Data loss prevention policy tip reference for Outlook for Microsoft 365

Tip

If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.

Note

Microsoft Purview data loss prevention (DLP) will only process the first 4 MB on message content for policy tip in Outlook for Microsoft 365 and only classify up to 2 MB of attachments.

Important

Mailboxes must be hosted in Exchange Online. For more information, see: Learn about data loss prevention.

Licensing

See the tables below for the policy tip support details for various licenses and Outlook versions. For advanced DLP policy tip support, which makes additional DLP conditions, advanced classifiers, oversharing dialog, and more available, these licenses are required for each scoped user:

• E5 or equivalent license
• Information Protection for Office 365 - Premium" license (MIP_S_CLP2 or efb0351d-3b08-4503-993d-383af8de41e3) must be enabled.

Conditions that support policy tips for Outlook perpetual users

For Outlook perpetual versions and users	These conditions apply
-E3 users -E5 users	- For email and unencrypted Microsoft 365 files Content contains sensitive information types - Content is shared from Microsoft 365

Conditions that support policy tips for Outlook for Microsoft 365 users

For Outlook for Microsoft versions and users	These conditions apply
- All E3 users - All offline E5 users - All E5 users with connected experience disabled - All online E5 users with production version builds lower than 2303 (Build 16.0.16216.10000) - All online E5 users with semi-annual channel version builds lower than 2302 (Build 16.0.16130.20478)	- Content contains sensitive information types - Content is shared from Microsoft 365
- All online E5 users with connected experience enabled in WW commercial and GCC/GCC-H/DoD clouds - production version 2303 & Build 16.0 16216.10000 or higher - semi-annual channel version 2302 & Build 16.0.16130.20478 or higher	- Content contains Sensitive Info Types (Works for email and unencrypted Microsoft 365 and PDF files) - Message (includes email subject) contains sensitive information types (Preview) - Attachment contains sensitive information types (Preview) - Content contains sensitivity labels (Works for email and Office & PDF file types) - Content is shared - Sender is - Sender is member of (Only Distribution lists, Azure-based Dynamic Distribution groups, and email-enabled Security groups are supported.) - Sender domain is - Recipient is - Recipient is a member of (Only Distribution lists, Azure-based Dynamic Distribution groups, and email-enabled Security groups are supported.) - Recipient domain is - Subject contains words - Content is not labeled (Preview) - Message is not labeled (Preview) - Attachment is not labeled (Preview) - File extension is (Preview)

Actions that support policy tips

All Exchange actions support policy tips

• Restrict access or encrypt the content in Microsoft 365 locations
• Set headers
• Remove header
• Redirect the message to specific users
• Forward the message for approval to sender's manager
• Forward the message for approval to specific approvers
• Add recipient to the To box
• Add recipient to the Cc box
• Add recipient to the Bcc box
• Add the sender's manager as recipient
• Removed O365 Message Encryption and rights protection
• Prepend Email Subject
• Add HTML Disclaimer
• Modify Email Subject
• Deliver the message to the hosted quarantine

Sensitive information types that support policy tips for Outlook perpetual users

For Outlook perpetual version E3 and E5 users these sensitive information types support policy tips:

• ABA routing number
• Argentina national identity (DNI) number
• Australia bank account number
• Australia medical account number
• Australia passport number
• Australia tax file number
• Azure DocumentDB auth key
• Azure IAAS database connection string and Azure SQL connection string
• Azure IoT connection string
• Azure publish setting password
• Azure Redis cache connection string
• Azure SAS
• Azure service bus connection string
• Azure storage account key
• Azure Storage account key (generic)
• Belgium national number
• Brazil CPF number
• Brazil legal entity number (CNPJ)
• Brazil national identification card (RG)
• Canada bank account number
• Canada driver's license number
• Canada health service number
• Canada passport number
• Canada personal health identification number (PHIN)
• Canada social insurance number
• Chile identity card number
• China resident identity card (PRC) number
• Credit card number
• Croatia identity card number
• Croatia personal identification (OIB) number
• Czech personal identity number
• Denmark personal identification number
• Drug Enforcement Agency (DEA) number
• EU debit card number
• EU driver's license number
• EU national identification number
• EU passport number
• EU social security number or equivalent identification
• EU Tax identification number
• Finland national ID
• Finland passport number
• France driver's license number
• France national id card (CNI)
• France passport number
• France social security number (INSEE)
• Germany driver's license number
• Germany passport number
• Germany identity card number
• Greece national ID card
• Hong Kong identity card (HKID) number
• India permanent account number (PAN)
• India unique identification (Aadhaar) number
• Indonesia identity card (KTP) number
• International banking account number (IBAN)
• International classification of diseases (ICD-10-CM)
• International classification of diseases (ICD-9-CM)
• IP address
• Ireland personal public service (PPS) number
• Israel bank account number
• Israel national identification number
• Italy driver's license number
• Japan bank account number
• Japan driver's license number
• Japan passport number
• Japan resident registration number
• Japan social insurance number (SIN)
• Japan residence card number
• Malaysia identification card number
• Netherlands citizens service (BSN) number
• New Zealand ministry of health number
• Norway identification number
• Philippines unified multi-purpose identification number
• Poland identity card
• Poland national ID (PESEL)
• Poland passport number
• Portugal citizen card number
• Saudi Arabia National ID
• Singapore national registration identity card (NRIC) number
• South Africa identification number
• South Korea resident registration number
• Spain social security number (SSN)
• SQL Server connection string
• Sweden national ID
• Sweden passport number
• SWIFT code
• Taiwan national identification number
• Taiwan passport number
• Taiwan-resident certificate (ARC/TARC) number
• Thai population identification code
• Turkey national identification number
• U.K. drivers license number
• U.K. electoral roll number
• U.K. national health service number
• U.K. national insurance number (NINO)
• U.S./U.K. passport number
• U.S. bank account number
• U.S. driver's license number
• U.S. individual taxpayer identification number (ITIN)
• U.S. social security number (SSN)

Sensitive information types that support policy tips for Outlook for Microsoft 365 users

For these Outlook versions and users:

• All Microsoft 365 for Enterprise E3 users
• All Microsoft 365 for Enterprise offline E5 users
• All Microsoft 365 for Enterprise E5 users with connected experience disabled
• All Microsoft 365 for Enterprise online E5 users with production version lower than 2303 (Build 16.0.16216.10000)
• All Microsoft 365 for Enterprise online E5 users with semi-annual channel version lower than 2302 (Build 16.0.16130.20478)

These sensitive information types support policy tips:

• ABA routing number
• Argentina national identity (DNI) number
• Australia bank account number
• Australia medical account number
• Australia passport number
• Australia tax file number
• Azure DocumentDB auth key
• Azure IAAS database connection string and Azure SQL connection string
• Azure IoT connection string
• Azure publish setting password
• Azure Redis cache connection string
• Azure SAS
• Azure service bus connection string
• Azure storage account key
• Azure Storage account key (generic)
• Belgium national number
• Brazil CPF number
• Brazil legal entity number (CNPJ)
• Brazil national identification card (RG)
• Canada bank account number
• Canada driver's license number
• Canada health service number
• Canada passport number
• Canada personal health identification number (PHIN)
• Canada social insurance number
• Chile identity card number
• China resident identity card (PRC) number
• Credit card number
• Croatia identity card number
• Croatia personal identification (OIB) number
• Czech personal identity number
• Denmark personal identification number
• Drug Enforcement Agency (DEA) number
• EU debit card number
• EU driver's license number
• EU national identification number
• EU passport number
• EU social security number or equivalent identification
• EU Tax identification number
• Finland national ID
• Finland passport number
• France driver's license number
• France national id card (CNI)
• France passport number
• France social security number (INSEE)
• Germany driver's license number
• Germany passport number
• Germany identity card number
• Greece national ID card
• Hong Kong identity card (HKID) number
• India permanent account number (PAN)
• India unique identification (Aadhaar) number
• Indonesia identity card (KTP) number
• International banking account number (IBAN)
• International classification of diseases (ICD-10-CM)
• International classification of diseases (ICD-9-CM)
• IP address
• Ireland personal public service (PPS) number
• Israel bank account number
• Israel national identification number
• Italy driver's license number
• Japan bank account number
• Japan driver's license number
• Japan passport number
• Japan resident registration number
• Japan social insurance number (SIN)
• Japan residence card number
• Malaysia identification card number
• Netherlands citizens service (BSN) number
• New Zealand ministry of health number
• Norway identification number
• Philippines unified multi-purpose identification number
• Poland identity card
• Poland national ID (PESEL)
• Poland passport number
• Portugal citizen card number
• Saudi Arabia National ID
• Singapore national registration identity card (NRIC) number
• South Africa identification number
• South Korea resident registration number
• Spain social security number (SSN)
• SQL Server connection string
• Sweden national ID
• Sweden passport number
• SWIFT code
• Taiwan national identification number
• Taiwan passport number
• Taiwan-resident certificate (ARC/TARC) number
• Thai population identification code
• Turkey national identification number
• U.K. drivers license number
• U.K. electoral roll number
• U.K. national health service number
• U.K. national insurance number (NINO)
• U.S./U.K. passport number
• U.S. bank account number
• U.S. driver's license number
• U.S. individual taxpayer identification number (ITIN)
• U.S. social security number (SSN)

For these Outlook versions and users:

• Online E5 users with connected experience enabled.
• Production version 2303 (Build 16.0.16216.10000) or higher.
• Semi-annual channel version 2302 (Build 16.0.16130.20478) or higher.

These sensitive information types support policy tips:

• ABA routing number
• All credentials
• All full names
• All medical terms and conditions
• All Physical Addresses
• Amazon S3 Client Secret Access Key
• Argentina national identity (DNI) number
• Argentina Unique Tax Identification Key (CUIT/CUIL)
• ASP.NET machine Key
• Australia bank account number
• Australia business number
• Australia company number
• Australia drivers license number
• Australia medical account number
• Australia passport number
• Australia physical addresses
• Australia tax file number
• Austria drivers license number
• Austria identity card
• Austria passport number
• Austria physical addresses
• Austria social security number
• Austria tax identification number
• Austria value added tax
• Microsoft Entra client access token
• Microsoft Entra client secret
• Microsoft Entra user Credentials
• Azure App Service deployment password
• Azure Batch shared access key
• Azure Bot Framework secret key
• Azure Bot service app secret
• Azure Cognitive Search API key
• Azure Cognitive Service key
• Azure Container Registry access key
• Azure Cosmos DB account access key
• Azure Databricks personal access token
• Azure DevOps app secret
• Azure DevOps personal access token
• Azure DocumentDB auth key
• Azure EventGrid access key
• Azure Function Master / API key
• Azure IAAS database connection string and Azure SQL connection string
• Azure IoT connection string
• Azure IoT shared access key
• Azure Logic app shared access signature
• Azure Machine Learning web service API key
• Azure Maps subscription key
• Azure publish setting password
• Azure Redis cache connection string
• Azure Redis cache connection string password
• Azure SAS
• Azure service bus connection string
• Azure service bus shared access signature
• Azure Shared Access key / Web Hook token
• Azure SignalR access key
• Azure SQL connection string
• Azure storage account access key
• Azure storage account key
• Azure Storage account key (generic)
• Azure Storage account shared access signature
• Azure Storage account shared access signature for high risk resources
• Azure subscription management certificate
• Belgium driver's license number
• Belgium national number
• Belgium passport number
• Belgium physical addresses
• Belgium value added tax number
• Blood test terms
• Brand medication names
• Brazil CPF number
• Brazil legal entity number (CNPJ)
• Brazil national identification card (RG)
• Brazil physical addresses
• Bulgaria driver's license number
• Bulgaria passport number
• Bulgaria physical addresses
• Bulgaria uniform civil number
• Canada bank account number
• Canada driver's license number
• Canada health service number
• Canada passport number
• Canada personal health identification number (PHIN)
• Canada physical addresses
• Canada social insurance number
• Chile identity card number
• China resident identity card (PRC) number
• Client secret / API key
• Credit card number
• Croatia driver's license number
• Croatia identity card number
• Croatia passport number
• Croatia personal identification (OIB) number
• Croatia physical addresses
• Cyprus drivers license number
• Cyprus identity card
• Cyprus passport number
• Cyprus physical addresses
• Cyprus tax identification number
• Czech driver's license number
• Czech passport number
• Czech personal identity number
• Czech Republic physical addresses
• Denmark driver's license number
• Denmark passport number
• Denmark personal identification number
• Denmark physical addresses
• Diseases
• Drug Enforcement Agency (DEA) number
• Estonia driver's license number
• Estonia passport number
• Estonia Personal Identification Code
• Estonia physical addresses
• EU debit card number
• EU driver's license number
• EU national identification number
• EU passport number
• EU social security number or equivalent identification
• EU Tax identification number
• Finland driver's license number
• Finland european health insurance number
• Finland national ID
• Finland passport number
• Finland physical addresses
• France driver's license number
• France health insurance number
• France national id card (CNI)
• France passport number
• France physical addresses
• France social security number (INSEE)
• France tax identification number
• France value added tax number
• General password
• General Symmetric key
• Generic medication names
• Germany driver's license number
• Germany identity card number
• Germany passport number
• Germany physical addresses
• Germany tax identification number
• Germany value added tax number
• GitHub Personal Access Token
• Google API key
• Greece driver's license number
• Greece national ID card
• Greece passport number
• Greece physical addresses
• Greece Social Security Number (AMKA)
• Greece tax identification number
• Hong Kong identity card (HKID) number
• Http authorization header
• Hungary driver's license number
• Hungary passport number
• Hungary personal identification number
• Hungary physical addresses
• Hungary social security number (TAJ)
• Hungary tax identification number
• Hungary value added tax number
• Iceland physical addresses
• Impairments Listed In The U.S. Disability Evaluation Under Social Security
• India Driver's License Number
• India GST Number
• India permanent account number (PAN)
• India unique identification (Aadhaar) number
• India Voter Id Card
• Indonesia identity card (KTP) number
• International banking account number (IBAN)
• International classification of diseases (ICD-10-CM)
• International classification of diseases (ICD-9-CM)
• IP address
• IP Address v4
• IP Address v6
• Ireland driver's license number
• Ireland passport number
• Ireland personal public service (PPS) number
• Ireland physical addresses
• Israel bank account number
• Israel national identification number
• Italy driver's license number
• Italy fiscal code
• Italy passport number
• Italy physical addresses
• Italy value added tax number
• Japan bank account number
• Japan driver's license number
• Japan My Number - Corporate
• Japan My Number - Personal
• Japan passport number
• Japan physical addresses
• Japan residence card number
• Japan resident registration number
• Japan social insurance number (SIN)
• Lab test terms
• Latvia driver's license number
• Latvia passport number
• Latvia personal code
• Latvia physical addresses
• Liechtenstein physical addresses
• Lifestyles that relate to medical conditions
• Lithuania driver's license number
• Lithuania passport number
• Lithuania personal code
• Lithuania physical addresses
• Luxemburg driver's license number
• Luxemburg national identification number (natural persons)
• Luxemburg national identification number (non-natural persons)
• Luxemburg passport number
• Luxemburg physical addresses
• Malaysia identification card number
• Malaysia passport number
• Malta driver's license number
• Malta identity card number
• Malta passport number
• Malta physical addresses
• Malta tax identification number
• Medical specialities
• Medicare Beneficiary Identifier (MBI) card
• Mexico Unique Population Registry Code (CURP)
• Microsoft Bing maps key
• Netherlands citizen's service (BSN) number
• Netherlands driver's license number
• Netherlands passport number
• Netherlands physical addresses
• Netherlands tax identification number
• Netherlands value added tax number
• New Zealand bank account number
• New Zealand driver's license number
• New Zealand inland revenue number
• New Zealand ministry of health number
• New Zealand physical addresses
• New Zealand social welfare number
• Norway identification number
• Norway physical addresses
• Philippines passport number
• Philippines unified multi-purpose identification number
• Poland driver's license number
• Poland identity card
• Poland national ID (PESEL)
• Poland passport number
• Poland physical addresses
• Poland REGON number
• Poland tax identification number
• Portugal citizen card number
• Portugal driver's license number
• Portugal passport number
• Portugal physical addresses
• Portugal tax identification number
• Qatari identification card number
• Romania driver's license number
• Romania passport number
• Romania personal numeric code (CNP)
• Romania physical addresses
• Russia passport number domestic
• Russia passport number international
• Saudi Arabia National ID
• Singapore passport number
• Singapore national registration identity card (NRIC) number
• Slack access token
• Slovakia driver's license number
• Slovakia passport number
• Slovakia personal number
• Slovakia physical addresses
• Slovenia driver's license number
• Slovenia passport number
• Slovenia physical addresses
• Slovenia tax identification number
• Slovenia Unique Master Citizen Number
• South Africa identification number
• South Korea driver's license number
• South Korea passport number
• South Korea resident registration number
• Spain DNI
• Spain driver's license number
• Spain passport number
• Spain physical addresses
• Spain social security number (SSN)
• Spain tax identification number
• SQL Server connection string
• Surgical procedures
• Sweden driver's license number
• Sweden national ID
• Sweden passport number
• Sweden physical addresses
• Sweden tax identification number
• SWIFT code
• Switzerland physical addresses
• Switzerland SSN AHV number
• Taiwan national identification number
• Taiwan passport number
• Taiwan-resident certificate (ARC/TARC) number
• Thai population identification code
• Turkey national identification number
• Turkey physical addresses
• Types of medication
• U.A.E. identity card number
• U.A.E. passport number
• U.K. driver's license number
• U.K. electoral roll number
• U.K. national health service number
• U.K. national insurance number (NINO)
• U.K. physical addresses
• U.K. Unique Taxpayer Reference Number
• U.S. bank account number
• U.S. driver's license number
• U.S. individual taxpayer identification number (ITIN)
• U.S. physical addresses
• U.S. social security number (SSN)
• U.S./U.K. passport number
• Ukraine passport domestic
• Ukraine passport international
• User login credentials
• X.509 certificate private key

Exact Data Match sensitive information types that support policy tips Outlook for Microsoft 365

Yes.

Applies to:

• Online E5 users with connected experience enabled
• Production version 2303 (Build 16.0.16216.10000) or higher.
• Semi-annual channel version 2302 (Build 16.0.16130.20478) or higher.

For more information on exact data match based SITs, see Learn about exact data match based sensitive information types.

Trainable classifiers support for Outlook for Microsoft 365

Yes.

Important

Trainable classifiers are not supported for the following conditions:

• For new conditions:

• Message contains

• Attachment contains

• For the existing Content contains condition when used in combination with Evaluate rule per component condition. (Preview limitation)

Applies to:

• Online E5 users with connected experience enabled

• Production version 2303 (Build 16.0.16216.10000) or higher.

• Semi-annual channel version 2302 (Build 16.0.16130.20478) or higher.

• Adult, racy, and gory images

• Agreements

• Bank statement

• Budget

• Business plan

• Completion certificates

• Construction specifications

• Corporate sabotage

• Customer complaints

• Discrimination

• Employee disciplinary action

• Employee insurance

• Employment agreement

• Employee Pension Records

• Employee Stocks and Financial Bond Records

• Enterprise Risk Management

• Finance

• Financial audit

• Financial statement

• Freight Documents

• Gifts & entertainment

• Harassment

• Health/Medical forms

• Healthcare

• Human resources

• Invoice

• Intellectual property

• Information technology

• Legal affairs

• Legal Agreements

• License agreement

• Loan agreements and offer letters

• Merger and acquisition files

• Manufacturing batch records

• Meeting notes

• Money laundering

• Network design files

• Non-disclosure agreement

• Paystub

• Personal Financial Information

• Procurement

• Project documents

• Profanity

• Quotation

• Regulatory collusion

• Resume

• Safety records

• Sales and revenue

• Software product development files

• Source code

• Standard Operating Procedures and Manuals

• Statement of Accounts

• Statement of work

• Stock manipulation

• Tax documents

• Threat

• Unauthorized disclosure

• Wire Transfer

• Word count requirements

For more information on trainable classifiers, see Learn about trainable classifiers.

Sensitivity label support for Outlook for Microsoft 365

Applies to:

• Online E5 users with connected experience enabled
• Production version 2303 (Build 16.0.16216.10000) or higher.
• Semi-annual channel version 2302 (Build 16.0.16130.20478) or higher.

For more information on sensitivity labels, see Learn about sensitivity labels.