through this rule bypass the Spam filter and any policy reject rules, but they are still scanned by the Virus filter. The same can be applied to a specific email address instead of an entire domain.

The following image is an example of how to create a policy rule to always accept mail from a certain domain.

Sample policy rule setup

For more information about how to create this policy rule, see Understanding Policy Rule Match Options

Block a non-English character set

  1. Click New Policy Rule from the Tasks pane of the Policy Rules sub-tab on the Administration tab in the FOPE Administration Center.

  2. From the Traffic Scope: menu, select Inbound messages.

  3. From the Action menu, select Reject.

  4. In the Message field in the Match – New Policy Rule section, select Edit for the Character sets: field.

  5. Check the box or boxes next to the character set or sets that you want to block.

  6. Click OK when you have finished selecting the appropriate character set or sets.

  7. Review the Character sets: field to ensure that the desired character sets were selected.

  8. Click Save Policy Rule to save the rule.

The following is an example of a policy rule created to block a non-English character set.

A view of the character sets you can select

For more information about how to create this policy rule, see Understanding Policy Rule Match Options.

Reject messages containing a specific filename

  1. Click New Policy Rule from the Tasks pane of the Policy Rules sub-tab on the Administration tab in the FOPE Administration Center.

  2. From the Traffic Scope: menu, select the desired message type Inbound messages or Outbound messages.

  3. In the Action: menu, select Reject.

  4. In the Attachment field in the Match – New Policy Rule section, enter the appropriate file names in the File names match: field.

    noteNote:
    If you want to specify multiple file extensions or names for this option and don’t want to enter them manually, use the Dictionary option to upload a list. For details about how to use the Dictionary option, see Configuring Filters in FOPE.

  5. Click Save Policy Rule to add the rule.

The following is an example of a policy created to reject messages containing a specific filename.

Sample rule for rejecting filenames

For more information about how to create this policy rule, see Understanding Policy Rule Match Options.

Reject messages containing a specific keyword

  1. Click New Policy Rule from the Tasks pane of the Policy Rules sub-tab on the Administration tab in the FOPE Administration Center.

  2. From the Traffic Scope: menu, select the desired message type Inbound messages or Outbound messages.

  3. In the Action: menu, select Reject.

  4. Under Match – New Policy Rule expand the field for the appropriate area or areas of the message that might contain the specific keyword.

  5. Enter the appropriate keyword in the desired field for the message area or areas that you have selected.

    For example, if you want to reject inbound messages that contain one or more of the following keywords: casino, free, pill*, vi?gra in the message subject, select Subject and enter those words into the Message Subject Match field. You can use either Basic or RegEx syntax to enter the keywords. For more information about Basic and RegEx syntax, see Understanding Policy Rule Syntax.

    noteNote:
    If you want to specify multiple keywords for this option and don’t want to enter them manually, use the Dictionary option to upload a list. For details about how to use the Dictionary option, see Configuring Filters in FOPE.

  6. If you want the policy rule to take action on messages that contain keywords exactly as you have entered them in the policy rule, select the Exact match checkbox. If the keywords you have entered in the policy rule are case sensitive, select the Case sensitive checkbox.

  7. Click Save Policy Rule to add the rule.

The following is an example of a policy rule created to reject messages containing specific keywords.

Sample reject keywords rule

For more information about how to create this policy rule, see Understanding Policy Rule Match Options

Block messages over a specific size

  1. Click New Policy Rule from the Tasks pane of the Policy Rules sub-tab on the Administration tab in the FOPE Administration Center.

  2. From the Traffic Scope: menu, select Inbound messages.

  3. In the Action: menu, select Reject.

  4. Under Match – New Policy Rule select Message.

  5. In the Maxium size (KiB): field, enter the maximum desired size in Kilobinary Bytes (KiB). For example, the setting to block messages larger than 20 MB is entered as 20,480 KiB.

  6. Click Save Rule to add the rule.

noteNote:
The current network-wide size limitation on inbound and outbound messages is 150 MB. Therefore, any message that is 150 MB or greater is blocked by default. The overall message size is being managed by the rule, and not just the attachment size. Messages may be larger than expected when received because of encoding or large message bodies.

The following is an example of a policy rule created to block messages over a certain size.

Sample set maximum size rule

For more information about policy rules, see the related topics listed in the See Also section.

Redirect messages to a specified (“catch all”) mailbox

  1. Click New Policy Rule from the Tasks pane of the Policy Rules sub-tab on the Administration tab in the FOPE Administration Center.

  2. From the Domain Scope: menu, select the domain you want this rule to apply to.

  3. From the Traffic Scope: menu, select Inbound messages.

  4. In the Action: menu, select Redirect.

  5. In the Redirect to other address text box, enter the email address you want messages redirected to.

  6. Under Match – New Policy Rule expand Recipient and in the E-mail addresses match: text box enter a * followed by your organization’s email suffix, for example, *@treyresearch.net.

  7. Under Recipient options: check Apply rule even if the e-mail message includes other recipients.

  8. Click Save Policy Rule to add the rule.

 
Did you find this helpful?
(1500 characters remaining)

Community Additions

ADD
© 2013 Microsoft
|
Site Feedback
© 2013 Microsoft. All rights reserved.