Export (0) Print
Expand All

Transport rule actions

Exchange Online
 

Applies to: Exchange Online

Topic Last Modified: 2014-08-07

Transport rule actions let you apply messaging policies to email messages flowing through your organization that match conditions and exceptions defined in Transport rule conditions (predicates). For example, you could define a transport rule action to forward an email message to an approving manager, or add a disclaimer or personalized signature.

Looking for:

Contents

Actions and action properties

Property values

Each transport rule action contains the action, and any information needed for the action. For example, when you use the Redirect the Message to action, you must specify the email address of the person you’re redirecting the message to. Sometimes two pieces of information are needed. For example, when you add a disclaimer, you need the disclaimer text plus information about what to do if the disclaimer can’t be sent.

Here’s a list of the information required for each action in Exchange Online. When you add these actions using the Exchange admin center, you’re prompted for the required information. When you add them using the Shell, you must specify them on the command line. Valid values for each property are described in Property values.

The following table lists the actions that can be used with Transport rules in Exchange Online.

 

Action name in Exchange admin center Action name in Shell Properties Description

Forward the message for approval to

ModerateMessageByUser

Addresses

Forwards the message to the specified moderators as an attachment wrapped in an approval request.

Forward to the sender's manager for approval

ModerateMessageByManager

Not applicable

forwards the message to the sender's manager for approval, if the manager attribute is populated in Active Directory.

ImportantImportant:
If the sender's manager attribute isn't populated in Active Directory, the message is delivered to recipients without moderation.

Redirect the message to

RedirectMessageTo

Addresses

Redirects the email message to one or more recipients specified. The message isn't delivered to the original recipients, and no notification is sent to the sender or the original recipients.

Deliver the message to the spam quarantine

Quarantine

Not applicable

Delivers the message to the quarantine mailbox.

Use the following outbound connector

RouteMessageOutboundConnector

OutboundConnector

Routes messages through the specified outbound connector.

Reject the message with the explanation

RejectMessageReasonText

RejectReason

Deletes the email message and sends a non-delivery report to the sender with the specified text as the rejection reason. The recipient doesn't receive the message or notification.

Reject the message with the enhanced status code

RejectMessageEnhancedStatusCode

EnhancedStatusCode

Deletes the email message and sends a non-delivery receipt to the sender with the specified status code. The recipient doesn't receive the message or notification.

Delete the message without notifying anyone

DeleteMessage

Not applicable

Deletes the email message without sending a notification to either the recipient or the sender.

Bcc the message to

BlindCopyTo

Addresses

Adds one or more recipients as blind carbon copy (Bcc) recipients. The original recipients aren't notified and can't see the Bcc addresses.

Add these recipients to the To box

AddToRecipient

Addresses

Adds one or more recipients to the To field of the message. The original recipients can see the additional address.

Cc the message to

CopyTo

Addresses

Adds one or more recipients to the carbon copy (Cc) field of the message. The original recipients can see the Cc address.

Add the sender's manager as a recipient type

AddManagerAsRecipientType

AddedRecipientType

Adds the sender's manager, if defined in the manager attribute in Active Directory, as the specified recipient type.

Append the disclaimer

ApplyHtmlDisclaimerText

ApplyHtmlDisclaimerTextLocation

ApplyHtmlDisclaimerFallbackAction

First property: DisclaimerText

Second property: FallbackAction

Applies an HTML disclaimer to the message. There are three parameters in the Shell that correspond to this action. When you append the disclaimer, the property ApplyHtmlDisclaimerTextLocation is set to Append.

Prepend the disclaimer

ApplyHtmlDisclaimerText

ApplyHtmlDisclaimerTextLocation

ApplyHtmlDisclaimerFallbackAction

First property: DisclaimerText

Second property: FallbackAction

Applies an HTML disclaimer to the message. There are three parameters in the Shell that correspond to this action. When you prepend the disclaimer, the property ApplyHtmlDisclaimerTextLocation is set to Prepend.

Remove this header

RemoveHeader

MessageHeader

Removes the specified message header from a message.

Set the message header to this value

SetHeaderName

SetHeaderValue

First property: MessageHeader

Second property: HeaderValue

Creates a new message header or modifies an existing message header and sets the value of that message header to the specified value. There are two parameters in the Shell that correspond to this action.

Apply a message classification

ApplyClassification

Classification

Applies a message classification to the message.

Set the spam confidence level (SCL) to

SetScl

SclValue

Sets the spam confidence level (SCL) on an email message. For more information about how to use this setting, see Create a transport rule to identify mail as spam or not spam by setting the spam confidence level (SCL).

Prepend the subject of the message with

PrependSubject

Prefix

Prepends the Subject of the message with the specified text.

Apply rights protection to the message with

ApplyRightsProtectionTemplate

RMSTemplateIdentity

Applies the specified Rights Management Services (RMS) template to the message.

Require TLS encryption

RouteMessageOutboundRequireTls

Not applicable

Forces the outbound messages to be routed over TLS encrypted connections.

Apply Office 365 Message Encryption

ApplyOME

Not applicable

Encrypt the message and attachments. To use this action, your organization must have Windows Azure Rights Management set up for Office 365 Message Encryption.

Remove Office 365 Message Encryption

RemoveOME

Not applicable

Decrypt the message and attachments so that users don’t have to sign in to the encryption portal in order to view them. This action can only be done for messages that are sent within your organization. To use this action, your organization must have Windows Azure Rights Management set up for Office 365 Message Encryption.

Notify the sender with a Policy Tip

NotifySender

NotifySenderType

Notifies the sender when the message goes against a DLP policy configured in the organization.

When you use this action, you must use the MessageContainsDataClassification condition.

Only the following Transport Rule Conditions (Predicates) can also be used:

  • SentTo (The recipient is)

  • SentToScope (The recipient is located)

  • From (The sender is)

  • FromMemberOf (The sender is a member of)

  • FromScope (The sender is located)

Generate incident report and send it to

GenerateIncidentReport

First property: Addresses

Second property: IncidentReportContent

Generates an incident report and sends it to the specified recipients.

Stop processing more rules

StopRuleProcessing

Not applicable

Specifies whether the processing of subsequent rules should be stopped for this message.

The following table lists the action property types used by Transport rule actions in Exchange Online.

Each property that you use to define a transport rule action requires a value. Here’s a list of values for each action property in Exchange Online.

 

Property Valid values Description

AddedRecipientType

One of the following values:

  • To

  • Cc

  • Bcc

  • Redirect

AddedRecipientType accepts a single value:

  • To, Cc, and Bcc values are self-explanatory and correspond to the addressing fields of email messages.

  • Redirect delivers the message only to the specified recipient. The message isn't delivered to any of the original recipients.

Addresses

Either a single or an array of valid recipients.

Addresses accepts an array of mailbox, mail-enabled contact, mail-enabled user, or distribution group objects.

Classification

Single message classification object

Classification accepts a single message classification object. To see what message classification objects are available, you can use the Get-MessageClassification cmdlet.

DisclaimerText

HTML string

DisclaimerText can be any text you want to insert to the message as a disclaimer. HTML tags and cascade style sheet (CSS) tags.

EnhancedStatusCode

Single DSN code of 5.7.1, or any value from 5.7.10 through 5.7.999

EnhancedStatusCode specifies the DSN code and related DSN message to display to the senders of messages rejected by a transport rule action. The DSN message associated with the specified DSN status code is displayed in the user information portion of the NDR displayed to the sender. The specified DSN code must be an existing default DSN code or a customized DSN status code that you can create by using the New-SystemMessage cmdlet.

FallbackAction

One of the following values:

  • Wrap

  • Ignore

  • Reject

FallbackAction specifies what the Transport rule should do if a disclaimer can't be applied to a message. There can be cases where the contents of a message can't be altered, for example if a message is encrypted. The default fallback action is Wrap. The following list describes each fallback action:

  • Wrap   If the disclaimer can't be inserted into the original message, Exchange encloses, or wraps, the original message in a new message envelope. Then the disclaimer is inserted into the new message.

    ImportantImportant:
    If an original message is wrapped in a new message envelope, subsequent Transport rules are applied to the new message envelope, and not to the original message. Therefore, you must configure Transport rules with disclaimer actions that wrap original messages in a new message body with a lower priority than other Transport rules.
    NoteNote:
    If the original message can't be wrapped in a new message envelope, the original message isn't delivered. The sender of the message receives an NDR that explains why the message wasn't delivered.
  • Ignore   If the disclaimer can't be inserted into the original message, Exchange lets the original message continue unmodified. No disclaimer is added.

  • Reject   If the disclaimer can't be inserted into the original message, Exchange doesn't deliver the message. The sender of the message receives an NDR that explains why the message wasn't delivered.

HeaderValue

Single string

HeaderValue accepts a single string that's applied to the header specified header.

IncidentReportContent

One of the following values:

  • Sender

  • Recipients

  • Subject

  • CC

  • BCC

  • Severity

  • Override

  • RuleDetections

  • FalsePositive

  • DataClassifications

  • IdMatch

  • AttachOriginalMail

IncidentReportContent specifies the list of properties of the original message to be included in the incident report. You can choose to include any combination of these properties. In addition to the properties you specify, the message ID is always included in the incident report. The following list describes these properties:

  • Sender, Subject, and AttachOriginalMail   Self-explanatory values. The first two correspond to the message properties with the same name. The third property specifies that the entire message that triggered the rule is attached to the incident report.

  • Recipients, CC, and BCC   Designate the recipients the message was sent to, and correspond to the To, Cc, and Bcc boxes respectively. For each of these properties, only the first 10 recipients are included in the incident report. If the message was addressed to more than 10 recipients, the report will also include the count of additional recipients. For example, if the message included 22 people in the To: box, the incident report will list the first 10 of these recipients and specify that there were 12 additional recipients.

  • Severity   Specifies the audit severity of the rule that was triggered. If the message was processed by more than one rule, the highest severity is included in the incident report.

  • Override   Specifies the override if the sender has chosen to override a Policy Tip. If the sender has provided a justification, the first 100 characters of the justification is also included.

  • RuleDetections   Specifies the list of rules that the message triggered.

  • FalsePositive   Specifies the false positive if the sender marked the message as a false positive for a Policy Tip.

  • DataClassifications   Specifies the list of sensitive information types detected in the message.

  • IdMatch   Specifies the sensitive information type detected, the exact matched content from the message, and the 150 characters before and after the matched sensitive information.

MessageHeader

Single string

MessageHeader accepts a string that can be used to specify the SMTP message header to modify.

NotifySenderType

One of the following values:

  • NotifyOnly

  • RejectMessage

  • RejectUnlessFalsePositiveOverride

  • RejectUnlessSilentOverride

  • RejectUnlessExplicitOverride

NotifySenderType specifies the type of Policy Tip the sender will receive if a message they sent goes against a DLP policy configured in the organization. The following list describes each notification type:

  • NotifyOnly Sender is notified, but the message is delivered normally.

  • RejectMessage Sender is notified, and the message is rejected.

  • RejectUnlessFalsePositiveOverride The message is rejected unless it is marked as a false positive by the sender.

  • RejectUnlessSilentOverride The message is rejected unless the sender has chosen to override the policy restriction.

  • RejectUnlessExplicitOverride This is similar to RejectUnlessSilentOverride type, but the sender also provides a justification for overriding the policy restriction.

OutboundConnector

Outbound connector ID

OutboundConnector is the identity of a specific outbound connector used to route messages.

Prefix

Single string

Prefix accepts a string that's prepended to the subject of the email message.

TipTip:
To prevent the string that's specified with the Prefix Transport rule action from being added to the subject every time that a reply to the message encounters the Transport rule, add the SubjectContains exception to the Transport rule.
The SubjectContains exception should contain the string that you specified with the Prefix Transport rule action. If you add the SubjectContains exception to the Transport rule, the Transport rule doesn't add another instance of the Prefix string to the subject if the Prefix string already appears in the subject.

RejectReason

Single string

RejectReason accepts a string that's used to populate the administrator information portion of the NDR returned to the email sender if an email message is rejected.

RMSTemplateIdentity

RMS Template identity

RMSTemplateIdentity accepts an RMS Template identity. You can get a list of RMS templates available on an Active Directory RMS server in the Active Directory forest using the Get-RMSTemplate cmdlet.

SclValue

Single integer

SclValue accepts a single integer from -1 through 9, which is used to configure the SCL of the email message. For more information about how to use this setting, see Create a transport rule to identify mail as spam or not spam by setting the spam confidence level (SCL).

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft