MC306117 – Updated December 21, 2021: Microsoft has updated the content below to show as intended. Thank you for your feedback.
Microsoft is making some changes to how sender address based conditions are evaluated by Exchange Data Loss Prevention in the Microsoft 365 compliance center.
When will this happen:
Starting 20 January 2022, Exchange Data Loss Prevention will default to Header sender addresses for evaluating sender-based conditions.
How this will affect your organization:
Your Exchange Data Loss Prevention rules will now evaluate the sender using the mail header sender address as default instead of the envelope sender address. Note that Exchange transport rules already default to sender address present in mail header.
What you need to do to prepare:
When this change takes effect, your default sender address evaluation will automatically be updated to use sender address from mail header.
If you want to continue using current sender address evaluation based on envelope, you will have the option to change your tenant level DLP policy configuration to evaluate sender based on Header / Envelope / Header Or Envelope.
Also, you will be able to configure DLP rule level behavior using the SenderAddressLocation parameter.
Please click Additional Information to learn more.