Export (0) Print
Expand All
3 out of 4 rated this helpful - Rate this topic

Manage Transport Rules

Exchange 2013
 

Applies to: Exchange Server 2013, Exchange Online Protection, Exchange Online

Topic Last Modified: 2014-03-12

Using transport rules you can look for specific conditions on messages that pass through your organization and take action on them. This topic shows you how to perform basic configuration tasks related to managing transport rules.

Rather than create each transport rule individually, for data loss prevention (DLP), you can set up a DLP policy based on one of the provided DLP Policy Templates. Each DLP policy is a package of transport rules. After you create a DLP policy, you can fine-tune the transport rules using the procedures below.

CautionCaution:
Before you create or modify transport rules in your production environment, we recommend that you use a test environment to understand the effects of the rule, or use the rule in one of the two test modes. Test all rules before creating them in a production environment.

To learn more about transport rules, see Transport Rules. Interested in scenarios where these procedures are used? See the following topics:

  • Estimated time to complete each procedure: 5 minutes.

  • You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the "Transport rules" entry in the Messaging Policy and Compliance Permissions topic.

  • The procedures that utilize the Exchange Management Shell are not applicable to Exchange Online Protection (EOP).

  • Depending on your version of Exchange, you may have different limits on your organization-wide rules. For more information, see Exchange Online Limits.

  • For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard Shortcuts in the Exchange Admin Center.

TipTip:
Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection.
  1. Create a DLP policy. For instructions, see:

  2. Modify the transport rules created by the DLP policy. See View or modify a transport rule.

The EAC allows you to create transport rules quickly, based on a template or from scratch.

  1. Go to Mail flow > Rules.

  2. Click Add Add Icon to display a list of available templates. You can select a template that fits your need, or select Create a new rule to create a rule from scratch. The remainder of this procedure assumes that you are creating a rule from scratch.

  3. In New rule, give a name to the rule and then select the condition and action for this rule:

    1. Select the condition you want from the list of available conditions listed in the Apply this rule if… dropdown. Some of the conditions will require you to specify values. For example, if you select The sender is… condition, you will need to specify a sender address.

      If you don't want to specify a condition, and want this rule to apply to every message in your organization, select [Apply to all messages] condition.

    2. Select the action you want the rule to take on messages matching the criteria from the list of available actions listed in the Do the following… dropdown. Some of the actions will require you to specify values. For example, if you select the Forward the message for approval to… condition, you will need to select a recipient in your organization.

    3. You can specify an audit severity level so that you can more easily review incidents in the message tracking log. Click Use the Audit this rule with severity level check box to specify an audit severity level for this rule.

    4. You can create a transport rule in test mode. This enables you to test new rules without impacting mail flow. Click one of the following:

      • Enforce   This turns on the rule and it starts processing messages immediately.

      • Test with Policy Tips   This turns on the rule, and what would have happened if the rule was enforced is logged in message tracking logs. Exchange doesn’t take any action that will impact the delivery of the message. In addition, senders are notified of the actions the rule will take if the rule contains the Notify the sender with a Policy Tip action.

      • Test without Policy Tips   This turns on the rule, and what would have happened if the rule was enforced is logged in message tracking logs. Exchange doesn’t take any action that will impact the delivery of the message.

      TipTip:
      When you test a rule, you may want to stop processing other rules. To do this, click More options, and select Stop processing more rules.
  4. If you are satisfied with the rule, go to step 5. If you want to add more conditions or actions, or if you want to specify exceptions, click More options. This will enable all the transport rule properties. After you click More options, complete the following fields to create your rule:

    1. To add more conditions, click Add condition. If you have more than one condition, you can remove any one of them by clicking Remove X next to it. Note that there are a larger variety of conditions available once you click More options.

    2. To add more actions, click Add action. If you have more than one action, you can remove any one of them by clicking Remove X next to it. Note that there are a larger variety of actions available once you click More options.

    3. To specify exceptions, click Add exception, then select exceptions using the Except if... dropdown. You can remove any exceptions from the rule by clicking the Remove X next to it.

    4. If you want this rule to take effect after a certain date, click Activate this rule on the following date: and specify a date. Note that the rule will still be enabled prior to that date, but it won't be processed.

    5. Similarly, you can have the rule stop processing at a certain date. To do so, click Deactivate this rule on the following date: and specify a date. Note that the rule will remain enabled, but it won't be processed.

    6. You can choose to avoid applying additional rules once this rule processes a message. To do so, click Stop processing more rules. If you select this, and a message is processed by this rule, no subsequent rules are processed for that message.

    7. You can specify how the message should be handled if the rule processing can't be completed. By default, the rule will be ignored and the message will be processed regularly, but you can choose to resubmit the message for processing. To do so, check the Defer the message if rule processing doesn't complete check box.

    8. If your rule analyzes the sender address, it only examines the message headers by default. However, you can configure your rule to also examine the SMTP message envelope. To specify what's examined, click one of the following values for Match sender address in message:

      • Header   Only the message headers will be examined.

      • Envelope   Only the SMTP message envelope will be examined.

      • Header or envelope   Both the message headers and SMTP message envelope will be examined.

    9. You can add administrative comments to this rule that gives more information about the rule in the Comments box.

  5. Click Save to complete creating the rule.

This example creates a new transport rule that prepends "External message to Sales DG:" to messages sent from outside the organization to the Sales Department distribution group.

New-TransportRule -Name "Mark messages from the Internet to Sales DG" -FromScope NotInOrganization -SentTo "Sales Department" -PrependSubject "External message to Sales DG:"

The rule parameters and action used in the above procedure are for illustration only. Review all the available transport rule conditions and actions to determine which ones meet your requirements.

To verify that you have successfully created a new transport rule, do the following:

  • From the EAC, verify that the new transport rule you created is listed in the rules list.

  • From the Shell, verify that you created the new transport rule successfully by running the following command (the example below verifies the rule created in the Shell example above):

    Get-TransportRule "Mark messages from the Internet to Sales DG"
    
  1. From the Exchange admin center, go to Mail flow.

  2. Select Rules. This will display a list of all rules defined in your organization in the order they are applied.

  3. When you select a rule in the list, the conditions, actions, exceptions and select properties of that rule are displayed in the details pane. To view all the properties of a specific rule, double click on it. This will open the rule editor window, which will allow you make changes to the rule. For more information about using the Transport rule dialog, see Use the EAC to create a new Transport rule section, earlier in this topic.

The following example gives you a list of all rules configured in your organization:

Get-TransportRule

To view the properties of a specific transport rule, you need to provide the name of that rule or its GUID. It is usually helpful to pipeline the output to the Format-List cmdlet to view all details available. The following example will return all the properties of the transport rule named Sender is a member of Marketing:

Get-TransportRule "Sender is a member of marketing" | Format-List

If you want to modify the properties of a specific rule, you need to use the Set-TransportRule cmdlet. This cmdlet allows you to change any property, condition, action or exception associated with a rule. The following example adds an exception to the rule "Sender is a member of marketing" so that it won't apply to messages sent by the user Kelly Rollin:

Set-TransportRule "Sender is a member of marketing" -ExceptIfFrom "Kelly Rollin"

To verify that you have successfully modified a transport rule, do the following:

  • From the EAC, click on the rule you modified in the rules list and view the details pane.

  • From the Shell, verify that you modified the transport rule successfully by running the following command that will list the properties you modified along with the name of the rule (the example below verifies the rule modified in the Shell example above):

    Get-TransportRule "Sender is a member of marketing" | Format-List Name,ExceptIfFrom
    

To temporarily stop the transport rules agent from executing a transport rule, you can disable the rule.

  1. From the Exchange admin center, go to Mail flow.

  2. Select Rules. This will display a list of all rules defined in your organization in the order they are applied.

  3. To disable a rule, clear the checkbox next to its name.

  4. To enable a rule, click the checkbox next to its name.

The following example disables the transport rule "Sender is a member of marketing":

Disable-TransportRule "Sender is a member of marketing"

The following example enables the transport rule "Sender is a member of marketing":

Enable-TransportRule "Sender is a member of marketing"

To verify that you have successfully enabled or disabled a transport rule, do the following:

  • From the EAC, view the list of rules in the rules list and check the status of the checkbox in the ON column.

  • From the Shell, run the following command which will return a list of all rules in your organization along with their status:

    Get-TransportRule | Format-Table Name,State
    
  1. From the Exchange admin center, go to Mail flow.

  2. Select Rules. This will display a list of all rules defined in your organization in the order they are applied.

  3. Select the rule you want to remove and then click Delete Delete Icon.

The following example removes the transport rule "Sender is a member of marketing":

Remove-TransportRule "Sender is a member of marketing"

To verify that you have successfully removed the transport rule, do the following:

  • From the EAC, view the rules in the rules list and verify that the rule you removed is no longer shown.

  • From the Shell, run the following command and verify that the rule you remove is no longer listed:

    Get-TransportRule
    

You must use the Shell to import or export a transport rule collection. For information about how to import a transport rule collection from an XML file, see Import-TransportRuleCollection. For information about how to export a transport rule collection to an XML file, see Export-TransportRuleCollection.

 
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.