Forum Discussion
Do DLP policies expand distributions groups for verifying recipient(s)
Hello,
Are Exchange distribution groups expanded when evaluating DLP rules created in Microsoft Purview and scoped to Exchange Email location. This is to address scenarios where the underlying email recipients within a distribution group might consist of more than one domain and distinct policies could be applicable to each of those domains.
Regards,
SG
2 Replies
Hi, DP2621,
For this scenario, please keep in mind that when you scope a policy to a group, everyone in that group will be subject to that policy, and its rules. If you would want specific users that are in a group to not be subject to a policy, you would need to specifically exclude them from the policy, because exclusions take precedence over inclusions.
Also make sure you keep an eye on policy priority. The highest priority, most restrictive policy, when multiple are matched, will take precedence.
Hello,
Thank you for the response miller34mike. Let me clarify further. My question wasn't pertaining to scoping the policy. My question was in relation to how the Data Loss Prevention rules are processed.
For further context, you could use "recipient" or "recipient domain" as a condition while building the Data Loss Prevention rules. Wanted to understand whether distribution groups are expanded when the rules are processed.
Regards,
SG
