MCAS Session Policy Exceptions for Trusted Domain

New Contributor

New to MCAS and I do not have direct access so bear with me. 

Required use case: Block emails that contain sensitive keywords except where the mail recipient is a trusted partner (check domain part of email address is one of a list of trusted partners e.g.

Being told by my supplier that it is not possible to do in MCAS and need to set up in O365 Security & Comp Centre. They tell me that MCAS cannot check the mail recipient domain in the condition, only individual usernames that have been imported.

Any way I can do that in MCAS - to avoid rules in multiple places?

1 Reply

@GrahamP67 I don't think MCAS is the right tool to configure DLP. You should block this in realtime, and except for session control that is not possible with MCAS.