Hey everyone, I need some help with setting up a transport rule to quarantine most emails coming from the Gmail.com domain to our organization. My cybersecurity team specifically requested this, but one of the senior system admins advised against using filters based on the subject or body of the emails. I've been trying to use a header filter with keywords to target messages that have our domain in the subject line, but it's not effective at quarantining emails that contain [email protected] in the topics. I've also experimented with PowerShell to create a RegEx that would act as a wildcard for any [email protected] emails, but that hasn't worked either. Am I missing something here? Thanks in advance for your help!
2 Answers
I'm a bit confused about your approach. It seems like you should be focusing on filtering by the sender's address rather than looking for instances of your own domain in the subject line. Instead of using "header with keywords," try using a direct filter that checks if the sender's address contains '@gmail.com'. This should effectively quarantine the right emails without the hassle of regex or incorrect subject filtering. Let me know if you need more detailed steps for MS Exchange!
It sounds like you're overcomplicating things a bit. From what you've described, a straightforward transport rule could look like this:
- The sender is 'external' AND
- The sender domain is 'gmail.com' AND
- The recipient domain is '' -> quarantine the emails.
If there are specific people who should still receive these emails, you can add an exception for them!
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures