Create an Email Transport Rule

Log in to the Microsoft Exchange Admin Center.

Create the outbound and inbound connectors.

Skip this step if you have already created both the outbound and inbound connectors.

Create a Microsoft Exchange Outbound Connector
Create a Microsoft Exchange Inbound Connector

Select

Mail flow

Rules

Add a rule

Create a new rule

to create a new email transport rule.



Configure the email transport rule conditions.

Enter a
Name
for the email transport rule.
Specify the email recipient.
This instructs Microsoft Exchange to forward the email to
Enterprise DLP
before it leaves your network when the email recipient is outside your organization.
For
Apply this rule if
, select
The recipient
.
For the recipient, select
is external/internal
. When prompted to select the recipient location, select
Outside the organization
Click
Save
to continue.

Specify Microsoft Exchange Connector you created as the transport target for email inspection.
For
Do the following
, select
redirect the message to
.
For the transport target, select
the following connector
. When prompted, select the outbound connector.
Click
Save
to continue.

Add an exception for emails that exceed the maximum message size supported by
Enterprise DLP
.
Enterprise DLP
supports inspection of email messages up to 20 MB in size. Larger email messages are not supported and should not be forwarded to
Enterprise DLP
.
In the s

Except If

field, select

The message

.

Select

size is greater than or equal to

. When prompted, enter the following maximum-supported message size KB:

20480

Add an exception for emails that were already inspected by
Enterprise DLP
.
In the
Except if
condition, click the add symbol ( ) to add a new
Or
condition.
Select the
The message headers
condition.
For the
Or
condition action, select
matches any of these words
.
Click
Enter text
to set the message header to
x-panw-inspected
.
Click
Enter words
and enter
true
.
Click
Add
and select the word you added. Click
Save
to continue.

Click
Next
to continue.

Configure the email transport rule settings.

For the
Rule mode
, ensure
Enforce
is selected.
This setting is enabled by default when a new transport rule is created.
(
Optional
) Configure the rest of the email transport rule settings as needed.
Click
Next
to continue.
Save
.

Review the email transport rule configuration and click

Finish.

Click

Done

when prompted that the email transport rule was successfully created. You are redirected back to the Microsoft Exchange Rules page.

Modify the email transport rule priority as needed.

To change the priority of a transport rule, select the transport rule and

Move Up

or

Move Down

as needed.

A proper rule hierarchy is recommended to ensure emails successfully forward to

Enterprise DLP

.

The email transport rule should always be the highest priority rule relative to the other transport rules required for Email DLP.
Any email encryption rules not created as part of the email DLP configuration must be ordered below the transport rules created for Email DLP.
Enterprise DLP
cannot inspect encrypted emails.
There is no impact in regards to priority between the quarantine transport rules, block transport rule, encrypt transport rule, or any other transport rules that exist.
After
Enterprise DLP
inspects and returns the email back to Microsoft Exchange, the appropriate transport rule action will occur based on the email header.