This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 4%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
We've created a basic DLP policy targeting Exchange, with an action to forward an email for approval when a condition is met. The email is never forwarded, and have opened a SR, which is not getting anywhere. Message Trace shows no errors, and also nothing of use for troubleshooting.
Documentation states that DLP for Exchange in Purview uses Exchange transport rules. I looked in EAC and see no such rule for forwarding. I also don't see rules for notifications or policy tips (which work fine)--so mail rule configuration is stored somewhere....but where?
Does anyone know where this kind of configuration lives? Purview is impossible to troubleshoot, as there's no REST API. For policy, you get a handful of Powershell cmdlets that do not return needed information. I get it--Purview is a new wrapper portal for existing underlying services, but devop types need to know where the new data types live, and how to access them before they will trust it enough to implement.
Thank you in advance for any insight.
A unified data governance solution that helps manage, protect, and discover data across your organization
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 96%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
I believe what you are looking for resides under mail flow within EAC.
----------
Please accept as an answer if this was helpful.
Thank you for the reply! Correct. That's where I looked, but did not see any rules pertaining to forwarding.
MSFT's response is this:
I must say this is by design, let's say we have a lot of DLP configuration for OneDrive, SharePoint, Exchange and we don't want these transport rules to be mixed up with our Exchange Online transport rules. As we know the features of Exchange Online transport rule is kind of different than the DLP and DLP is designed for protecting organization valued and sensitive data although there are some similarities and dependencies specially in mail transport and notifications
which is counter to their own documentation suggesting that it uses EXO transport rules in the context of an organization's EXO. That's why I'm hoping someone here knows where these transport rules live. Support's next step? "Can you create a second policy before we escalate?"