cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community
Find out more

DLP Rule for Exchange using ExceptIfRecipientDomainIs not working any more

AlexandrosAP
Copper Contributor

‎May 30 2023 02:52 AM

‎May 30 2023 02:52 AM

DLP Rule for Exchange using ExceptIfRecipientDomainIs not working any more

Hello,

 

we had setup a DLP Rule for Exchange workloads that only allows sending to specific external recipients in a list we provide via populating the ExceptIfRecipientDomainIs attribute.

 

This has been working fine until a few days back, when suddenly the rule was failing to apply on end users (domain is listed in the Rule's ExceptIfRecipientDomainIs) and email gets blocked.

 

I then realized that the attribute is not populated anymore via Powershell and comes back empty!

 

(Get-DlpComplianceRule -Identity "DLPRULE").ExceptIfRecipientDomainIs

 At the same time, the Rule on the compliance.microsoft.com portal shows up properly with the domains in question.

 

AlexandrosAP_0-1685440055444.png

 

I then noticed that those domains now only appear under the AdvancedRule attribute only.

 

(Get-DlpComplianceRule -Identity "DLPRULE") | select -expand advancedrule

 

So it seems there has been some change in DLP rules by the compliance team at Microsoft?

 

 

551 Views
0 Likes
2 Replies
Reply
2 Replies
AlexandrosAP

‎May 31 2023 10:44 PM - edited ‎May 31 2023 10:46 PM

‎May 31 2023 10:44 PM - edited ‎May 31 2023 10:46 PM

Re: DLP Rule for Exchange using ExceptIfRecipientDomainIs not working any more

I have opened a Premier support ticket with Microsoft and it is true, that this is not working anymore. 

Waiting on the escalation team.

 

I also posted here.

 
0 Likes
Reply
benreiter

‎Sep 08 2023 05:56 AM

‎Sep 08 2023 05:56 AM

Re: DLP Rule for Exchange using ExceptIfRecipientDomainIs not working any more

@AlexandrosAP Did you ever find a resolution to this? I am encountering the same behavior (modifying ExceptIfRecipientDomainIs via PowerShell does nothing and the existing domains in Purview are listed in AdvancedRule) and was wondering if you found a solution.

0 Likes
Reply