Export (0) Print
Expand All

What's New for Transport Rules for Exchange Online

Exchange Online
 

Applies to: Exchange Online

Topic Last Modified: 2013-07-03

This topic provides a brief overview of some of the key changes and enhancements in Exchange Online for Transport rules.

Data loss prevention (DLP) features in Exchange Online can help organizations reduce unintentional disclosure of sensitive data. Transport rules have been updated to support creating rules that accompany and enforce DLP policies. To learn more about DLP support in transport rules, see the following topics:

Integrating Sensitive Information Rules with Transport Rules

Data Loss Prevention

The functionality of transport rules has been extended via the addition of new predicates and actions. Each predicate listed below can be used as a condition or an exception when you're creating transport rules.

For detailed information about using these new predicates and actions, see New-TransportRule.

  • MessageContainsDataClassifications   Used to detect sensitive information in the message body and any of the attachments. For a list of data classifications available, see Sensitive Information Types Inventory.
  • HasSenderOverride Used to detect messages where the sender has chosen to override a DLP policy restriction.
  • SenderIPRanges   Used to detect messages sent from a specific set of IP address ranges.
  • AttachmentExtensionMatchesWords   Used to detect messages that contain attachments with specific extensions.
  • AttachmentHasExecutableContent   Used to detect messages that contain attachments with executable content.
  • MessageSizeOver   Used to detect messages whose overall size is greater than or equal to the specified limit.

  • NotifySender Controls how the sender of a message that goes against a DLP policy is notified. You can choose to simply inform the sender and route the message normally, or you can choose to reject the message and notify the sender.
  • StopRuleProcessing   Stops the processing of all subsequent rules on the message.
  • RouteMessageOutboundRequireTLS   Requires TLS encryption when routing this message outside your organization. If TLS encryption isn't supported, the message is rejected and not delivered.
  • RouteMessageOutboundConnector   Routes the message through the specified outbound connector.
  • ReportSeverityLevel   Sets the specified severity level in the incident report. Values for the action are: Informational, Low, Medium, High, and Off.
  • GenerateIncidentReport   Generates an incident report that is sent to a specified SMTP address. The action also has a parameter called IncidentReportContent that you can use to specify what parts of the original message you want to include in the incident report.

  • Support for extended regular expression syntax   Transport rules in Exchange Online are now based on the Microsoft .NET Framework regular expression (regex) functionality and now support extended regular expression syntax.
  • Detailed Transport rule information in message tracking logs   Detailed information about Transport rules are now included in message tracking logs. The information includes which rules were triggered for a specific message and the actions taken as a result of processing those rules.
  • New rule monitoring functionality   Exchange Online monitors Transport rules that are configured and measures the cost of running these rules both when you're creating the rule and also during regular operation. Exchange can detect and generate alerts for rules that are causing delays in mail delivery.
  • Rule size limit changes The following changes have been made to Transport rule limits:
    • Maximum size of each rule is 4 kilobytes (KB).
    • The character limit for all regular expressions used in all Transport rules is 20 KB. This limit applies to total number of characters used by all regular expressions, including keywords.
 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft