Forum Discussion
DLP Exceptions issues
Hi,
We are trying to setup a DLP Policy that does the following:
- If an email contains more than 10 credit card numbers and is being sent to an external email address, notify the DLPAdmin user, except if the source of the email is "customerservice@ourcompany.com".
@ourcompany.com is our Azure Tenant (in this example).
So, we have created a new DLP Policy, as follows:
- choose locations to apply the policy: Exchange email (all included, none excluded). No other Location is selected
Customized DLP Rule:
- Sensitive info type: Credit Card Number (High Confidence 10 to Any) AND
- Content is shared from M365 "with people outside my organization"
- Except if sender is: "customerservice@ourcompany.com"
- User notification on: notify these people / send the email to these additional people: DLPAdmin@ourcompany.com
Turn the Policy on right away.
------------
IMHO the above should work...however, DLPAdmin@ourcompany.com always gets notified when the customerservice@ourcompany.com account send an email externally (and contains 10 or more credit cards). I thought the idea of the 'exceptions' was for the DLP rule to work, except when the exclusion = true.
What are we doing wrong?
Thank you,
SK
- it doesn't sound like you are doing anything wrong. can you upload a screen shot to confirm?
Hi Joe Stocker,
Thank you for taking the time to respond.
I have attached the DLP Policy screenshots.
Not sure if its useful, but I am using Outlook Web Access, and not the Outlook client for this setup and testing.
Thank you,
Shim
In your case, try to add the exception when selecting the mailboxes and not when configuring the DLP rules.
