Introduction

This page covers the configuration of additional mail flow rules in Exchange On-premises that will exclude certain email traffic from being routed to the Zivver DLP Gateway.

This is required for emails originating from the Zivver Platform. These emails should not be rerouted to the Zivver Platform, but delivered within Exchange. Without excluding these emails, they could loop and result in a bounce.

Getting started

1. Go to the Exchange Admin Center (EAC).
2. Log in to the EAC as an administrator.
3. Click on Mail flow in the menu on the left.
4. Click on Rules.
5. Click on the add icon.
6. Click on Create a new rule....
7. Enter Zivver: Detect processed messages as the name.
8. At the bottom of the page, click on More options....

Set mail flow rule conditions

9. Under *Apply this rule if..., select The message headers ... and then matches these text patterns.
10. Click the *Enter text... field.
11. Set the message header to X-Zivver-Transport.
12. Click OK.
13. Click the *Enter text patterns... field.
14. Enter the value ..*. (that is 2 dots, 1 asterisk/wildcard, 1 dot).
15. Click the add icon.
16. Click OK.

Set mail flow rule actions

17. Under *Do the following..., select Modify the message properties... and then set a message header.
18. Click the first *Enter text... field.
19. Set the message header to skip-zivver-relay.
20. Click OK.
21. Click the second *Enter text... field.
22. Set the value to true.
23. Click OK.

Set rule settings

24. Leave the Audit this rule with severity level on the default setting of Not specified.
25. Leave the Choose a mode for this rule on the default setting of Enforce.
26. Optional: Enable Activate this rule on the following date and select a date and time if you want this mail flow rule to be automatically activated from a specific date and time.
27. Leave Deactivate this rule on the following date disabled.
28. Leave the option Stop processing more rules disabled.
29. Leave the option Defer the message if rule processing doesn’t complete disabled.
30. Leave Match sender address in message: on the default setting of [i18n] header.
31. Enter the following text in the Comments section:

Exclude messages that have been processed and sent by the Zivver Platform to avoid mail looping.

30. When you are satisfied that the mail flow rule is configured correctly, click Save.

Set the priority

31. Ensure the mail flow rule has a higher priority than the primary DLP Gateway mail flow rule configured in Part 1.

Repeat steps for X-Zivver-DLP header

If your organization also uses a Zivver client integration (such as Zivver for Outlook or Zivver for Gmail), applying this additional exception is strongly advised for emails that have been scanned by a Zivver client integration and for which the user has decided not to activate Zivver. These emails can be excluded from being routed to the DLP Gateway, because the DLP Gateway might otherwise override the user’s decision, causing unwanted and unexpected behavior.

36. Repeat all steps above with the following changes:
37. Name the rule Zivver: Detect messages scanned by client integration.
38. Substitute the X-Zivver-Transport header with the X-Zivver-DLP header wherever it occurs.
39. Include an exception with the following steps:
    1. Under Except if..., click the add exception button.
    2. Select The subject or body... and then subject matches these text patterns.
    3. Enter (?i)\[secure\] in the input field.
    4. Click on the add icon.
    5. Click OK.
40. Enter the following text in the Comments section:

Exclude messages that have already been scanned by a Zivver client integration to avoid DLP Gateway overruling user decisions or making a suggestion that was already provided while the message was composed.

Next step

Go back to Setup DLP Gateway and continue with Part 3.