Create DLP Gateway exception mail flow rule(s) in Exchange Online

Introduction

This page covers configuration of additional mail flow in Exchange Online rules which will exclude email traffic from being routed to Zivver DLP Gateway.

This is required for emails that originate from the Zivver Platform. These should not be rerouted to the Zivver Platform, but delivered within the Exchange. Without excluding these emails, they would go into a loop and result in a bounce.

Getting started

  1. Go to the Exchange Admin Center.
  2. Click on Mail flow in the menu on the left.
  3. Click on Rules.
  4. Click on add Add a rule.
  5. Click on Create a new rule.
  6. Enter a name. For example: Exclude X-Zivver-Transport from DLP Gateway.

Set mail flow rule conditions

  1. Under Apply this rule if * select The message headers…
  2. Under Select one select matches these text patterns.
  3. Click the Enter text field.
  4. Set the message header to X-Zivver-Transport.
  5. Click Save.
  6. Click the Enter words field.
  7. Set the value to ..*. (that is 2 dots, 1 asterisk/wildcard, 1 dot).
  8. Click Add.
  9. Click Save.

Set mail flow rule actions

  1. Under Do the following * select Modify the message properties.
  2. Under Select one select set a message header.
  3. Click the first Enter text field.
  4. Set the message header to skip-zivver-relay.
  5. Click Save.
  6. Click the second enter text field.
  7. Set the value to true.
  8. Click Save.
  9. Click Next.

Set rule settings

  1. Leave the Rule mode on the default setting of Enforce.
  2. Leave the Severity on the default setting of Not specified.
  3. Optional: Enable Activate this rule on and select a date and time, if you want this mail flow rule be automatically activated from a specific date and time.
  4. Leave Deactivate this rule on disabled.
  5. Leave the option Stop processing more rules disabled.
  6. Leave the option Defer the message if rule processing doesn’t complete disabled.
  7. Leave Match sender address in message to the default setting of Header.
  8. Leave the Comments section blank, unless otherwise desired.
  9. Click Next.

Review and finish

  1. When you are satisfied that the mail flow rule is configured correctly, click Finish.

Set the priority

  1. Ensure the mail flow rule has a higher priority than the primary DLP Gateway mail flow rule configured in Part 1.

Activate the rule

After the rule has been created and assigned the correct priority, it can be enabled.
Read Enable primary DLP Gateway mail flow rule in Exchange Online to learn how to activate the rule.

Repeat steps for X-Zivver-DLP header

If your organization also uses a Zivver client integration (such as Zivver for Outlook, or Zivver for Gmail), this additional exception is strongly advised for emails that have been scanned by a Zivver client integration and for which the user decided not to activate Zivver. These can be excluded from being routed to DLP Gateway, because DLP Gateway may end up overruling the user’s decision, causing unwanted and unexpected behavior.

  1. Repeat all steps in above, substituting the X-Zivver-Transport header with the X-Zivver-DLP header wherever it occurs.

Next step

Go back to Setup DLP Gateway and continue with Part 3.