Forum Discussion
In bound Email triggers DLP Policy
I have a DLP policy to catch financial info from being emailed out by my users.
However we received an alert for an inbound email which had a routing number and account number for an invoice. T...
DLP does not trigger inbound, and there are no such options to configure. If you previously had DLP rules configured in the Exchange Admin Center, it's possible that some of the corresponding Transport rules are misconfigured to fire on both outgoing/incoming messages, so check for that.
TonyRedmond might have some additional insights here.
1. Do you have transport rules configured with DLP?
2. The SCC (Office 365) DLP rules are expanding their coverage of email operations, so it is possible that they might have caught this too.
Impossible to say what happened without looking at the rules. Can you share the logic?