Managing Office 365 and Microsoft 365 (Exchange Online) Mail-Flow Rules

The SonicWall Cloud App Security Office 365 and Microsoft 365 Mail-Flow Rules automate actions for emails-in-traffic based on custom policies. In most enterprise environments, every mail-flow rule falls under one of these categories:

• Delivery Rule: A mail-flow rule that modifies the delivery of the email. For example, a Delivery Rule might:
  • quarantine emails from a specified domain.
  • add emails to the Allowed list that come from a specific IP address.
  • mark emails with a specified nickname as Spam (SCL).
  • send emails to a specified connector.
  • forward emails sent to a specific email address to a different specified email address.
• Modification Rule: A mail-flow rule that modifies the content of the email. For example, a Modification Rule rule might:
  • add [EXTERNAL] to the subject line of an email message, if the sender of the email is from outside your organization.
  • add a disclaimer to the email body footer.

The SonicWall Cloud App Security Protect policy for Office 365 and Microsoft 365 for Exchange Online automatically creates a mail-flow rule with the name of “SonicWall - Protect” with default priority of 0 (highest priority).

Unless you have a reason to keep your rules in a specific order, keep the Delivery Rules on top of the Modification Rules. Place the SonicWall Protect Rule between the Delivery Rules and the Modification Rules.