This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello!
The theory (regarding the Credit Card DLP rule):
https://learn.microsoft.com/en-us/exchange/policy-and-compliance/data-loss-prevention/sensitive-information-types?view=exchserver-2019 and other documents
The practice:
In spite of the rule above the credit cards details can be sent without any issue - the rule does not work at all (with or without policy tips, with actions from Notify to Reject, and no incident report is being created), for example, the following email would be successfully sent without mail tips even with the action = Reject:
What am I doing wrong here?
Regards,
Michael
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 22%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKY%3C/text%3E%3C/svg%3E)
I suppose the cause may be your test card number (2594 6547...) isn't matched in the DLP algorithm.
It didn't trigger the rule in my test as well.
While using another number for test works for me.
According to this link: Credit card number
The card number must also pass the Luhn test.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi KaelYao-MSFT,
"The card number must also pass the Luhn test." - I thought about it and tried the real card's number - it didn't work out either :(
Hi,
For further investigation on this issue, if possible I would recommend opening a support ticket.
You may contact them by Global Customer service Phone number.
Hi KaelYao-MSFT ,
Thank you for the help!
Just in addition, have you upgraded to CU12 (released on April 20)?
It fixed some DLP related issues.
I would recommend upgrading and see if it would help with this issue.
Hi KaelYao-MSFT,
Thank you for the suggestion - I'll try and post back the results!
Thanks in advance for the update!
The result:
...and the email with real Visa number can be sent/received with no issues at all... :(((
Regards,
Michael
Sorry to hear that.
I am afraid that it may still require the support to look deep into this issue.
Yes, I agree :(