New-TransportRule

Syntax

Default (Default)

New-TransportRule
    [-Name] <String>
    [-ActivationDate <DateTime>]
    [-ADComparisonAttribute <ADAttribute>]
    [-ADComparisonOperator <Evaluation>]
    [-AddManagerAsRecipientType <AddedRecipientType>]
    [-AddToRecipients <RecipientIdParameter[]>]
    [-AnyOfCcHeader <RecipientIdParameter[]>]
    [-AnyOfCcHeaderMemberOf <RecipientIdParameter[]>]
    [-AnyOfRecipientAddressContainsWords <Word[]>]
    [-AnyOfRecipientAddressMatchesPatterns <Pattern[]>]
    [-AnyOfToCcHeader <RecipientIdParameter[]>]
    [-AnyOfToCcHeaderMemberOf <RecipientIdParameter[]>]
    [-AnyOfToHeader <RecipientIdParameter[]>]
    [-AnyOfToHeaderMemberOf <RecipientIdParameter[]>]
    [-ApplyClassification <String>]
    [-ApplyHtmlDisclaimerFallbackAction <DisclaimerFallbackAction>]
    [-ApplyHtmlDisclaimerLocation <DisclaimerLocation>]
    [-ApplyHtmlDisclaimerText <DisclaimerText>]
    [-ApplyOME <Boolean>]
    [-ApplyRightsProtectionCustomizationTemplate <OMEConfigurationIdParameter>]
    [-ApplyRightsProtectionTemplate <RmsTemplateIdParameter>]
    [-AttachmentContainsWords <Word[]>]
    [-AttachmentExtensionMatchesWords <Word[]>]
    [-AttachmentHasExecutableContent <Boolean>]
    [-AttachmentIsPasswordProtected <Boolean>]
    [-AttachmentIsUnsupported <Boolean>]
    [-AttachmentMatchesPatterns <Pattern[]>]
    [-AttachmentNameMatchesPatterns <Pattern[]>]
    [-AttachmentProcessingLimitExceeded <Boolean>]
    [-AttachmentPropertyContainsWords <Word[]>]
    [-AttachmentSizeOver <ByteQuantifiedSize>]
    [-BetweenMemberOf1 <RecipientIdParameter[]>]
    [-BetweenMemberOf2 <RecipientIdParameter[]>]
    [-BlindCopyTo <RecipientIdParameter[]>]
    [-Comments <String>]
    [-Confirm]
    [-ContentCharacterSetContainsWords <Word[]>]
    [-CopyTo <RecipientIdParameter[]>]
    [-DeleteMessage <Boolean>]
    [-DlpPolicy <String>]
    [-Disconnect <Boolean>]
    [-DomainController <Fqdn>]
    [-Enabled <Boolean>]
    [-ExceptIfADComparisonAttribute <ADAttribute>]
    [-ExceptIfADComparisonOperator <Evaluation>]
    [-ExceptIfAnyOfCcHeader <RecipientIdParameter[]>]
    [-ExceptIfAnyOfCcHeaderMemberOf <RecipientIdParameter[]>]
    [-ExceptIfAnyOfRecipientAddressContainsWords <Word[]>]
    [-ExceptIfAnyOfRecipientAddressMatchesPatterns <Pattern[]>]
    [-ExceptIfAnyOfToCcHeader <RecipientIdParameter[]>]
    [-ExceptIfAnyOfToCcHeaderMemberOf <RecipientIdParameter[]>]
    [-ExceptIfAnyOfToHeader <RecipientIdParameter[]>]
    [-ExceptIfAnyOfToHeaderMemberOf <RecipientIdParameter[]>]
    [-ExceptIfAttachmentContainsWords <Word[]>]
    [-ExceptIfAttachmentExtensionMatchesWords <Word[]>]
    [-ExceptIfAttachmentHasExecutableContent <Boolean>]
    [-ExceptIfAttachmentIsPasswordProtected <Boolean>]
    [-ExceptIfAttachmentIsUnsupported <Boolean>]
    [-ExceptIfAttachmentMatchesPatterns <Pattern[]>]
    [-ExceptIfAttachmentNameMatchesPatterns <Pattern[]>]
    [-ExceptIfAttachmentProcessingLimitExceeded <Boolean>]
    [-ExceptIfAttachmentPropertyContainsWords <Word[]>]
    [-ExceptIfAttachmentSizeOver <ByteQuantifiedSize>]
    [-ExceptIfBetweenMemberOf1 <RecipientIdParameter[]>]
    [-ExceptIfBetweenMemberOf2 <RecipientIdParameter[]>]
    [-ExceptIfContentCharacterSetContainsWords <Word[]>]
    [-ExceptIfFrom <RecipientIdParameter[]>]
    [-ExceptIfFromAddressContainsWords <Word[]>]
    [-ExceptIfFromAddressMatchesPatterns <Pattern[]>]
    [-ExceptIfFromMemberOf <RecipientIdParameter[]>]
    [-ExceptIfFromScope <FromUserScope>]
    [-ExceptIfHasClassification <String>]
    [-ExceptIfHasNoClassification <Boolean>]
    [-ExceptIfHasSenderOverride <Boolean>]
    [-ExceptIfHeaderContainsMessageHeader <HeaderName>]
    [-ExceptIfHeaderContainsWords <Word[]>]
    [-ExceptIfHeaderMatchesMessageHeader <HeaderName>]
    [-ExceptIfHeaderMatchesPatterns <Pattern[]>]
    [-ExceptIfManagerAddresses <RecipientIdParameter[]>]
    [-ExceptIfManagerForEvaluatedUser <EvaluatedUser>]
    [-ExceptIfMessageContainsDataClassifications <Hashtable[]>]
    [-ExceptIfMessageSizeOver <ByteQuantifiedSize>]
    [-ExceptIfMessageTypeMatches <MessageType>]
    [-ExceptIfRecipientADAttributeContainsWords <Word[]>]
    [-ExceptIfRecipientADAttributeMatchesPatterns <Pattern[]>]
    [-ExceptIfRecipientAddressContainsWords <Word[]>]
    [-ExceptIfRecipientAddressMatchesPatterns <Pattern[]>]
    [-ExceptIfRecipientDomainIs <Word[]>]
    [-ExceptIfRecipientInSenderList <Word[]>]
    [-ExceptIfSCLOver <SclValue>]
    [-ExceptIfSenderADAttributeContainsWords <Word[]>]
    [-ExceptIfSenderADAttributeMatchesPatterns <Pattern[]>]
    [-ExceptIfSenderDomainIs <Word[]>]
    [-ExceptIfSenderInRecipientList <Word[]>]
    [-ExceptIfSenderIpRanges <MultiValuedProperty>]
    [-ExceptIfSenderManagementRelationship <ManagementRelationship>]
    [-ExceptIfSentTo <RecipientIdParameter[]>]
    [-ExceptIfSentToMemberOf <RecipientIdParameter[]>]
    [-ExceptIfSentToScope <ToUserScope>]
    [-ExceptIfSubjectContainsWords <Word[]>]
    [-ExceptIfSubjectMatchesPatterns <Pattern[]>]
    [-ExceptIfSubjectOrBodyContainsWords <Word[]>]
    [-ExceptIfSubjectOrBodyMatchesPatterns <Pattern[]>]
    [-ExceptIfWithImportance <Importance>]
    [-ExpiryDate <DateTime>]
    [-From <RecipientIdParameter[]>]
    [-FromAddressContainsWords <Word[]>]
    [-FromAddressMatchesPatterns <Pattern[]>]
    [-FromMemberOf <RecipientIdParameter[]>]
    [-FromScope <FromUserScope>]
    [-GenerateIncidentReport <RecipientIdParameter>]
    [-GenerateNotification <DisclaimerText>]
    [-HasClassification <String>]
    [-HasNoClassification <Boolean>]
    [-HasSenderOverride <Boolean>]
    [-HeaderContainsMessageHeader <HeaderName>]
    [-HeaderContainsWords <Word[]>]
    [-HeaderMatchesMessageHeader <HeaderName>]
    [-HeaderMatchesPatterns <Pattern[]>]
    [-IncidentReportContent <IncidentReportContent[]>]
    [-IncidentReportOriginalMail <IncidentReportOriginalMail>]
    [-LogEventText <EventLogText>]
    [-ManagerAddresses <RecipientIdParameter[]>]
    [-ManagerForEvaluatedUser <EvaluatedUser>]
    [-MessageContainsDataClassifications <Hashtable[]>]
    [-MessageSizeOver <ByteQuantifiedSize>]
    [-MessageTypeMatches <MessageType>]
    [-Mode <RuleMode>]
    [-ModerateMessageByManager <Boolean>]
    [-ModerateMessageByUser <RecipientIdParameter[]>]
    [-NotifySender <NotifySenderType>]
    [-PrependSubject <SubjectPrefix>]
    [-Priority <Int32>]
    [-Quarantine <Boolean>]
    [-RecipientADAttributeContainsWords <Word[]>]
    [-RecipientADAttributeMatchesPatterns <Pattern[]>]
    [-RecipientAddressContainsWords <Word[]>]
    [-RecipientAddressMatchesPatterns <Pattern[]>]
    [-RecipientAddressType <RecipientAddressType>]
    [-RecipientDomainIs <Word[]>]
    [-RecipientInSenderList <Word[]>]
    [-RedirectMessageTo <RecipientIdParameter[]>]
    [-RejectMessageEnhancedStatusCode <RejectEnhancedStatus>]
    [-RejectMessageReasonText <RejectText>]
    [-RemoveHeader <HeaderName>]
    [-RemoveOME <Boolean>]
    [-RemoveOMEv2 <Boolean>]
    [-RemoveRMSAttachmentEncryption <Boolean>]
    [-RouteMessageOutboundConnector <OutboundConnectorIdParameter>]
    [-RouteMessageOutboundRequireTls <Boolean>]
    [-RuleErrorAction <RuleErrorAction>]
    [-RuleSubType <RuleSubType>]
    [-SCLOver <SclValue>]
    [-SenderADAttributeContainsWords <Word[]>]
    [-SenderADAttributeMatchesPatterns <Pattern[]>]
    [-SenderAddressLocation <SenderAddressLocation>]
    [-SenderDomainIs <Word[]>]
    [-SenderInRecipientList <Word[]>]
    [-SenderIpRanges <MultiValuedProperty>]
    [-SenderManagementRelationship <ManagementRelationship>]
    [-SentTo <RecipientIdParameter[]>]
    [-SentToMemberOf <RecipientIdParameter[]>]
    [-SentToScope <ToUserScope>]
    [-SetAuditSeverity <String>]
    [-SetHeaderName <HeaderName>]
    [-SetHeaderValue <HeaderValue>]
    [-SetSCL <SclValue>]
    [-SmtpRejectMessageRejectStatusCode <RejectStatusCode>]
    [-SmtpRejectMessageRejectText <RejectText>]
    [-StopRuleProcessing <Boolean>]
    [-SubjectContainsWords <Word[]>]
    [-SubjectMatchesPatterns <Pattern[]>]
    [-SubjectOrBodyContainsWords <Word[]>]
    [-SubjectOrBodyMatchesPatterns <Pattern[]>]
    [-UseLegacyRegex <Boolean>]
    [-WhatIf]
    [-WithImportance <Importance>]
    [<CommonParameters>]

Description

Examples

Example 1

New-TransportRule "Ethical Wall - Sales and Brokerage Departments" -BetweenMemberOf1 "Sales Department" -BetweenMemberOf2 "Brokerage Department" -ExceptIfFrom "Tony Smith","Pilar Ackerman" -ExceptIfSubjectContainsWords "Press Release","Corporate Communication" -RejectMessageReasonText "Messages sent between the Sales and Brokerage departments are strictly prohibited."

Parameters

-ActivationDate

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

The ActivationDate parameter specifies when the rule starts processing messages. The rule doesn't take any action on messages until the specified date/time.

Use the short date format that's defined in the Regional Options settings on the computer where you're running the command. For example, if the computer is configured to use the short date format MM/dd/yyyy, enter 09/01/2018 to specify September 1, 2018. You can enter the date only, or you can enter the date and time of day. If you enter the date and time of day, enclose the value in quotation marks ("), for example, "09/01/2018 5:00 PM".

Parameter properties

Parameter sets

-ADComparisonAttribute

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The ADComparisonAttribute parameter specifies a condition that compares an Active Directory attribute between the sender and all recipients of the message. This parameter works when the recipients are individual users. This parameter doesn't work with distribution groups.

You can use any of the following Active Directory attributes:

• City
• Company
• Country
• CustomAttribute1 to CustomAttribute15
• Department
• DisplayName
• Email
• FaxNumber
• FirstName
• HomePhoneNumber
• Initials
• LastName
• Manager
• MobileNumber
• Notes
• Office
• OtherFaxNumber
• OtherHomePhoneNumber
• OtherPhoneNumber
• PagerNumber
• PhoneNumber
• POBox
• State
• Street
• Title
• UserLogonName
• ZipCode

If you don't use the ADComparisonOperator parameter, the default comparison operator Equal is used.

Parameter properties

Parameter sets

-ADComparisonOperator

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The ADComparisonOperator parameter specifies the comparison operator for the ADComparisonAttribute parameter. Valid values are:

• Equal (default value)
• NotEqual

Parameter properties

Parameter sets

-AddManagerAsRecipientType

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The AddManagerAsRecipientType parameter specifies an action that delivers or redirects messages to the user that's defined in the sender's Manager attribute. Valid values are:

• To: Add the sender's manager to the To field of the message.
• Cc: Add the sender's manager to the Cco field of the message.
• Bcc: Add the sender's manager to the Bcc field of the message.
• Redirect: Redirect the message to the sender's manager without notifying the sender or the recipients.

This action only works if the sender's Manager attribute is defined.

Parameter properties

Parameter sets

-AddToRecipients

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available on Mailbox servers and Edge Transport servers.

The AddToRecipients parameter specifies an action that adds recipients to the To field of messages. You can use any value that uniquely identifies the recipient. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

Parameter properties

Parameter sets

-AnyOfCcHeader

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AnyOfCcHeader parameter specifies a condition that looks for recipients in the Cc field of messages. You can use any value that uniquely identifies the recipient. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

A match for this condition applies the rule action to all recipients of the message. For example, if the action is to reject the message, the message is rejected for all recipients of the message, not just for the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-AnyOfCcHeaderMemberOf

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AnyOfCcHeaderMemberOf parameter specifies a condition that looks for group members in the Cc field of messages. You can use any value that uniquely identifies the group. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

A match for this condition applies the rule action to all recipients of the message. For example, if the action is to reject the message, the message is rejected for all recipients of the message, not just for the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-AnyOfRecipientAddressContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available on Mailbox servers and Edge Transport servers.

The AnyOfRecipientAddressContainsWords parameter specifies a condition that looks for words in recipient email addresses. You can specify multiple words separated by commas.

A match for this condition applies the rule action to all recipients of the message. For example, if the action is to reject the message, the message is rejected for all recipients of the message, not just for the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-AnyOfRecipientAddressMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available on Mailbox servers and Edge Transport servers.

The AnyOfRecipientAddressMatchesPatterns parameter specifies a condition that looks for text patterns in recipient email addresses by using regular expressions. You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

A match for this condition applies the rule action to all recipients of the message. For example, if the action is to reject the message, the message is rejected for all recipients of the message, not just for the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-AnyOfToCcHeader

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AnyOfToCcHeader parameter specifies a condition that looks for recipients in the To or Cc fields of messages. You can use any value that uniquely identifies the recipient. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

A match for this condition applies the rule action to all recipients of the message. For example, if the action is to reject the message, the message is rejected for all recipients of the message, not just for the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-AnyOfToCcHeaderMemberOf

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AnyOfToCcHeaderMemberOf parameter specifies a condition that looks for group members in the To and Cc fields of messages. You can use any value that uniquely identifies the group. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

A match for this condition applies the rule action to all recipients of the message. For example, if the action is to reject the message, the message is rejected for all recipients of the message, not just for the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-AnyOfToHeader

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AnyOfToHeader parameter specifies a condition that looks for recipients in the To field of messages. You can use any value that uniquely identifies the recipient. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

A match for this condition applies the rule action to all recipients of the message. For example, if the action is to reject the message, the message is rejected for all recipients of the message, not just for the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-AnyOfToHeaderMemberOf

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AnyOfToHeaderMemberOf parameter specifies a condition that looks for group members in the To field of messages. You can use any value that uniquely identifies the group. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

A match for this condition applies the rule action to all recipients of the message. For example, if the action is to reject the message, the message is rejected for all recipients of the message, not just for the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-ApplyClassification

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The ApplyClassification parameter specifies an action that applies a message classification to messages. Use the Get-MessageClassification cmdlet to see the message classification objects that are available.

The message classification referred to in this parameter is the custom message classification that you can create in your organization by using the New-MessageClassification cmdlet. It isn't related to the data loss prevention (DLP) data classification.

Parameter properties

Parameter sets

-ApplyHtmlDisclaimerFallbackAction

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The ApplyHtmlDisclaimerFallbackAction parameter specifies what to do if the HTML disclaimer can't be applied to a message (for example, encrypted or signed messages where the contents can't be altered). Valid values are:

• Wrap: This value is the default. A new message is created and the original message is added to it as an attachment. The disclaimer text is added to the new message, which is delivered to the recipients.

  If you want other rules to examine and act on the original message (which is now an attachment in the new message), make sure those rules are applied before the disclaimer rule by using a lower priority for the disclaimer rule and higher priority for other rules.

  If the process of inserting the original message as an attachment in the new message fails, the original message isn't delivered. The original message is returned to the sender in an NDR.

  In Microsoft 365, don't use this value in rules that affect incoming messages from external senders. Use the value Reject instead. The effects of the value Wrap interfere with Safe Attachments scanning of messages from external senders.

• Ignore: The rule is ignored and the original message is delivered without the disclaimer.

• Reject: The original message is returned to the sender in an NDR.

If you don't use this parameter with the ApplyHtmlDisclaimerText parameter, the default value Wrap is used.

Parameter properties

Parameter sets

-ApplyHtmlDisclaimerLocation

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The ApplyHtmlDisclaimerLocation parameter specifies where to insert the HTML disclaimer text in the body of messages. Valid values are:

• Append: The disclaimer is added to the end of the message body. This value is the default.
• Prepend: The disclaimer is inserted at the beginning of the message body.

If you don't use this parameter with the ApplyHtmlDisclaimerText parameter, the default value Append is used.

Parameter properties

Parameter sets

-ApplyHtmlDisclaimerText

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The ApplyHtmlDisclaimerText parameter specifies an action that adds the disclaimer text to messages. Disclaimer text can include HTML tags and inline cascading style sheet (CSS) tags. You can add images using the IMG tag.

This parameter also supports the following tokens that use values from the sender:

• %%City%%
• %%Company%%
• %%CountryOrRegion%%
• %%Department%%
• %%DisplayName%%
• %%Fax%%
• %%FirstName%%
• %%HomePhone%%
• %%Initials%%
• %%LastName%%
• %%Manager%%
• %%MobilePhone%%
• %%Notes%%
• %%Office%%
• %%Pager%%
• %%Phone%%
• %%PostalCode%%
• %%PostOfficeBox%%
• %%StateOrProvince%%
• %%StreetAddress%%
• %%Title%%
• %%UserPrincipalName%%
• %%WindowsEmailAddress%%

The maximum number of characters is 5000.

You use the ApplyHtmlDisclaimerLocation parameter to specify where to insert the text in the message body (the default value is Append), and the ApplyHtmlDisclaimerFallbackAction parameter to specify what to do if the disclaimer can't be added to the message (the default value is Wrap).

Parameter properties

Parameter sets

-ApplyOME

Applicable: Exchange Online, Exchange Online Protection

This parameter is available only in the cloud-based service.

This parameter specifies an action or part of an action for the rule.

The ApplyOME parameter specifies an action that encrypts messages and their attachments by using Microsoft Purview Message Encryption. Valid values are:

• $true: The message and attachments are encrypted.
• $false: The message and attachments aren't encrypted.

Parameter properties

Parameter sets

-ApplyRightsProtectionCustomizationTemplate

Applicable: Exchange Online, Exchange Online Protection

This parameter is available only in the cloud-based service.

This parameter specifies an action or part of an action for the rule.

The ApplyRightsProtectionCustomizationTemplate parameter specifies an action that applies a custom branding template for OME encrypted messages. You identify the custom branding template by name. If the name contains spaces, enclose the name in quotation marks (").

Parameter properties

Parameter sets

-ApplyRightsProtectionTemplate

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The ApplyRightsProtectionTemplate parameter specifies an action that applies rights management service (RMS) templates to messages. You identify the RMS template by name. If the name contains spaces, enclose the name in quotation marks (").

To use this action, you need to have an Active Directory Rights Management Services (AD RMS) server in your organization, or your organization needs to use the ILS service.

Use the Get-RMSTemplate cmdlet to see the RMS templates that are available.

For more information, see Transport protection rules.

Parameter properties

Parameter sets

-AttachmentContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AttachmentContainsWords parameter specifies a condition that looks for words in message attachments. Only supported attachment types are checked.

To specify multiple words or phrases, this parameter uses the syntax: Word1,"Phrase with spaces",word2,...wordN. Don't use leading or trailing spaces.

Parameter properties

Parameter sets

-AttachmentExtensionMatchesWords

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AttachmentExtensionMatchesWords parameter specifies a condition that looks for words in the file name extensions of message attachments. You can specify multiple words separated by commas.

Note: Nested attachment extensions (files inside the original attachments) are also inspected. To see all attachment extensions that were evaluated for a specific message, use the Test-TextExtraction cmdlet.

Parameter properties

Parameter sets

-AttachmentHasExecutableContent

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AttachmentHasExecutableContent parameter specifies a condition that inspects messages where an attachment is an executable file. Valid values are:

• $true: Look for executable content in message attachments.
• $false: Don't look for executable content in message attachments.

The system inspects the file properties rather than relying on the file's extension. For more information, see Supported executable file types for mail flow rule inspection.

Parameter properties

Parameter sets

-AttachmentIsPasswordProtected

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AttachmentIsPasswordProtected parameter specifies a condition that looks for password protected files in messages (because the contents of the file can't be inspected). Password detection works for Office documents, compressed files (.zip, .7z), and .pdf files. Valid values are:

• $true: Look for password protected attachments.
• $false: Don't look for password protected attachments.

Parameter properties

Parameter sets

-AttachmentIsUnsupported

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AttachmentIsUnsupported parameter specifies a condition that looks for unsupported file types in messages. Valid values are:

• $true: Look for unsupported file types in messages.
• $false: Don't look for unsupported file types in messages.

Rules can inspect the content of supported file types only. If the rule finds an attachment file type that isn't supported, the AttachmentIsUnsupported condition is triggered.

For the list of supported file types, see Supported file types for mail flow rule content inspection.

In Exchange 2010, to extend the list of supported file types, see Register Filter Pack IFilters.

Parameter properties

Parameter sets

-AttachmentMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AttachmentMatchesPatterns parameter specifies a condition that looks for text patterns in the content of message attachments by using regular expressions. Only supported attachment types are checked.

You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

Only the first 150 kilobytes (KB) of the attachment is scanned when trying to match a text pattern.

Parameter properties

Parameter sets

-AttachmentNameMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AttachmentNameMatchesPatterns parameter specifies a condition that looks for text patterns in the file name of message attachments by using regular expressions. You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

Parameter properties

Parameter sets

-AttachmentProcessingLimitExceeded

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AttachmentProcessingLimitExceeded parameter specifies a condition that looks for messages where attachment scanning didn't complete. Valid values are:

• $true: Look for messages where attachment scanning didn't complete.
• $false: Don't look for messages where attachment scanning didn't complete.

You use this condition to create rules that work together with other attachment processing rules to handle messages where the content can't be fully scanned.

Parameter properties

Parameter sets

-AttachmentPropertyContainsWords

Applicable: Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The AttachmentPropertyContainsWords parameter specifies a condition that looks for words in the properties of attached Office documents. This condition helps integrate mail flow rules (transport rules) with the File Classification Infrastructure (FCI) in Windows Server 2012 R2 or later, SharePoint, or a non-Microsoft classification system. Valid values are a built-in document property, or a custom property. The built-in document properties are:

• Business Impact
• Compliancy
• Confidentiality
• Department
• Impact
• Intellectual Property
• Personally Identifiable Information
• Personal Information
• Personal Use
• Required Clearance
• PHI
• PII
• Project
• Protected Health Information

The syntax for this parameter is "PropertyName:Word". To specify multiple properties, or multiple words for the same property, use the following syntax: "PropertyName1:Word1,Phrase with spaces,word2,...","PropertyName2:Word3,Phrase with spaces,word4,...". Don't use leading or trailing spaces.

When you specify multiple properties, or multiple values for the same property, the or operator is used.

Parameter properties

Parameter sets

-AttachmentSizeOver

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available on Mailbox servers and Edge Transport servers.

The AttachmentSizeOver parameter specifies a condition that looks for messages where any attachment is greater than the specified size.

When you enter a value, qualify the value with one of the following units:

• B (bytes)
• KB (kilobytes)
• MB (megabytes)
• GB (gigabytes)
• TB (terabytes)

Unqualified values are typically treated as bytes, but small values might be rounded up to the nearest kilobyte.

The embedded images are treated as attachments (for example, messages with a picture in the signature); for this reason, we do not recommend using a very small value since unexpected messages are blocked.

Parameter properties

Parameter sets

-BetweenMemberOf1

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The BetweenMemberOf1 parameter specifies a condition that looks for messages that are sent between group members. You need to use this parameter with the BetweenMemberOf2 parameter. You can use any value that uniquely identifies the group. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

Parameter properties

Parameter sets

-BetweenMemberOf2

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The BetweenMemberOf2 parameter specifies a condition that looks for messages that are sent between group members. You need to use this parameter with the BetweenMemberOf1 parameter. You can use any value that uniquely identifies the group. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

Parameter properties

Parameter sets

-BlindCopyTo

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available on Mailbox servers and Edge Transport servers.

The BlindCopyTo parameter specifies an action that adds recipients to the Bcc field of messages. You can use any value that uniquely identifies the recipient. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

Parameter properties

Parameter sets

-Comments

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

The Comments parameter specifies optional descriptive text for the rule (for example, what the rule is used for, or how it has changed over time). The length of the comment can't exceed 1024 characters. If the value contains spaces, enclose the value in quotation marks (").

Parameter properties

Parameter sets

-Confirm

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.

• Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: -Confirm:$false.
• Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.

Parameter properties

Parameter sets

-ContentCharacterSetContainsWords

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The ContentCharacterSetContainsWords parameter specifies a condition that looks for character set names in messages.

To specify multiple words or phrases, this parameter uses the syntax: Word1,"Phrase with spaces",word2,...wordN. Don't use leading or trailing spaces.

Parameter properties

Parameter sets

-CopyTo

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available on Mailbox servers and Edge Transport servers.

The CopyTo parameter specifies an action that adds recipients to the Cc field of messages. You can use any value that uniquely identifies the recipient. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

Parameter properties

Parameter sets

-DeleteMessage

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available on Mailbox servers and Edge Transport servers.

The DeleteMessage parameter specifies an action that silently drops messages without an NDR. Valid values are:

• $true: Silently drop the message without an NDR.
• $false: Don't silently drop the message.

Parameter properties

Parameter sets

-Disconnect

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter is functional only on Edge Transport servers in on-premises Exchange.

This parameter specifies an action or part of an action for the rule.

The Disconnect parameter specifies an action that ends the SMTP connection between the sending server and the Edge Transport server without generating an NDR.

• $true: Silently end the SMTP session without generating an NDR.
• $false: Don't silently end the SMTP session.

Parameter properties

Parameter sets

-DlpPolicy

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online

Note: This parameter is functional only in on-premises Exchange.

The DlpPolicy parameter specifies the data loss prevention (DLP) policy that's associated with the rule. Each DLP policy is enforced using a set of mail flow rules (transport rules). To learn more about DLP, see Data loss prevention in Exchange Server.

Parameter properties

Parameter sets

-DomainController

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

This parameter is available only in on-premises Exchange.

The DomainController parameter specifies the ___domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the ___domain controller by its fully qualified ___domain name (FQDN). For example, dc01.contoso.com.

The DomainController parameter isn't supported on Edge Transport servers. An Edge Transport server uses the local instance of Active Directory Lightweight Directory Services (AD LDS) to read and write data.

Parameter properties

Parameter sets

-Enabled

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

The Enabled parameter specifies whether the new rule is created as enabled or disabled. Valid values are:

• $true: The new rule is enabled. This value is the default.
• $false: The new rule is disabled.

To enable or disable a rule after you create it, use the Enable-TransportRule and Disable-TransportRule cmdlets.

Parameter properties

Parameter sets

-ExceptIfADComparisonAttribute

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfADComparisonAttribute parameter specifies an exception that compares an Active Directory attribute between the sender and all recipients of the message. This parameter works when the recipients are individual users. This parameter doesn't work with distribution groups.

You can use any of the following Active Directory attributes:

• City
• Company
• Country
• CustomAttribute1 to CustomAttribute15
• Department
• DisplayName
• Email
• FaxNumber
• FirstName
• HomePhoneNumber
• Initials
• LastName
• Manager
• MobileNumber
• Notes
• Office
• OtherFaxNumber
• OtherHomePhoneNumber
• OtherPhoneNumber
• PagerNumber
• PhoneNumber
• POBox
• State
• Street
• Title
• UserLogonName
• ZipCode

If you don't use the ExceptIfADComparisonOperator parameter, the default comparison operator Equal is used.

Parameter properties

Parameter sets

-ExceptIfADComparisonOperator

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfADComparisonOperator parameter specifies the comparison operator for the ExceptIfADComparisonAttribute parameter. Valid values are:

• Equal (default value)
• NotEqual

Parameter properties

Parameter sets

-ExceptIfAnyOfCcHeader

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAnyOfCcHeader parameter specifies an exception that looks for recipients in the Cc field of messages. You can use any value that uniquely identifies the recipient. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

A match for this exception prevents the rule action from being applied to all recipients of the message. For example, if the action is to reject the message, the message is delivered to all recipients of the message, not just to the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-ExceptIfAnyOfCcHeaderMemberOf

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAnyOfCcHeaderMemberOf parameter specifies an exception that looks for group members in the Cc field of messages. You can use any value that uniquely identifies the group. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

A match for this exception prevents the rule action from being applied to all recipients of the message. For example, if the action is to reject the message, the message is delivered to all recipients of the message, not just to the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-ExceptIfAnyOfRecipientAddressContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfAnyOfRecipientAddressContainsWords parameter specifies an exception that looks for words in recipient email addresses. You can specify multiple words separated by commas.

A match for this exception prevents the rule action from being applied to all recipients of the message. For example, if the action is to reject the message, the message is delivered to all recipients of the message, not just to the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-ExceptIfAnyOfRecipientAddressMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfAnyOfRecipientAddressMatchesPatterns parameter specifies an exception that looks for text patterns in recipient email addresses by using regular expressions. You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

A match for this exception prevents the rule action from being applied to all recipients of the message. For example, if the action is to reject the message, the message is delivered to all recipients of the message, not just to the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-ExceptIfAnyOfToCcHeader

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAnyOfToCcHeader parameter specifies an exception that looks for recipients in the To or Cc fields of messages. You can use any value that uniquely identifies the recipient. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

A match for this exception prevents the rule action from being applied to all recipients of the message. For example, if the action is to reject the message, the message is delivered to all recipients of the message, not just to the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-ExceptIfAnyOfToCcHeaderMemberOf

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAnyOfToCcHeaderMemberOf parameter specifies an exception that looks for group members in the To and Cc fields of messages. You can use any value that uniquely identifies the group. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

A match for this exception prevents the rule action from being applied to all recipients of the message. For example, if the action is to reject the message, the message is delivered to all recipients of the message, not just to the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-ExceptIfAnyOfToHeader

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAnyOfToHeader parameter specifies an exception that looks for recipients in the To field of messages. You can use any value that uniquely identifies the recipient. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

A match for this exception prevents the rule action from being applied to all recipients of the message. For example, if the action is to reject the message, the message is delivered to all recipients of the message, not just to the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-ExceptIfAnyOfToHeaderMemberOf

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAnyOfToHeaderMemberOf parameter specifies an exception that looks for group members in the To field of messages. You can use any value that uniquely identifies the group. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

A match for this exception prevents the rule action from being applied to all recipients of the message. For example, if the action is to reject the message, the message is delivered to all recipients of the message, not just to the specified recipients.

Note: This condition or exception doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.

Parameter properties

Parameter sets

-ExceptIfAttachmentContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAttachmentContainsWords parameter specifies an exception that looks for words in message attachments. Only supported attachment types are checked.

To specify multiple words or phrases, this parameter uses the syntax: Word1,"Phrase with spaces",word2,...wordN. Don't use leading or trailing spaces.

Parameter properties

Parameter sets

-ExceptIfAttachmentExtensionMatchesWords

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAttachmentExtensionMatchesWords parameter specifies an exception that looks for words in the file name extensions of message attachments. You can specify multiple words separated by commas.

Note: Nested attachment extensions (files inside the original attachments) are also inspected. To see all attachment extensions that were evaluated for a specific message, use the Test-TextExtraction cmdlet.

Parameter properties

Parameter sets

-ExceptIfAttachmentHasExecutableContent

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAttachmentHasExecutableContent parameter specifies an exception that inspects messages where an attachment is an executable file. Valid values are:

• $true: Look for executable content in message attachments.
• $false: Don't look for executable content in message attachments.

The system inspects the file properties rather than relying on the file extension. For more information, see Supported executable file types for mail flow rule inspection.

Parameter properties

Parameter sets

-ExceptIfAttachmentIsPasswordProtected

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAttachmentIsPasswordProtected parameter specifies an exception that looks for password protected files in messages (because the contents of the file can't be inspected). Password detection works for Office documents, compressed files (.zip, .7z), and .pdf files. Valid values are:

• $true: Look for password protected attachments.
• $false: Don't look for password protected attachments.

Parameter properties

Parameter sets

-ExceptIfAttachmentIsUnsupported

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAttachmentIsUnsupported parameter specifies an exception that looks for unsupported file types in messages. Valid values are:

• $true: Look for unsupported file types in messages.
• $false: Don't look for unsupported file types in messages.

Rules can inspect the content of supported file types only. If the rule finds an attachment file type that isn't supported, the ExceptIfAttachmentIsUnsupported exception is triggered.

For the list of supported file types, see Supported file types for mail flow rule content inspection.

In Exchange 2010, to extend the list of supported file types, see Register Filter Pack IFilters.

Parameter properties

Parameter sets

-ExceptIfAttachmentMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAttachmentMatchesPatterns parameter specifies an exception that looks for text patterns in the content of message attachments by using regular expressions. Only supported attachment types are checked.

You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

Only the first 150 KB of the attachment is scanned when trying to match a text pattern.

Parameter properties

Parameter sets

-ExceptIfAttachmentNameMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAttachmentNameMatchesPatterns parameter specifies an exception that looks for text patterns in the file name of message attachments by using regular expressions. You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

Parameter properties

Parameter sets

-ExceptIfAttachmentProcessingLimitExceeded

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAttachmentProcessingLimitExceeded parameter specifies an exception that looks for messages where attachment scanning didn't complete. Valid values are:

• $true: Look for messages where attachment scanning didn't complete.
• $false: Don't look for messages where attachment scanning didn't complete.

You use this exception to create rules that work together with other attachment processing rules to handle messages where the content can't be fully scanned.

Parameter properties

Parameter sets

-ExceptIfAttachmentPropertyContainsWords

Applicable: Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfAttachmentPropertyContainsWords parameter specifies an exception that looks for words in the properties of attached Office documents. This condition helps integrate rules with the File Classification Infrastructure (FCI) in Windows Server 2012 R2 or later, SharePoint, or a non-Microsoft classification system. Valid values are a built-in document property, or a custom property. The built-in document properties are:

• Business Impact
• Compliancy
• Confidentiality
• Department
• Impact
• Intellectual Property
• Personally Identifiable Information
• Personal Information
• Personal Use
• Required Clearance
• PHI
• PII
• Project
• Protected Health Information

The syntax for this parameter is "PropertyName:Word". To specify multiple properties, or multiple words for the same property, use the following syntax: "PropertyName1:Word1,Phrase with spaces,word2,...","PropertyName2:Word3,Phrase with spaces,word4,...". Don't use values with leading or trailing spaces.

When you specify multiple properties, or multiple values for the same property, the or operator is used.

Parameter properties

Parameter sets

-ExceptIfAttachmentSizeOver

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfAttachmentSizeOver parameter specifies an exception that looks for messages where any attachment is greater than the specified size.

When you enter a value, qualify the value with one of the following units:

• B (bytes)
• KB (kilobytes)
• MB (megabytes)
• GB (gigabytes)
• TB (terabytes)

Unqualified values are typically treated as bytes, but small values might be rounded up to the nearest kilobyte.

Parameter properties

Parameter sets

-ExceptIfBetweenMemberOf1

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfBetweenMemberOf1 parameter specifies an exception that looks for messages that are sent between group members. You need to use this parameter with the ExceptIfBetweenMemberOf2 parameter. You can use any value that uniquely identifies the group. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

Parameter properties

Parameter sets

-ExceptIfBetweenMemberOf2

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfBetweenMemberOf2 parameter specifies an exception that looks for messages that are sent between group members. You need to use this parameter with the ExceptIfBetweenMemberOf1 parameter. You can use any value that uniquely identifies the group. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

Parameter properties

Parameter sets

-ExceptIfContentCharacterSetContainsWords

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfContentCharacterSetContainsWords parameter specifies an exception that looks for character set names in messages.

To specify multiple words or phrases, this parameter uses the syntax: Word1,"Phrase with spaces",word2,...wordN. Don't use leading or trailing spaces.

Parameter properties

Parameter sets

-ExceptIfFrom

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfFrom parameter specifies an exception that looks for messages from specific senders. You can use any value that uniquely identifies the sender. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

You can use SenderAddressLocation parameter to specify where to look for the sender's email address (message header, message envelope, or both).

Parameter properties

Parameter sets

-ExceptIfFromAddressContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfFromAddressContainsWords parameter specifies an exception that looks for words in the sender's email address. You can specify multiple words separated by commas.

You can use SenderAddressLocation parameter to specify where to look for the sender's email address (message header, message envelope, or both).

Parameter properties

Parameter sets

-ExceptIfFromAddressMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfFromAddressMatchesPatterns parameter specifies an exception that looks for text patterns in the sender's email address by using regular expressions. You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

You can use SenderAddressLocation parameter to specify where to look for the sender's email address (message header, message envelope, or both).

Note: Trying to search for empty From addresses using this parameter doesn't work.

Parameter properties

Parameter sets

-ExceptIfFromMemberOf

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfFromMemberOf parameter specifies an exception that looks for messages sent by group members. You can use any value that uniquely identifies the group. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

You can use SenderAddressLocation parameter to specify where to look for the sender's email address (message header, message envelope, or both).

Parameter properties

Parameter sets

-ExceptIfFromScope

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfFromScope parameter specifies an exception that looks for the ___location of message senders. Valid values are:

• InOrganization: The message was sent or received over an authenticated connection AND the sender meets at least one of the following criteria: The sender is a mailbox, mail user, group, or mail-enabled public folder in the organization, OR the sender's email address is in an accepted ___domain that's configured as an authoritative ___domain or an internal relay ___domain in the organization.
• NotInOrganization: The sender's email address isn't in an accepted ___domain or the sender's email address is in an accepted ___domain that's configured as an external relay ___domain.

Parameter properties

Parameter sets

-ExceptIfHasClassification

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfHasClassification parameter specifies an exception that looks for messages with the specified message classification.

You use the Get-MessageClassification cmdlet to identify the message classification. For example, to find messages with the Company Internal classification, use the following syntax:

-ExceptIfHasClassification @(Get-MessageClassification "Company Internal").Identity

The message classification referred to in this parameter is the custom message classification that you can create in your organization by using the New-MessageClassification cmdlet. It isn't related to the DLP data classification.

Parameter properties

Parameter sets

-ExceptIfHasNoClassification

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfHasNoClassification parameter specifies an exception that looks for messages with or without any message classifications. Valid values are:

• $true: Look for messages that don't have a message classification.
• $false: Look for messages that have one or more message classifications.

Parameter properties

Parameter sets

-ExceptIfHasSenderOverride

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

Note: This parameter is functional only in on-premises Exchange.

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfHasSenderOverride parameter specifies an exception that looks for messages where the sender chose to override a DLP policy. Valid values are:

• $true: Look for messages where the sender took action to override a DLP policy.
• $false: Don't look for messages where the sender took action to override a DLP policy.

Parameter properties

Parameter sets

-ExceptIfHeaderContainsMessageHeader

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfHeaderContainsMessageHeader parameter specifies the name of header field in the message header when searching for the words specified by the ExceptIfHeaderContainsWords parameter.

Parameter properties

Parameter sets

-ExceptIfHeaderContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfHeaderContainsWords parameter specifies an exception that looks for words in a header field.

To specify multiple words or phrases, this parameter uses the syntax: Word1,"Phrase with spaces",word2,...wordN. Don't use leading or trailing spaces.

You specify the header field to search by using the ExceptIfHeaderContainsMessageHeader parameter.

Parameter properties

Parameter sets

-ExceptIfHeaderMatchesMessageHeader

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfHeaderMatchesMessageHeader parameter specifies the name of header field in the message header when searching for the text patterns specified by the ExceptIfHeaderMatchesPatterns parameter.

Parameter properties

Parameter sets

-ExceptIfHeaderMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfHeaderMatchesPatterns parameter specifies an exception that looks for text patterns in a header field by using regular expressions. You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

You specify the header field to search by using the ExceptIfHeaderMatchesMessageHeader parameter.

Parameter properties

Parameter sets

-ExceptIfManagerAddresses

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfManagerAddresses parameter specifies the users (managers) for the ExceptIfManagerForEvaluatedUser parameter. You can use any value that uniquely identifies the user. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

You specify if you want to look for these users as managers of senders or recipients by using the ExceptIfManagerForEvaluatedUser parameter.

Parameter properties

Parameter sets

-ExceptIfManagerForEvaluatedUser

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfManagerForEvaluatedUser parameter specifies an exception that looks for users in the Manager attribute of senders or recipients. Valid values are:

• Recipient: The user is the manager of a recipient.
• Sender: The user is the manager of the sender.

You specify the users to look for by using the ExceptIfManagerAddresses parameter.

Parameter properties

Parameter sets

-ExceptIfMessageContainsDataClassifications

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online

Note: This parameter is functional only in on-premises Exchange.

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfMessageContainsDataClassifications parameter specifies an exception that looks for sensitive information types in the body of messages, and in any attachments.

This parameter uses the syntax @{SensitiveInformationType1},@{SensitiveInformationType2},...@{SensitiveInformationTypeN}. For example, to look for content that contains at least two credit card numbers, and at least one ABA routing number, use the value @{Name="Credit Card Number"; minCount="2"},@{Name="ABA Routing Number"; minCount="1"}.

For a list of sensitive information types available, see Sensitive information types in Exchange Server.

Parameter properties

Parameter sets

-ExceptIfMessageSizeOver

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfMessageSizeOver parameter specifies an exception that looks for messages larger than the specified size. The size includes the message and all attachments.

When you enter a value, qualify the value with one of the following units:

• B (bytes)
• KB (kilobytes)
• MB (megabytes)
• GB (gigabytes)
• TB (terabytes)

Unqualified values are typically treated as bytes, but small values might be rounded up to the nearest kilobyte.

Parameter properties

Parameter sets

-ExceptIfMessageTypeMatches

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfMessageTypeMatches parameter specifies an exception that looks for messages of the specified type. Valid values are:

• OOF: Auto-reply messages configured by the user.
• AutoForward: Messages automatically forwarded to an alternative recipient. In Exchange Online, if the message is forwarded using mailbox forwarding (also known as SMTP forwarding), this exception does not match during mail flow rule evaluation.
• Encrypted: S/MIME encrypted messages. In thin clients like Outlook on the web, encryption as a message type is currently not supported.
• Calendaring: Meeting requests and responses.
• PermissionControlled: Messages that have specific permissions configured using Office 365 Message Encryption (OME), Rights Management, and sensitivity labels (with encryption).
• Voicemail: Voice mail messages forwarded by Unified Messaging service.
• Signed: Digitally signed messages.
• ApprovalRequest: Moderation request messages sent to moderators.
• ReadReceipt: Read receipts.

Parameter properties

Parameter sets

-ExceptIfRecipientADAttributeContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfRecipientADAttributeContainsWords parameter specifies an exception that looks for words in the Active Directory attributes of recipients. This parameter works when the recipient is an individual user. This parameter doesn't work with distribution groups.

You can use any of the following Active Directory attributes:

• City
• Company
• Country
• CustomAttribute1 to CustomAttribute15
• Department
• DisplayName
• Email
• FaxNumber
• FirstName
• HomePhoneNumber
• Initials
• LastName
• Manager
• MobileNumber
• Notes
• Office
• OtherFaxNumber
• OtherHomePhoneNumber
• OtherPhoneNumber
• PagerNumber
• PhoneNumber
• POBox
• State
• Street
• Title
• UserLogonName
• ZipCode

This parameter uses the syntax: "AttributeName:Word". To specify multiple attributes, or multiple words for the same attribute, use the following syntax: "AttributeName1:Word1,Phrase with spaces,word2...","AttributeName2:Word3,Phrase with spaces,word4...". Don't use words with leading or trailing spaces.

For example, "City:San Francisco,Palo Alto" or "City:San Francisco,Palo Alto","Department:Sales,Finance".

When you specify multiple attributes, or multiple values for the same attribute, the or operator is used.

Parameter properties

Parameter sets

-ExceptIfRecipientADAttributeMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfRecipientADAttributeMatchesPatterns parameter specifies an exception that looks for text patterns in the Active Directory attributes of recipients by using regular expressions. This parameter works when the recipient is an individual user. This parameter doesn't work with distribution groups.

You can use any of the following Active Directory attributes:

• City
• Company
• Country
• CustomAttribute1 to CustomAttribute15
• Department
• DisplayName
• Email
• FaxNumber
• FirstName
• HomePhoneNumber
• Initials
• LastName
• Manager
• MobileNumber
• Notes
• Office
• OtherFaxNumber
• OtherHomePhoneNumber
• OtherPhoneNumber
• PagerNumber
• PhoneNumber
• POBox
• State
• Street
• Title
• UserLogonName
• ZipCode

This parameter uses the syntax: "AttributeName:Regular Expression". To specify multiple attributes, or multiple words for the same attribute, use the following syntax: "AttributeName1:Regular Expression1,Regular Expression2...","AttributeName2:Regular Expression3,Regular Expression4...".

When you specify multiple attributes, or multiple values for the same attribute, the or operator is used.

Parameter properties

Parameter sets

-ExceptIfRecipientAddressContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfRecipientAddressContainsWords parameter specifies an exception that looks for words in recipient email addresses. You can specify multiple words separated by commas. This parameter works when the recipient is an individual user. This parameter doesn't work with distribution groups.

Parameter properties

Parameter sets

-ExceptIfRecipientAddressMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfRecipientAddressMatchesPatterns parameter specifies an exception that looks for text patterns in recipient email addresses by using regular expressions. You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

This parameter works when the recipient is an individual user. This parameter doesn't work with distribution groups.

Parameter properties

Parameter sets

-ExceptIfRecipientDomainIs

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfRecipientDomainIs parameter specifies an exception that looks for recipients with email addresses in the specified domains. You can specify multiple domains separated by commas.

This exception matches domains and subdomains. For example, "contoso.com" matches both "contoso.com" and "subdomain.contoso.com".

Parameter properties

Parameter sets

-ExceptIfRecipientInSenderList

Applicable: Exchange Online, Exchange Online Protection

This parameter is available only in the cloud-based service.

This parameter is reserved for internal Microsoft use.

Parameter properties

Parameter sets

-ExceptIfSCLOver

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfSCLOver parameter specifies an exception that looks for the SCL value of messages. Valid values are:

• -1: The message is from a trusted sender, so the message bypasses spam filtering.
• Integers 0 through 9: A higher value indicates that a message is more likely to be spam.

The rule looks for messages with an SCL value that's greater than or equal to the specified value.

Parameter properties

Parameter sets

-ExceptIfSenderADAttributeContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfSenderADAttributeContainsWords parameter specifies an exception that looks for words in Active Directory attributes of message senders.

You can use any of the following Active Directory attributes:

• City
• Company
• Country
• CustomAttribute1 to CustomAttribute15
• Department
• DisplayName
• Email
• FaxNumber
• FirstName
• HomePhoneNumber
• Initials
• LastName
• Manager
• MobileNumber
• Notes
• Office
• OtherFaxNumber
• OtherHomePhoneNumber
• OtherPhoneNumber
• PagerNumber
• PhoneNumber
• POBox
• State
• Street
• Title
• UserLogonName
• ZipCode

This parameter uses the syntax: "AttributeName:Word". To specify multiple attributes, or multiple words for the same attribute, use the following syntax: "AttributeName1:Word1,Phrase with spaces,word2...","AttributeName2:Word3,Phrase with spaces,word4...". Don't use words with leading or trailing spaces.

For example, "City:San Francisco,Palo Alto" or "City:San Francisco,Palo Alto","Department:Sales,Finance".

When you specify multiple attributes, or multiple values for the same attribute, the or operator is used.

Parameter properties

Parameter sets

-ExceptIfSenderADAttributeMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfSenderADAttributeMatchesPatterns parameter specifies an exception that looks for text patterns in Active Directory attributes of message senders by using regular expressions.

You can use any of the following Active Directory attributes:

• City
• Company
• Country
• CustomAttribute1 to CustomAttribute15
• Department
• DisplayName
• Email
• FaxNumber
• FirstName
• HomePhoneNumber
• Initials
• LastName
• Manager
• MobileNumber
• Notes
• Office
• OtherFaxNumber
• OtherHomePhoneNumber
• OtherPhoneNumber
• PagerNumber
• PhoneNumber
• POBox
• State
• Street
• Title
• UserLogonName
• ZipCode

This parameter uses the syntax: "AttributeName:Regular Expression". To specify multiple attributes, or multiple words for the same attribute, use the following syntax: "AttributeName1:Regular Expression1,Regular Expression2...","AttributeName2:Regular Expression3,Regular Expression4...".

When you specify multiple attributes, or multiple values for the same attribute, the or operator is used.

Parameter properties

Parameter sets

-ExceptIfSenderDomainIs

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfSenderDomainIs parameter specifies an exception that looks for senders with email address in the specified domains. You can specify multiple domains separated by commas.

This exception matches domains and subdomains. For example, "contoso.com" matches both "contoso.com" and "subdomain.contoso.com".

You can use SenderAddressLocation parameter to specify where to look for the sender's email address (message header, message envelope, or both).

Parameter properties

Parameter sets

-ExceptIfSenderInRecipientList

Applicable: Exchange Online, Exchange Online Protection

This parameter is available only in the cloud-based service.

This parameter is reserved for internal Microsoft use.

Parameter properties

Parameter sets

-ExceptIfSenderIpRanges

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfSenderIpRanges parameter specifies an exception that looks for senders whose IP addresses matches the specified value, or fall within the specified ranges. Valid values are:

• Single IP address: For example, 192.168.1.1.
• IP address range: For example, 192.168.0.1-192.168.0.254.
• Classless InterDomain Routing (CIDR) IP address range: For example, 192.168.0.1/25.

You can specify multiple values separated by commas.

In Exchange Online, the IP address that's used during evaluation of this exception is the address of the last hop before reaching the service. This IP address is not guaranteed to be the original sender's IP address, especially if non-Microsoft software is used during message transport.

Parameter properties

Parameter sets

-ExceptIfSenderManagementRelationship

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfSenderManagementRelationship parameter specifies an exception that looks for the relationship between the sender and recipients in messages. Valid values are:

• Manager: The sender is the manager of a recipient.
• DirectReport: A recipient is the manager of the sender.

Parameter properties

Parameter sets

-ExceptIfSentTo

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfSentTo parameter specifies an exception that looks for recipients in messages. You can use any value that uniquely identifies the recipient. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

Parameter properties

Parameter sets

-ExceptIfSentToMemberOf

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

The ExceptIfSentToMemberOf parameter specifies an exception that looks for messages sent to members of groups. You can use any value that uniquely identifies the group. For example:

• Name
• Distinguished name (DN)
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

If you remove the group after you create the rule, no exception is made for messages that are sent to members of the group.

Parameter properties

Parameter sets

-ExceptIfSentToScope

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfSentToScope parameter specifies an exception that looks for the ___location of a recipient. Valid values are:

• InOrganization: The message was sent or received over an authenticated connection AND the recipient meets at least one of the following criteria: The recipient is a mailbox, mail user, group, or mail-enabled public folder in the organization, OR the recipient's email address is in an accepted ___domain that's configured as an authoritative ___domain or an internal relay ___domain in the organization.
• NotInOrganization: The recipients are outside the organization. The recipient's email address isn't in an accepted ___domain or is in an accepted ___domain that's configured as an external relay ___domain in the organization.
• ExternalPartner: This value is available only in on-premises Exchange. The recipients are in a partner organization where you've configured Domain Security (mutual TLS authentication) to send mail.
• ExternalNonPartner: This value is available only in on-premises Exchange. The recipients are external to your organization, and the organization isn't a partner organization.

Parameter properties

Parameter sets

-ExceptIfSubjectContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfSubjectContainsWords parameter specifies an exception that looks for words in the Subject field of messages.

To specify multiple words or phrases, use the following syntax: Word1,"Phrase with spaces",word2,...wordN. Don't use leading or trailing spaces.

The maximum length of this parameter is 128 characters.

Parameter properties

Parameter sets

-ExceptIfSubjectMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfSubjectMatchesPatterns parameter specifies an exception that looks for text patterns in the Subject field of messages by using regular expressions. You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

Parameter properties

Parameter sets

-ExceptIfSubjectOrBodyContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfSubjectOrBodyContainsWords parameter specifies an exception that looks for words in the Subject field or body of messages.

To specify multiple words or phrases, use the following syntax: Word1,"Phrase with spaces",word2,...wordN. Don't use leading or trailing spaces.

The maximum length of this parameter is 128 characters.

Parameter properties

Parameter sets

-ExceptIfSubjectOrBodyMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available on Mailbox servers and Edge Transport servers.

The ExceptIfSubjectOrBodyMatchesPatterns parameter specifies an exception that looks for text patterns in the Subject field or body of messages. You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

Parameter properties

Parameter sets

-ExceptIfWithImportance

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

In on-premises Exchange, this exception is available only on Mailbox servers.

The ExceptIfWithImportance parameter specifies an exception that looks for messages with the specified importance level. Valid values are:

• Low
• Normal
• High

Parameter properties

Parameter sets

-ExpiryDate

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an exception or part of an exception for the rule. The name of the corresponding condition parameter doesn't include the ExceptIf prefix.

The ExpiryDate parameter specifies when this rule stops processing messages. The rule doesn't take any action on messages after the specified date/time.

Use the short date format that's defined in the Regional Options settings on the computer where you're running the command. For example, if the computer is configured to use the short date format MM/dd/yyyy, enter 09/01/2018 to specify September 1, 2018. You can enter the date only, or you can enter the date and time of day. If you enter the date and time of day, enclose the value in quotation marks ("), for example, "09/01/2018 5:00 PM".

Parameter properties

Parameter sets

-From

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The From parameter specifies a condition that looks for messages from specific senders. You can use any value that uniquely identifies the sender. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

You can use SenderAddressLocation parameter to specify where to look for the sender's email address (message header, message envelope, or both).

Parameter properties

Parameter sets

-FromAddressContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available on Mailbox servers and Edge Transport servers.

The FromAddressContainsWords parameter specifies a condition that looks for words in the sender's email address. You can specify multiple words separated by commas.

You can use SenderAddressLocation parameter to specify where to look for the sender's email address (message header, message envelope, or both).

Parameter properties

Parameter sets

-FromAddressMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available on Mailbox servers and Edge Transport servers.

The FromAddressMatchesPatterns parameter specifies a condition that looks for text patterns in the sender's email address by using regular expressions. You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

You can use SenderAddressLocation parameter to specify where to look for the sender's email address (message header, message envelope, or both).

Note: Trying to search for empty From addresses using this parameter doesn't work.

Parameter properties

Parameter sets

-FromMemberOf

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The FromMemberOf parameter specifies a condition that looks for messages sent by group members. You can use any value that uniquely identifies the group. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

You can use SenderAddressLocation parameter to specify where to look for the sender's email address (message header, message envelope, or both).

Parameter properties

Parameter sets

-FromScope

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available on Mailbox servers and Edge Transport servers.

The FromScope parameter specifies a condition that looks for the ___location of message senders. Valid values are:

• InOrganization: The message was sent or received over an authenticated connection AND the sender meets at least one of the following criteria: The sender is a mailbox, mail user, group, or mail-enabled public folder in the organization, OR the sender's email address is in an accepted ___domain that's configured as an authoritative ___domain or an internal relay ___domain in the organization.
• NotInOrganization: The sender's email address isn't in an accepted ___domain or the sender's email address is in an accepted ___domain that's configured as an external relay ___domain.

Parameter properties

Parameter sets

-GenerateIncidentReport

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The GenerateIncidentReport parameter specifies where to send the incident report that's defined by the IncidentReportContent parameter. You can use any value that uniquely identifies the recipient. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

Note: An incident report isn't generated for notifications or other incident reports that are generated by DLP or mail flow rules.

Parameter properties

Parameter sets

-GenerateNotification

Applicable: Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The GenerateNotification parameter specifies an action that sends a notification message to recipients that match the conditions of the rule. For example, you can use this parameter to notify recipients that a message was rejected by the rule, or marked as spam and delivered to their Junk Email folder. Each matched recipient receives a separate notification.

This parameter supports plain text, HTML tags and the following keywords that use values from the original message:

• %%From%%
• %%To%%
• %%Cc%%
• %%Subject%%
• %%Headers%%
• %%MessageDate%%

The maximum number of characters is 5120.

Parameter properties

Parameter sets

-HasClassification

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The HasClassification parameter specifies a condition that looks for messages with the specified message classification.

You use the Get-MessageClassification cmdlet to identify the message classification. For example, to find messages with the Company Internal classification, use the following syntax:

-HasClassification @(Get-MessageClassification "Company Internal").Identity

The message classification referred to in this parameter is the custom message classification that you can create in your organization by using the New-MessageClassification cmdlet. It isn't related to the DLP classification.

Parameter properties

Parameter sets

-HasNoClassification

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The HasNoClassification parameter specifies a condition that looks for messages with or without any message classifications. Valid values are:

• $true: Look for messages that don't have a message classification.
• $false: Look for messages that have one or more message classifications.

Parameter properties

Parameter sets

-HasSenderOverride

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

Note: This parameter is functional only in on-premises Exchange.

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The HasSenderOverride parameter specifies a condition that looks for messages where the sender chose to override a DLP policy. Valid values are:

• $true: Look for messages where the sender took action to override a DLP policy.
• $false: Don't look for messages where the sender took action to override a DLP policy.

Parameter properties

Parameter sets

-HeaderContainsMessageHeader

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available on Mailbox servers and Edge Transport servers.

The HeaderContainsMessageHeader parameter specifies the name of header field in the message header when searching for the words specified by the HeaderContainsWords parameter.

Parameter properties

Parameter sets

-HeaderContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available on Mailbox servers and Edge Transport servers.

The HeaderContainsWords parameter specifies a condition that looks for words in a header field.

To specify multiple words or phrases, this parameter uses the syntax: Word1,"Phrase with spaces",word2,...wordN. Don't use leading or trailing spaces.

You specify the header field to search by using the HeaderContainsMessageHeader parameter.

Parameter properties

Parameter sets

-HeaderMatchesMessageHeader

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available on Mailbox servers and Edge Transport servers.

The HeaderMatchesMessageHeader parameter specifies the name of header field in the message header when searching for the text patterns specified by the HeaderMatchesPatterns parameter.

Parameter properties

Parameter sets

-HeaderMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available on Mailbox servers and Edge Transport servers.

The HeaderMatchesPatterns parameter specifies a condition that looks for text patterns in a header field by using regular expressions. You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

You specify the header field to search by using the HeaderMatchesMessageHeader parameter.

Parameter properties

Parameter sets

-IncidentReportContent

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The IncidentReportContent parameter specifies the message properties that are included in the incident report. Valid values are:

• Sender: The sender of the message.
• Recipients: The recipients in the To field of the message. Only the first 10 recipients are displayed in the incident report. If there are more than 10 recipients, the remaining number of recipients are displayed.
• Subject: The Subject field of the message.
• CC: The recipients in the Cc field of the message. Only the first 10 recipients are displayed in the incident report. If there are more than 10 recipients, the remaining number of recipients are displayed.
• BCC: The recipients in the Bcc field of the message. Only the first 10 recipients are displayed in the incident report. If there are more than 10 recipients, the remaining number of recipients are displayed.
• Severity: The audit severity of the rule that was triggered. If the message was processed by more than one rule, the highest severity is displayed.
• RuleDetections: The list of rules that the message triggered.
• FalsePositive: The false positive if the sender marked the message as a false positive for a PolicyTip.
• IdMatch: The sensitive information type that was detected, the exact matched content from the message, and the 150 characters before and after the matched sensitive information.
• AttachOriginalMail: The entire original message as an attachment.

The message ID is always included in the incident report.

You can specify multiple values separated by commas.

You use this parameter with the GenerateIncidentReport parameter.

Parameter properties

Parameter sets

-IncidentReportOriginalMail

Applicable: Exchange Server 2013

This parameter is available only in Exchange Server 2013.

This parameter is deprecated and no longer used. Use the IncidentReportContent parameter instead. The value AttachOriginalMail on the IncidentReportContent parameter is equivalent to setting this parameter to the value IncludeOriginalMail.

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The IncidentReportOriginalMail parameter specifies whether to include the original message with the incident report. Use this parameter with the GenerateIncidentReport parameter. Valid values are:

• IncludeOriginalMail
• DoNotIncludeOriginalMail (this is the default value)

Parameter properties

Parameter sets

-LogEventText

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter is functional only on Edge Transport servers in on-premises Exchange.

This parameter specifies an action or part of an action for the rule.

The LogEventText parameter specifies an action that creates an entry in the Application log on the local Edge Transport server. The value for this parameter specifies the text that you want to include in the event log entry. If the text contains spaces, enclose the value in quotation marks (").

The entry contains the following information:

• Level: Information
• Source: MSExchange Messaging Policies
• Event ID: 4000
• Task Category: Rules
• EventData: The following message is logged by an action in the rules: <text you specify>

Parameter properties

Parameter sets

-ManagerAddresses

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The ManagerAddresses parameter specifies the users (managers) for the ExceptIfManagerForEvaluatedUser parameter. You can use any value that uniquely identifies the user. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

You specify if you want to look for these users as managers of senders or recipients by using the ManagerForEvaluatedUser parameter.

Parameter properties

Parameter sets

-ManagerForEvaluatedUser

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The ManagerForEvaluatedUser parameter specifies a condition that looks for users in the Manager attribute of senders or recipients. Valid values are:

• Recipient: The user is the manager of a recipient.
• Sender: The user is the manager of the sender.

You specify the users to look for by using the ManagerAddresses parameter.

Parameter properties

Parameter sets

-MessageContainsDataClassifications

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online

Note: This parameter is functional only in on-premises Exchange.

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The MessageContainsDataClassifications parameter specifies a condition that looks for sensitive information types in the body of messages, and in any attachments.

This parameter uses the syntax @{SensitiveInformationType1},@{SensitiveInformationType2},...@{SensitiveInformationTypeN}. For example, to look for content that contains at least two credit card numbers, and at least one ABA routing number, use the value @{Name="Credit Card Number"; minCount="2"},@{Name="ABA Routing Number"; minCount="1"}.

For a list of sensitive information types available, see Sensitive information types in Exchange Server.

You can specify the notification options by using the NotifySender parameter.

Parameter properties

Parameter sets

-MessageSizeOver

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available on Mailbox servers and Edge Transport servers.

The MessageSizeOver parameter specifies a condition that looks for messages larger than the specified size. The size includes the message and all attachments.

When you enter a value, qualify the value with one of the following units:

• B (bytes)
• KB (kilobytes)
• MB (megabytes)
• GB (gigabytes)
• TB (terabytes)

Unqualified values are typically treated as bytes, but small values might be rounded up to the nearest kilobyte.

Parameter properties

Parameter sets

-MessageTypeMatches

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The MessageTypeMatches parameter specifies a condition that looks for messages of the specified type. Valid values are:

• OOF: Auto-reply messages configured by the user.
• AutoForward: Messages automatically forwarded to an alternative recipient. In Exchange Online, if the message is forwarded using mailbox forwarding (also known as SMTP forwarding), this condition does not match during mail flow rule evaluation.
• Encrypted: S/MIME encrypted messages. In thin clients like Outlook on the web, encryption as a message type is currently not supported.
• Calendaring: Meeting requests and responses.
• PermissionControlled: Messages that have specific permissions configured using Office 365 Message Encryption (OME), Rights Management, and sensitivity labels (with encryption).
• Voicemail: Voice mail messages forwarded by Unified Messaging service.
• Signed: Digitally signed messages.
• ApprovalRequest: Moderation request messages sent to moderators.
• ReadReceipt: Read receipts.

Parameter properties

Parameter sets

-Mode

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

The Mode parameter specifies how the rule operates. Valid values are:

• Audit: The actions that the rule would have taken are written to the message tracking log, but no action that affects message delivery is taken on the message. The GenerateIncidentReport action occurs.
• AuditAndNotify: The actions that the rule would have taken are written to the message tracking log, but no action that affects message delivery is taken on the message. The GenerateIncidentReport and GenerateNotification actions occur.
• Enforce: All actions specified in the rule are taken. This value is the default.

Parameter properties

Parameter sets

-ModerateMessageByManager

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The ModerateMessageByManager parameter specifies an action that forwards messages for approval to the user that's specified in the sender's Manager attribute. After the manager approves the message, it's delivered to the recipients. Valid values are:

• $true: Moderation by the sender's manager is enabled.
• $false: Moderation by the sender's manager is disabled.

This action only works if the sender's Manager attribute is defined.

Parameter properties

Parameter sets

-ModerateMessageByUser

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The ModerateMessageByUser parameter specifies an action that forwards messages for approval to the specified users. After one of the users approves the message, it's delivered to the recipients. You can use ay value that uniquely identifies the user. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

You can't use a distribution group as a moderator.

Parameter properties

Parameter sets

-Name

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

The Name parameter specifies the unique name of the rule. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks (").

Parameter properties

Parameter sets

-NotifySender

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online

Note: This parameter is functional only in on-premises Exchange.

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The NotifySender parameter specifies an action that notifies the sender when messages violate DLP policies. Valid values are:

• NotifyOnly: The sender is notified, but the message is delivered normally.
• RejectMessage: The message is rejected, and the sender is notified.
• RejectUnlessFalsePositiveOverride: The message is rejected unless it's marked as a false positive by the sender.
• RejectUnlessSilentOverride: The message is rejected unless the sender has chosen to override the policy restriction.
• RejectUnlessExplicitOverride: This is the same as RejectUnlessSilentOverride, but the sender can also provide a justification for overriding the policy restriction.

For all values except NotifyOnly, you can specify an enhanced status code and a rejection reason by using the RejectMessageEnhancedStatusCode and RejectMessageReasonText parameters. The default enhanced status code is 5.7.1, and the default rejection reason is Delivery not authorized, message refused.

If you use this parameter, you also need to specify a condition that looks for sensitive information types in messages by using the MessageContainsDataClassifications parameter.

This action is applicable to messages sent by internal users only. External senders don't receive notifications.

Parameter properties

Parameter sets

-PrependSubject

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available on Mailbox servers and Edge Transport servers.

The PrependSubject parameter specifies an action that adds text to add to the beginning of the Subject field of messages. The value for this parameter is the text that you want to add. If the text contains spaces, enclose the value in quotation marks (").

Consider ending the value for this parameter with a colon (:) and a space, or at least a space, to separate it from the original subject.

Parameter properties

Parameter sets

-Priority

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

The Priority parameter specifies a priority value for the rule that determines the order of rule processing. A lower integer value indicates a higher priority, the value 0 is the highest priority, and rules can't have the same priority value.

Valid values and the default value for this parameter depend on the number of existing rules. For example, if there are 8 existing rules:

• Valid priority values for the existing 8 rules are from 0 through 7.
• Valid priority values for a new rule (the 9th rule) are from 0 through 8.
• The default value for a new rule (the 9th rule) is 8.

If you modify the priority value of a rule, the position of the rule in the list changes to match the priority value you specify. In other words, if you set the priority value of a rule to the same value as an existing rule, the priority value of the existing rule and all other lower priority rules after it is increased by 1.

Parameter properties

Parameter sets

-Quarantine

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Edge Transport servers.

The Quarantine parameter specifies an action that quarantines messages.

• In on-premises Exchange, messages are delivered to the quarantine mailbox that you've configured as part of Content filtering. If the quarantine mailbox isn't configured, the message is returned to the sender in an NDR.
• In Microsoft 365, messages are delivered to the hosted quarantine.

If this action is in a rule that's not the last rule in the list, rule evaluation stops after this rule is run. When the message is released from quarantine, the remaining rules in the list aren't evaluated.

Parameter properties

Parameter sets

-RecipientADAttributeContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The RecipientADAttributeContainsWords parameter specifies a condition that looks for words in the Active Directory attributes of recipients. This parameter works when the recipient is an individual user. This parameter doesn't work with distribution groups.

You can use any of the following Active Directory attributes:

• City
• Company
• Country
• CustomAttribute1 to CustomAttribute15
• Department
• DisplayName
• Email
• FaxNumber
• FirstName
• HomePhoneNumber
• Initials
• LastName
• Manager
• MobileNumber
• Notes
• Office
• OtherFaxNumber
• OtherHomePhoneNumber
• OtherPhoneNumber
• PagerNumber
• PhoneNumber
• POBox
• State
• Street
• Title
• UserLogonName
• ZipCode

This parameter uses the syntax: "AttributeName:Word". To specify multiple attributes, or multiple words for the same attribute, use the following syntax: "AttributeName1:Word1,Phrase with spaces,word2...","AttributeName2:Word3,Phrase with spaces,word4...". Don't use words with leading or trailing spaces.

For example, "City:San Francisco,Palo Alto" or "City:San Francisco,Palo Alto","Department:Sales,Finance".

When you specify multiple attributes, or multiple values for the same attribute, the or operator is used.

Parameter properties

Parameter sets

-RecipientADAttributeMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The RecipientADAttributeMatchesPatterns parameter specifies a condition that looks for text patterns in the Active Directory attributes of recipients by using regular expressions. This parameter works when the recipient is an individual user. This parameter doesn't work with distribution groups.

You can use any of the following Active Directory attributes:

• City
• Company
• Country
• CustomAttribute1 to CustomAttribute15
• Department
• DisplayName
• Email
• FaxNumber
• FirstName
• HomePhoneNumber
• Initials
• LastName
• Manager
• MobileNumber
• Notes
• Office
• OtherFaxNumber
• OtherHomePhoneNumber
• OtherPhoneNumber
• PagerNumber
• PhoneNumber
• POBox
• State
• Street
• Title
• UserLogonName
• ZipCode

This parameter uses the syntax: "AttributeName:Regular Expression". To specify multiple attributes, or multiple words for the same attribute, use the following syntax: "AttributeName1:Regular Expression1,Regular Expression2...","AttributeName2:Regular Expression3,Regular Expression4...".

When you specify multiple attributes, or multiple values for the same attribute, the or operator is used.

Parameter properties

Parameter sets

-RecipientAddressContainsWords

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The RecipientAddressContainsWords parameter specifies a condition that looks for words in recipient email addresses. You can specify multiple words separated by commas. This parameter works when the recipient is an individual user. This parameter doesn't work with distribution groups.

Parameter properties

Parameter sets

-RecipientAddressMatchesPatterns

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The RecipientAddressMatchesPatterns parameter specifies a condition that looks for text patterns in recipient email addresses by using regular expressions. You can specify multiple text patterns by using the following syntax: "Regular expression1","Regular expression2",..."Regular expressionN".

This parameter works when the recipient is an individual user. This parameter doesn't work with distribution groups.

Parameter properties

Parameter sets

-RecipientAddressType

Applicable: Exchange Online, Exchange Online Protection

This parameter is available only in the cloud-based service.

The RecipientAddressType parameter specifies how conditions and exceptions check recipient email addresses. Valid values are:

• Original: The rule checks the original address in the To field of the message.
• Resolved: The rule checks the recipient's primary SMTP email address without checking any proxy addresses. This value is the default.

Parameter properties

Parameter sets

-RecipientDomainIs

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.

In on-premises Exchange, this condition is available only on Mailbox servers.

The RecipientDomainIs parameter specifies a condition that looks for recipients with email addresses in the specified domains. You can specify multiple domains separated by commas.

This condition matches domains and subdomains. For example, "contoso.com" matches both "contoso.com" and "subdomain.contoso.com".

Parameter properties

Parameter sets

-RecipientInSenderList

Applicable: Exchange Online, Exchange Online Protection

This parameter is available only in the cloud-based service.

This parameter is reserved for internal Microsoft use.

Parameter properties

Parameter sets

-RedirectMessageTo

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available on Mailbox servers and Edge Transport servers.

The RedirectMessageTo parameter specifies a rule action that redirects messages to the specified recipients. You can use any value that uniquely identifies the recipient. For example:

• Name
• Alias
• Distinguished name (DN)
• Canonical DN
• Email address
• GUID

You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".

Parameter properties

Parameter sets

-RejectMessageEnhancedStatusCode

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE, Exchange Online, Exchange Online Protection

This parameter specifies an action or part of an action for the rule.

In on-premises Exchange, this action is available only on Mailbox servers.

The RejectMessageEnhancedStatusCode parameter specifies the enhanced status code that's used when the rule rejects messages. Valid values are 5.7.1 or between 5.7.900 and 5.7.999.

You can use this parameter with the NotifySender parameter for a custom non-delivery report (also known as an NDR or bounce message).

If you use this parameter with the RejectMessageReasonText parameter, the enhanced status code value is set to 5.7.1.

To further customize the NDR (for example, multiple languages), you need to create a custom message by using the New-SystemMessage cmdlet.

Parameter properties

Parameter sets

-RejectMessageReasonText