Forum Discussion
Solved
DLP Exception for "Permission Controlled" Not Working (Microsoft Purview | RMS Template | Encrypt)
Hello, We are in the process of moving some of our mail-flow / transport rules over to Microsoft Purview. We don't want the DLP policy to apply when people click their "Encrypt" or "Do not Forwar...
Okay, we figured out the answer.
It is the "Policy Tip" which is actually blocking the email from being sent -- the reason the exceptions don't remove the Policy-Tip-Blocking action is because the exceptions themselves have conditions which are incompatible with Policy Tips to begin with -- which in this case was the "Message type is."
See the documentation:
https://learn.microsoft.com/en-us/purview/dlp-ol365-win32-policy-tips#conditions-that-support-policy-tips-for-outlook-for-microsoft-365-users
To be able to show the policy tip, there is a workaround: we had to create a 2nd policy which had the policy tip, but didn't contain incompatible conditions or actions (see link.) For that 2nd policy, we just had to leave it in "simulation mode" with policy tips enabled.
That workaround was good enough for us (even though clicking the encrypt button doesn't dismiss the policy tip.)
Refer this on some reference:
Data loss prevention Exchange conditions and actions reference | Microsoft Learn
