Exclude single e-mail address in DLP policy


Hi everyone,


I'm trying to set up a DLP policy to prevent our employees from sending out email or sharing documents containing sensitive information to people outside the organization. I have configured a policy in the Security & Compliance Center and when using any of the Outlook clients everything works fine, the users are provided with policy tips and they have the option to override the policy tips but we also have some systems that are automatically sending email containing sensitive information to partners, and this is a must, and these systems cannot not automatically override the policy tips. This could be solved if I could add an exception to the policy that its allowed to send sensitive information to a given address but there doesn't seem to be an option for excluding a single address in the locations settings of the policy. There is only an option to exclude an distribution group…


Has anyone else run into this problem and have you found a way to solve the problem?



5 Replies
best response confirmed by Dan Gleason (Senior Member)

Simply create a DG with that address added as the only member?

Yes, I thought of that as one option also but it just feels stupid to create a DG for this purpose. Why can't there be an opiton add one or several addresses to the exclusion list?

There was, but it seems the devs decided to change that...

Any ideas why it was removed? Will the functionality return some day?

No idea, sorry.