How to Create a New Transport Rule
Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.
Applies to: Exchange Server 2007, Exchange Server 2007 SP1, Exchange Server 2007 SP2, Exchange Server 2007 SP3
This topic explains how to use the Exchange Management Console or the Exchange Management Shell to create a new transport rule on a computer that has the Microsoft Exchange Server 2007 Hub Transport server role or the Edge Transport server role installed.
For more information about the Transport Rules agents, see Overview of Transport Rules.
Before You Begin
To perform the following procedures, the account you use must be delegated the following:
- Exchange Organization Administrator role
To perform the following procedures on a computer that has the Edge Transport server role installed, you must log on by using an account that is a member of the local Administrators group on that computer.
For more information about permissions, delegating roles, and the rights that are required to administer Exchange Server 2007, see Permission Considerations.
Warning
This topic describes how to create new transport rules. Before you configure new transport rules in your production environment, use a test environment to learn how to create new transport rules and test them thoroughly. The following procedures are not intended to be run in a production environment without modification to support your organization.
Important
For transport rules to be applied to e-mail messages, a route must exist that enables the message to enter and leave a server that applies transport rules. Also, the message must not be subject to an administrator-configured transport restriction that prevents delivery of the message. If a transport restriction prevents delivery of a message, the Transport Rules agent cannot act on that message, and no Transport Rules agent events are logged.
Using the Exchange Management Console to Create a Transport Rule
The following procedures show you how to open the Transport Rule wizard on a Hub Transport server or an Edge Transport server in the Exchange Management Console, and then create a new transport rule. After you open the Transport Rule wizard, the procedure is the same on the Hub Transport server and the Edge Transport server.
To open the Transport Rule wizard in the Exchange Management Console on a Hub Transport server
Open the Exchange Management Console on the Hub Transport server.
In the console tree, click Organization Configuration, and then click Hub Transport.
In the result pane, click the Transport Rules tab, and then in the action pane, click New Transport Rule… .
To open the Transport Rule wizard in the Exchange Management Console on an Edge Transport server
Open the Exchange Management Console on the Edge Transport server on which you want to create the new transport rule.
In the console tree, click Edge Transport.
In the result pane, click the Transport Rules tab, and then in the action pane, click New Transport Rule… .
To use the Exchange Management Console to create a new transport rule in the Transport Rule wizard
In the Name field of the Transport Rule wizard, type the name of the transport rule.
If you have notes for this rule, in the Comments field, type the notes.
If you want the rule to be created in a disabled state, clear the Enabled check box. Otherwise, leave the Enabled check box selected.
Click Next.
In the Step 1. Select Condition(s) box, select all the conditions that you want to apply to this rule.
Important
If you want this rule to be applied to all e-mail messages, do not select any conditions in this step.
If you selected conditions in the previous step, in the Step 2. Edit the rule description (click an underlined value) box, click each blue underlined word.
When you click a blue underlined word, a new window opens to prompt you for the values to apply to the condition. Select the values that you want to apply, or type the values manually. If the window requires that you manually add values to a list, type a value. Then click Add. Repeat this process until you have entered all the values, and then click OK to close the window.
Repeat the previous step for each condition that you selected. After you configure all the conditions, click Next.
In the Step 1. Select Action(s) box, select all the actions that you want to be applied to this rule.
In the Step 2. Edit the rule description (click an underlined value) box, click each blue underlined word.
In the new window that appears, select the items that you want to apply, or type the values manually, and then click OK to close the window.
Repeat the previous step for each action that you selected. After you configure all the actions, click Next.
In the Step 1. Select Exception(s) box, select all the exceptions that you want to be applied to this rule. You are not required to select any exceptions.
If you selected exceptions in the previous step, in the Step 2. Edit the rule description (click an underlined value) box, click each blue underlined word.
When you click a blue underlined word, a new window opens to prompt you to select the items that you want to add, or to type the values manually. When you have finished, click OK to close the window.
Repeat the previous step for each exception that you selected. After you configure all the exceptions, click Next.
Review the Configuration Summary. If you are happy with the configuration of the new rule, click New, and then click Finish.
Using the Exchange Management Shell to Create a Transport Rule
To create a new transport rule in the Exchange Management Shell, you must use variables and arrays because of the complex nature of the conditions, exceptions, and actions that are available for use with the commands.
Important
If you configure a transport rule condition or exception that uses a distribution group, you must specify a universal security group. This is required because transport rules are replicated to all Hub Transport servers in an organization and may include Hub Transport servers in remote Active Directory domains. These Active Directory domains may not have access to distribution groups that were not created as universal distribution groups.
Note
If you want your transport rule to apply to all e-mail messages, do not create any condition or exception variables. Instead, see "Assigning an Action to a Variable" later in this topic.
For more information about how transport rules are applied and how they differ when they are run on a Hub Transport server and an Edge Transport server, see Understanding How Transport Rules Are Applied in an Exchange 2007 Organization.
To work with transport rules in the Exchange Management Shell, you must be familiar with the following concepts:
For more information the Exchange Management Shell, see Using the Exchange Management Shell.
Assigning a Condition to a Variable
To select a condition for use with a transport rule, you must assign a condition to a variable. To assign a condition to a variable, you must specify the condition that you want to test against an e-mail message as a parameter of the Get-TransportRulePredicate command. For detailed information about the predicates that are available for use on Hub Transport servers and Edge Transport servers, see Transport Rule Predicates.
Use the following syntax to assign a condition to a variable:
$Condition = Get-TransportRulePredicate <Predicate Name>
To assign the Get-TransportRulePredicate command to a variable
Run the following command:
$Condition = Get-TransportRulePredicate SubjectContains
You can specify multiple conditions for use with a single transport rule by assigning new conditions to new variables.
To create multiple conditions by assigning each new condition to a new variable
Run the following commands:
$Condition1 = Get-TransportRulePredicate SubjectContains $Condition2 = Get-TransportRulePredicate SentTo $Condition3 = Get-TransportRulePredicate AttachmentSizeOver
Assigning a Value to a Condition
To assign a value to a condition, find the predicate property of the condition. For detailed information about each predicate and its property or properties, and what values they accept, see Transport Rule Predicates. In Transport Rule Predicates, see the table for the server role on which you are configuring the transport rule.
Many values that are assigned to a condition must be expressed in the form of an array. In the predicate properties table in Transport Rule Predicates, you can find information about whether a predicate requires an array and the expected format of its values. The following example shows how to specify a value by using an array:
$Variable.PredicateProperty = @("<value1>", "<value2>", "<value...>")
To assign words and phrases to the Words predicate property of the SubjectContains condition
Run the following command:
$Condition = Get-TransportRulePredicate SubjectContains $Condition.Words = @("Contoso Stock", "Confidential")
If you want to create multiple conditions to use with your transport rule, repeat this process for each condition variable.
You can also use pattern matching with conditions. Pattern matching enables you to specify a pattern that the transport rule uses to dynamically match strings in an e-mail message.
For more information about pattern matching, see Regular Expressions in Transport Rules.
Assigning Multiple Predicate Properties
Some conditions require that you assign two predicate properties. In these cases, you must also specify a value for the second predicate property. For detailed information, see the second predicate property column of the server role tables in Transport Rule Predicates for the server role on which you are configuring the transport rule.
To examine the Message-ID message header field for the value contoso.com
Run the following commands to create the condition:
$Condition = Get-TransportRulePredicate HeaderContains $Condition.MessageHeader = "Message-ID" $Condition.Words = @("contoso.com")
Assigning an Exception to a Variable
You assign exceptions to a variable just as you assign conditions to a variable. Instead of using Condition
as a variable name, use Exception
. As with conditions, you can also create multiple exceptions for use on a single transport rule by changing the name of the variable that is used for each exception. Exceptions use the same predicates that are described in Transport Rule Predicates.
To create multiple exceptions for use with a transport rule
Run the following commands:
$Exception1 = Get-TransportRulePredicate SubjectContains $Exception1.Words = @("Press Release") $Exception2 = Get-TransportRulePredicate SclOver $Exception2.SclValue = 7
As with conditions, you can also use pattern matching with exceptions. Pattern matching enables you to specify a pattern that the transport rule uses to dynamically match strings in an e-mail message.
For more information about pattern matching, see Regular Expressions in Transport Rules.
Assigning an Action to a Variable
To select an action for use with a transport rule, you must assign an action to a variable. To assign an action to a variable, you must specify the action that you want to apply to an e-mail message as a parameter of the Get-TransportRuleAction command. For a list of the actions that are available for use on Hub Transport servers and Edge Transport servers, see Transport Rule Actions. Use the following syntax to assign an action to a variable:
$Action = Get-TransportRuleAction <Action Name>
To assign the Get-TransportRuleAction command to a variable
Run the following command:
$Action = Get-TransportRuleAction DeleteMessage
You can specify multiple actions for use with a single transport rule by assigning new actions to new variables.
To create multiple actions by assigning each new action to a new variable
Run the following commands:
$Action1 = Get-TransportRuleAction BlindCopyTo $Action2 = Get-TransportRuleAction LogEvent $Action3 = Get-TransportRuleAction PrependSubject
Assigning a Value to an Action
To assign a value to an action, find the action property of the action. For a list of each action property and the values it accepts, see Table 1 in Transport Rule Actions. Table 1 lists the action properties that you can use with transport rules that are configured on a Hub Transport server or an Edge Transport server.
Some action properties require that only one value be assigned to that property. Other action properties let you specify multiple values. In Table 1, in Transport Rule Actions, you can find information about whether an action requires an array and the expected format of its values.
Use the following command syntax to assign a single value to an action:
$Action.ActionProperty = <Action Value>
Use the following command syntax to assign multiple values to an action by using an array:
$Variable.ActionProperty = @("<value1>", "<value2>", "<value...>")
To assign a single value to the SclValue action property of the SetScl action
Run the following command:
$Action = Get-TransportRuleAction SetScl $Action.SclValue = 7
To assign multiple values to the Addresses action property of the CopyTo action
Run the following command:
$Action = Get-TransportRuleAction CopyTo $Action.Addresses = @((Get-Mailbox "Kim Akers"), (Get-DistributionGroup "Compliance Group"))
If you create multiple actions for use with your transport rule, repeat this process for each action variable.
Assigning Multiple Action Properties
Some actions require that you set two actions properties. In these cases, you must specify a value for the second action property. For detailed information, see the second action property column of the server role tables in Transport Rule Actions for the server role on which you are configuring the transport rule.
To create an action that sets a value for a specific message header field
Run the following commands to create the action:
$Action = Get-TransportRuleAction SetHeader $Action.MessageHeader = "X-SomeHeader" $Action.HeaderValue = "Some header value"
Creating a New Transport Rule
After you have created your condition, exceptions, and action variables, use the following command syntax to create a new transport rule:
New-TransportRule -Name "<Name of transport rule>" -Condition @($ConditionVariable1, $ConditionVariable2, $ConditionVariable...) -Exception @($ExceptionVariable1, $ExceptionVariable2, $ExceptionVariable...) -Action @($ActionVariable1, $ActionVariable2, $ActionVariable...) -Enabled: <$true | $false>
Note
Even when you specify a single variable with the Condition
, Exception
, and Array
variables, you must enclose the variable in an array.
Important
By default, new transport rules are enabled. If you want to create a new transport rule that is disabled by default, specify the Enabled
parameter with a value of $false
.
To create a new transport rule
Run the following command:
New-TransportRule -Name "Contoso.com Transport Rule" -Condition @($Condition1, $Condition2) -Exception @($Exception1, $Exception2) -Action @($Action1, $Action2)
An Example of a Transport Rule
The following example shows how to create a new transport rule on a Hub Transport server. The example applies the following conditions and requires the following steps:
- between distribution list and distribution list The first predicate property value for this condition is the distribution group object "Sales Group". The second predicate property value for this condition is the distribution group "Brokerage Group".
The following exception is applied:
with text patterns in the subject The value for this exception is "Press Release" or "Corporate Communication".
from people The values for this exception are the mailbox objects "Chris Meyer" and "Kim Akers".
The following actions are applied to any messages that match the conditions that are described here, but do not match the "with text patterns in the subject" or "from people" exceptions:
redirect message to address The values for this action are the distribution group objects "Legal Group" and "Regulatory Compliance".
send bounce message to sender This value for this action is "E-Mail messages sent between the Sales department and the Brokerage department are prohibited."
To create a transport rule with the previous requirements on a Hub Transport server
Run the following commands:
$Condition1 = Get-TransportRulePredicate BetweenMemberOf $Condition1.Addresses = @((Get-DistributionGroup "Sales Group")) $Condition1.Addresses2 = @((Get-DistributionGroup "Brokerage Group")) $Exception1 = GetTransportRulePredicate From $Exception1.Addresses = @((Get-Mailbox "Chris Meyer"), (Get-Mailbox "Kim Akers")) $Exception2 = Get-TransportRulePredicate SubjectContains $Exception2.Words = @("Press Release", "Corporate Communication") $Action1 = Get-TransportRuleAction RedirectMessage $Action1.Addresses = @((Get-DistributionGroup "Legal Group"), (Get-DistributionGroup "Regulatory Compliance")) $Action2 = Get-TransportRuleAction RejectMessage $Action2.RejectReason = "E-Mail messages sent between the Sales department and the Brokerage department are prohibited." New-TransportRule -name "Sales-Brokerage Wall" -Condition @($Condition1) -Exception @($Exception1, $Exception2) -Action @($Action1, $Action2)
For More Information
For detailed syntax and parameter information about each command, see the following topics:
For more information about transport rules, see the following topics: