What is Office 365 Transport Rule & What we need to know

Office 365 Transport Rules, commonly referred to as mail flow rules, basically search for circumstances within emails to identify and act upon. They act on messages we designate, much like the inbox rules used by many email programs like Outlook. However, a Microsoft 365 Transport Rule won’t intervene with an outgoing message after it has been delivered but only while it is in transit. Basically, all mails that pass through your organization and are then transmitted outside of it are subject to the mail flow rule. The Inbox rules included in Outlook and Outlook Online are comparable to Mail flow rules (formerly known as Outlook Web App). The primary distinction is that messages are subject to mail flow regulations while they are being transported rather than after they have been dropped off at the mailbox. For each rule, you have the option of enforcing it, testing it, or testing it and notifying the sender. All communications that pass through our organization are compared to the enabled mail flow rules apart from NDRs. The order in which rules are processed depends on the Priority parameter value for that rule in PowerShell or the order in which they are listed on the Mail flow > Rules page in EAC.

When a rule is matched, each rule also gives the option of pausing the processing of additional rules. For messages that meet the criteria in numerous mail flow rules, this option is crucial.

M 365 Transport Rules are primarily utilized for company compliance and security needs. For instance, we might decide that, in order to comply with legal obligations, we must prevent anyone from receiving emails that contain attachments. Thus, we would configure a Transport Rule to alter the mail flow and stop all messages that contain attachments.

A mail flow rule is built of conditions, exceptions, actions, and properties:

Conditions: List the messages to which the actions should be applied. Certain circumstances look at message header fields (for example, the To, From, or Cc fields). Other circumstances look at message attributes (for example, the message subject, body, attachments, message size, or message classification). The majority of conditions need you to enter a value to match and a comparison operator (like equals, doesn’t equal, or contains). The rule is applied uniformly to all messages if there are neither conditions nor exceptions.

Exceptions: Indicate the messages that shouldn’t be affected by the actions. Message IDs are accessible in exceptions in the same way that they are in conditions. Even if a message satisfies all of the configured conditions, exceptions overrule the conditions and prohibit the rule actions from being applied to the message.

Actions: Define what to do with messages that satisfy the rule’s conditions but do not satisfy any of the exceptions. There are numerous options, including rejecting, deleting, or rerouting communications, adding extra recipients, altering the subject line using prefixes, and adding disclaimers to the message co Properties: Specify other rules settings that aren’t conditions, exceptions, or actions. For example, when the rule should be applied, whether to enforce or test the rule and the time period when the rule is active.

What else do we need to know?

It may take up to 30 minutes for the new or updated mail flow rule to be applied to messages after we create or amend it.

Bypassing EOP and enabling immediate mail flow from internal senders like scanners, fax machines, and other dependable sources that send known-to-be-secure attachments is possible via transport rules. Avoid filtering all internal messages because a hacked account might send dangerous stuff in this case.

We cannot return mail flow rules to earlier states since history and changes are not preserved.

Let’s create a rule for important messages marked as High. Every high email will include in Bcc field a specific mailbox that will be specified by us.

We have to open the exchange admin console https://admin.exchange.microsoft.com

The next step is Mail Flow > Rules > add a rule and follow the below info. In the final step, we have to enable the rule.

M365 Transport Rule

More info:

https://learn.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/mail-flow-rules

https://learn.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/conditions-and-exceptions

Leave a Reply

Your email address will not be published. Required fields are marked *