How to solve the issue of creating too long transport rule in M365?

Osman Mohamed 5 Reputation points
2023-03-08T14:39:02.5566667+00:00

I have around 300 domains need to be whitelisted in M365 so our employees are able to send emails to recipients from these domains only.

I have created in rule in mail flow but can't save the rule because it is too long, and I get the error message as attached.Too long rule

below is the rule description:

Apply this rule if

Is sent to 'Outside the organization'

Do the following

Set audit severity level to 'High' and reject the message and include the explanation 'Access Denied!' with the status code: '5.7.1'

Except if

recipients's address domain portion belongs to any of these domains: ....................(almost 300 domains)...........

or Is received from a member of group 'defined Group'

I tried to implement what a Microsoft article suggests to create several smaller rules work together to perform the function of one large rule, but that did not solve the problem (in case I have two rules, and the first one allowed the flow and the second one did not, the result will be block sending the email!)

I wonder if anyone has a work-around to solve this issue or any alternative solution.

Best Regards

Osman

Microsoft Exchange Online
Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,523 questions
{count} vote

2 answers

Sort by: Most helpful
  1. Saad Khan 11 Reputation points
    2023-03-08T18:10:17.22+00:00

    Solution: Reduce the number of conditions or actions in the rule so that the rule's size is no more than 8 KB. Or, create multiple rules so that several smaller rules work together to perform the function of one large rule.

    Reference: https://learn.microsoft.com/en-us/exchange/troubleshoot/email-delivery/transport-rule-not-created-because-too-large

    Since it's EXO, nothing much we could do, unfortunately.

    May be create two separate rules, divide the domains in half. (workaround)


  2. Aholic Liang-MSFT 13,856 Reputation points Microsoft Vendor
    2023-03-09T07:44:14.6266667+00:00

    Hi @Osman Mohamed ,

    You can refer to the following rule to set the spam confidence level for emails sent to specified domains.

    If you can't add all domains in the same rule, you can create multiple rules for different domains.

    2023-3-9-1

    Then create a rule that blocks outgoing emails, and the exception condition is set to the spam confidence level in the previous rules.

    2023-3-9-2

    (Kindly note:After modify a mail flow rule, please wait for some time to take effect.)


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.