Forum Discussion

ENMRSH's avatar
ENMRSH
Copper Contributor
May 13, 2025

DLP Policy Rule "U.S. Physical Address" exclusion

We have the built in Sensitive Info Type "U.S. Physical Address" in our Default HR & Privacy Info Protection Policy in simulation. This is set to the location of just Exchange Email only. Everyone in...
ENMRSH's avatar
ENMRSH
Copper Contributor
May 13, 2025

My custom SIT may have broken it entirely as my test email sent to outside our Org never set off an alert. 

I'd see instructions to make a custom SIT but I never understood the options. I found the following https://learn.microsoft.com/en-us/purview/sit-create-a-custom-sensitive-information-type and  also looked over "Sensitive information type functions". This led me to "Func_us_address". Building a custom sensitive information type has the Exclude Specific Matches at the bottom of the Edit Pattern flyout. I added every possible spelling of our address to exclude.

Confidence Level = Medium

Primary Element = Function processors: Func_us_address

Character proximity = Detect primary AND supporting elements​ within 300 characters (without Anywhere in the document checked)

Supporting elements = Did not add any

Additional checks = Exclude specific matches: All possible spellings of our physical address and PO Box

AakashMalhotra's avatar
AakashMalhotra
Icon for Microsoft rankMicrosoft
Jun 19, 2025

You could also create a complex DLP rule-

<Other rule conditions> AND

(Content contains "All physical addresses" AND NOT (Content contains "Custom address SIT"))

 

Resources