Applies to: Exchange Server 2013, Exchange Online

Topic Last Modified: 2012-10-03

Policy Tips are informative notices that are displayed to email senders while they’re composing a message. The purpose of the Policy Tip is to notify users that they might be violating the business practices or policies that you are enforcing with the data loss prevention (DLP) policies that you have established. The following procedures will help you begin using Policy Tips. For an overview about working with Policy Tips, see Policy Tips.

What do you need to know before you begin?

  • Estimated time to complete each procedure: 30 minutes

  • You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the “Data loss prevention (DLP)” entry in the Messaging Policy and Compliance Permissions topic.

  • Policy Tips will only show up for email senders when the following conditions are met:

    1. Sender’s message client program is Microsoft Outlook 2013.

    2. A transport rule exists that invokes Policy Tip notifications. You can create such a transport rule by configuring a DLP policy that includes the action Notify the sender with a Policy Tip.

    3. The content of a message header, message body, or message attachment that is scanned by your transport agent meets the conditions established within the DLP policies or rules that also include Policy Tip notification rules. Put another way, the Policy Tip only shows up for end-users if they do something that causes the associated rule to take action.

  • The default Policy Tip notification text that is built into the system will be shown if you don’t use the Policy Tip settings feature to customize your Policy Tip text. To learn more about the default text, see Policy Tips.

  • For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard Shortcuts in the Exchange Admin Center.

Tip:
Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection

What do you want to do?

Create or modify a notify-only Policy Tip

This procedure results in an informational Policy Tip being shown to an email sender when the conditions of a specific rule are met. In Microsoft Outlook, the sender can prevent this tip from showing up by using a Policy Tip options dialog box. To configure custom Policy Tip text, see Create custom Policy Tip notification text.

Use the EAC to configure notify-only Policy Tips

  1. In the EAC, navigate to Compliance management > Data loss prevention.

  2. Double-click one of the policies that appear in your list of policies or highlight one item and click Edit Edit Icon.

  3. On the Edit DLP policy page, click Rules.

  4. To add Policy Tips to an existing rule, highlight the rule and click Edit Edit Icon.

    To add a new blank rule that you can fully customize, click Add Add Icon and then click More options… .

  5. To add the action that will reveal a Policy Tip, Click the Add action button.

  6. From the drop down list, select Notify the sender with a Policy Tip and then select Notify the sender, but allow them to send.

  7. Click OK, then click Save to finish modifying the rule and save your changes.

How do you know this worked?

To verify that you have successfully created a Policy Tip that will only notify a sender, do the following:

  1. In the EAC, navigate to Compliance management > Data loss prevention.

  2. Click one time to highlight the policy that you expect to contain a notification message.

  3. Click Edit Edit Icon and then click Rules.

  4. Click one time to highlight the specific rule that you expect to contain a notification message.

  5. Confirm that your Notify the sender action appears in the lower portion of the rule summary.

Create or modify a block-message Policy Tip

This procedure results in a Policy Tip being shown to an email sender that indicates a message is rejected and it will not be delivered until the problematic condition is no longer present. The sender is provided with an option to indicate that their email message does not contain the problematic condition. This is also known as a false-positive override. If the sender indicates this, then the message can leave the outbox and the user’s report may be audited. However, Exchange will block the message from being sent. To configure custom Policy Tip text, see Create custom Policy Tip notification text.

Use the EAC to configure block-message Policy Tips

  1. In the EAC, navigate to Compliance management > Data loss prevention.

  2. Double-click one of the policies that appear in your list of policies or highlight one item and click Edit Edit Icon.

  3. On the Edit DLP policy page, click Rules.

  4. To add Policy Tips to an existing rule, highlight the rule and click Edit Edit Icon.

  5. To add a new blank rule that you can fully customize, click Add Add Icon.

  6. To add an action that will reveal a Policy Tip, click More options… and then click the Add action button.

  7. From the drop down list, select Notify the sender with a Policy Tip and then select Block the message.

  8. Click OK, then click Save to finish modifying the rule and save your changes.

How do you know this worked?

To verify that you have successfully created a reject message Policy Tip, do the following:

  1. In the EAC, navigate to Compliance management > Data loss prevention.

  2. Click one time to highlight the policy that you expect to contain a notification message.

  3. Click Edit Edit Icon and then click Rules.

  4. Click one time to highlight the specific rule that you expect to contain a notification message.

  5. Confirm that your Notify the sender that the message can’t be sent action appears in the lower portion of the rule summary.

Create or modify a block-unless-override Policy Tip

There are four options for Policy Tips that can reject messages or prevent messages from leaving the sender’s outbox. To learn more about these options, see Policy Tips.

Use the EAC to configure block-unless override Policy Tips

  1. In the EAC, navigate to Compliance management > Data loss prevention.

  2. Double-click one of the policies that appear in your list of policies or highlight one item and click Edit Edit Icon.

  3. On the edit DLP policy page, click Rules.

  4. To add Policy Tips to an existing rule, highlight the rule and click Edit Edit Icon.

    To add a new blank rule that you can fully customize, click Add Add Icon and then click More options… .

  5. To add the action that will reveal a Policy Tip, Click the Add action button.

  6. From the drop down list, select Notify the sender with a Policy Tip and then select Block the message, but allow the sender to override and send.

  7. Click OK, then click Save to finish modifying the rule and save your changes.

How do you know this worked?

To verify that you have successfully created a reject unless override Policy Tip, do the following:

  1. In the EAC, navigate to Compliance management > Data loss prevention.

  2. Click one time to highlight the policy that you expect to contain a notification message.

  3. Click Edit Edit Icon and then click Rules.

  4. Click one time to highlight the specific rule that you expect to contain a notification message.

  5. Confirm that your Block the message, but allow the sender to override and send action appears in the lower portion of the rule summary.

Create custom Policy Tip notification text

This optional procedure will help you to customize the Policy Tip notification text that email senders see in their email program. If you do this, your custom Policy Tip notification text will not appear unless you also configure a DLP policy rule with an action that will cause the notification to appear. Keep in mind that there are default system Policy Tip notifications that can be shown if you do not customize your Policy Tip notification text. To learn more about the default text, see Policy Tips.

Use the EAC to create and manage custom Policy Tip notification text

  1. In the EAC, navigate to Compliance management > Data loss prevention.

  2. Click Policy Tip settings Policy Tip Settings.

  3. To add a new Policy Tip with your own customized message, click Add Add Icon. For more information about the action choices available, see Policy Tips.

    To modify an existing Policy Tip, highlight the tip and click Edit Edit Icon.

    To delete an existing Policy Tip, highlight it and click Delete Delete Icon and then confirm your action.

  4. Click Save to finish modifying the Policy Tip and save your changes.

  5. Click Close to finish managing your Policy Tips and save your changes.

Use the Shell to create custom Policy Tip notification text

The following example creates a new English-language Policy Tip that will block a message from being sent. The text of this custom Policy Tip is changed to the following value: "This message appears to contain restricted content and will not be delivered."

Copy Code 
New-PolicyTipConfig -Name en\Reject -Value "This message appears to contain restricted content and will not be delivered."

For more information about DLP cmdlets, see Messaging Policy and Compliance Cmdlets.

Use the Shell to modify custom Policy Tip notification text

The following example modifies an existing English-language, notify-only Policy Tip. The text of this custom Policy Tip is changed to "Sending bank account numbers in email is not recommended."

Copy Code 
Set-PolicyTipConfig en\NotifyOnly "Sending bank account numbers in email is not recommended."

For more information about DLP cmdlets, see Messaging Policy and Compliance Cmdlets.

How do you know this worked?

To verify that you have successfully created custom Policy Tip text, do the following:

  1. In the EAC, navigate to Compliance management > Data loss prevention.

  2. Click Policy Tip settings Policy Tip Settings.

  3. Click Refresh Refresh Icon.

  4. Confirm that your action, locale and text for that locale appear in the list.

For more information