Forum Discussion
Decrypt Journal Message DLP
MicrosoftHi mlittman
You could be looking at a priority order issue here. Where in the list of policies/rules does the exception for journal group lie?
Hello! I had it second rule after the first one which was to check for sensitive info and encrypt. Then the next rule was unless its from inside to the journal address, then decrypt it. I removed it this morning as it has been in place for couple days and wasn't doing anything so back at the drawing board. This is how the current policy looks (attaching pic). In the main rule i have tried to add the journal address and domain with the rest of my NOT objects as well and it did not work.
- miller34mike
Hi mlittman
So, when you say not working, do you mean that all emails, even to the exclusions in the new policy are being encrypted? Or no email is being encrypted?
So in the screenshot, that is our main policy I have been testing and adding on to. It works great. I have had to add exclusions (the NOT part) for some domains we use and everything is working good. Where I am running into trouble now is, that we have an transport rule that sends emails from a specific set of users off to a third party site via journaling. Those emails are encrypting. I cant figure out how to get the emails to that specific location without being encrypted. Hope that helps? (i have tried to add that journal domain and address in the current rule with the other domains and it did not work). I tried to make an additional rule below the rule in the screenshot to decrypt any messages from internal to the specific journal address and or domain and still encrypts the journaled email.
