獨立版 EOP 中的郵件流程規則 (傳輸規則)Mail flow rules (transport rules) in standalone EOP

重要

改良的 Microsoft 365 安全性中心現在可供公開預覽。The improved Microsoft 365 security center is now available in public preview. 這個新的體驗將適用於端點的 Defender、適用於 Office 365 的 Defender、Microsoft 365 Defender 和更多功能帶到 Microsoft 365 安全性中心裡面。This new experience brings Defender for Endpoint, Defender for Office, 365 Microsoft 365 Defender, and more into the Microsoft 365 security center. 了解新功能Learn what's new. 本主題僅適合適用於 Office 365 的 Microsoft Defender 和 Microsoft 365 Defender。This topic might apply to both Microsoft Defender for Office 365 and Microsoft 365 Defender. 請參閱 [適用於] 區段,並且尋找此文章中可能有所不同的特定圖說文字。Refer to the Applies To section and look for specific call outs in this article where there might be differences.

適用於Applies to

在獨立 Exchange Online Protection (EOP 中) 沒有 Exchange Online 信箱的組織,您可以使用郵件流程 (規則(也稱為傳輸規則) )來識別並對透過您的組織傳遞的郵件採取動作。In standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, you can use mail flow rules (also known as transport rules) to identify and take action on messages that flow through your organization.

本主題說明郵件流程規則的元件和它們的運作方式。This topic explains the components of mail flow rules, and how they work.

如需建立、複製和管理郵件流程規則的步驟,請參閱 管理 Exchange Online 中的郵件流程規則 (部分內容為機器翻譯)。For steps to create, copy, and manage mail flow rules, see Manage mail flow rules in Exchange Online. 針對每個規則,您可以選擇強制執行規則、測試規則,或測試規則並通知寄件者。For each rule, you have the option of enforcing it, testing it, or testing it and notifying the sender. 若要深入了解測試選項,請參閱測試郵件流程規則Exchange Online 中的原則提示 (部分內容為機器翻譯)。To learn more about the testing options, see Test mail flow rules and Policy Tips in Exchange Online.

如需符合郵件流程規則之郵件的摘要和詳細報告,請參閱 Use mail protection reports,以查看有關惡意程式碼、垃圾郵件和規則偵測的資料。For summary and detail reports about messages that matched mail flow rules, see Use mail protection reports to view data about malware, spam, and rule detections.

若要使用郵件流程規則實作特定的訊息原則,請參閱下列主題︰To implement specific messaging policies by using mail flow rules, see these topics:

下列影片提供在獨立 EOP 中設定郵件流程規則的示範。The following video provides a demonstration of setting up mail flow rules in standalone EOP.

郵件流程規則元件Mail flow rule components

郵件流程規則是由條件、例外狀況、動作和屬性所組成︰A mail flow rule is made of conditions, exceptions, actions, and properties:

  • 條件:識別您要套用動作的郵件。Conditions: Identify the messages that you want to apply the actions to. 有些條件會檢查郵件標頭欄位 (例如 [收件者]、[寄件者] 或 [副本] 欄位)。Some conditions examine message header fields (for example, the To, From, or Cc fields). 有些條件則會檢查郵件屬性 (例如郵件主旨、內文、附件、郵件大小或郵件分類)。Other conditions examine message properties (for example, the message subject, body, attachments, message size, or message classification). 在使用大部分的條件時,您都必須指定比較運算子 (例如等於、不等於或包含) 以及要比對的值。Most conditions require you to specify a comparison operator (for example, equals, doesn't equal, or contains) and a value to match. 如果沒有條件或例外狀況,則規則會套用至所有郵件。If there are no conditions or exceptions, the rule is applied to all messages.

如需獨立 EOP 中郵件流程規則條件的詳細資訊,請參閱 郵件流程規則條件和例外狀況 () 在 Exchange Online 中For more information about mail flow rule conditions in standalone EOP, see Mail flow rule conditions and exceptions (predicates) in Exchange Online.

  • 例外狀況:選擇性地識別不應該套用動作的郵件。Exceptions: Optionally identify the messages that the actions shouldn't apply to. 可在條件中使用的訊息識別碼也可用於例外狀況。The same message identifiers that are available in conditions are also available in exceptions. 例外狀況可覆寫條件並防止規則動作套用到郵件,即使郵件符合所有設定的條件也是如此。Exceptions override conditions and prevent the rule actions from being applied to a message, even if the message matches all of the configured conditions.

  • 動作:指定對於符合規則中的條件,但不符合任何例外狀況的郵件,所應採取的動作。Actions: Specify what to do to messages that match the conditions in the rule, and don't match any of the exceptions. 有許多動作可用,例如,拒絕、刪除或重新導向郵件、新增其他收件者、在郵件主旨中新增前置詞,或是將免責聲明插入郵件內文。There are many actions available, such as rejecting, deleting, or redirecting messages, adding additional recipients, adding prefixes in the message subject, or inserting disclaimers in the message body.

如需獨立 EOP 中可用之郵件流程規則動作的詳細資訊,請參閱 mail flow rule actions In Exchange OnlineFor more information about mail flow rule actions that are available in standalone EOP, see Mail flow rule actions in Exchange Online.

  • 屬性:指定其他不是條件、例外狀況或動作的規則設定。Properties: Specify other rules settings that aren't conditions, exceptions or actions. 例如,何時應套用規則、是否強制執行或測試規則,以及規則作用中的時間週期。For example, when the rule should be applied, whether to enforce or test the rule, and the time period when the rule is active.

    如需詳細資訊,請參閱本文中的 郵件流程規則屬性 一節。For more information, see the Mail flow rule properties section in this article.

多個條件、例外狀況和動作Multiple conditions, exceptions, and actions

下表顯示規則中如何處理多個條件、條件值、例外狀況和動作。The following table shows how multiple conditions, condition values, exceptions, and actions are handled in a rule.


元件Component 邏輯Logic 註解Comments
註解Multiple conditions ANDAND 郵件必須符合規則中的所有條件。如果您需要符合一個條件或另一個條件,請對每一個條件使用不同的規則。例如,若要將相同的免責聲明新增至附件和內容包含特定文字的郵件,請為每一個條件建立一個規則。在 EAC 中,您可以輕易地複製規則。A message must match all the conditions in the rule. If you need to match one condition or another, use separate rules for each condition. For example, if you want to add the same disclaimer to messages with attachments and messages that contain specific text, create one rule for each condition. In the EAC, you can easily copy a rule.
具有多個值的一個條件One condition with multiple values OR 有些條件允許您指定多個值。郵件必須符合任何一個 (而非全部) 指定的值。例如,如果電子郵件的主旨為股票價格資訊,而 [主旨包含任何這些字詞] 條件設定為符合 Contoso 或 股票這些字,則此電子郵件滿足該條件,因為主旨至少包含其中一個指定的值。 Some conditions allow you to specify more than one value. The message must match any one (not all) of the specified values. For example, if an email message has the subject Stock price information, and the The subject includes any of these words condition is configured to match the words Contoso or stock, the condition is satisfied because the subject contains at least one of the specified values.
多個例外狀況Multiple exceptions OROR 如果郵件符合任何例外狀況,則動作不會套用到郵件。郵件不必符合所有例外狀況。If a message matches any one of the exceptions, the actions are not applied to the message. The message doesn't have to match all the exceptions.
多個動作Multiple actions ANDAND 符合規則條件的郵件可取得規則中指定的所有動作。例如,如果選取 [在郵件主旨前面加上] 和 [新增收件者到 [密件副本] 方塊] 動作,則兩個動作都會套用至郵件。 Messages that match a rule's conditions get all the actions that are specified in the rule. For example, if the actions Prepend the subject of the message with and Add recipients to the Bcc box are selected, both actions are applied to the message.

請記住,某些動作 (例如,[刪除郵件而不通知任何人] 動作) 會阻止後續規則套用至郵件。其他動作 (例如 [轉寄郵件]) 則不允許額外的動作。Keep in mind that some actions, such as the Delete the message without notifying anyone action, prevent subsequent rules from being applied to a message. Other actions such as Forward the message do not allow additional actions.

您也可以在規則上設定動作,以便在套用該規則時,不要將後續的規則套件到郵件。You can also set an action on a rule so that when that rule is applied, subsequent rules are not applied to the message.

郵件流程規則屬性Mail flow rule properties

下表說明郵件流程規則中可用的規則屬性。The following table describes the rule properties that are available in mail flow rules.


EAC 中的屬性名稱Property name in the EAC PowerShell 中的參數名稱Parameter name in PowerShell 描述Description
優先順序Priority 優先順序Priority 表示規則套用到郵件的順序。預設優先順序是以規則的建立時間為基礎 (較舊規則的優先順序高於較新的規則,而較高優先順序的規則會在較低優先順序的規則之前處理)。 Indicates the order that the rules are applied to messages. The default priority is based on when the rule is created (older rules have a higher priority than newer rules, and higher priority rules are processed before lower priority rules).

您可以在規則清單中向上或向下移動規則,以變更 EAC 中的規則優先順序。You change the rule priority in the EAC by moving the rule up or down in the list of rules. 在 PowerShell 中,您可以設定優先順序編號 (0 是優先順序最高的) 。In PowerShell, you set the priority number (0 is the highest priority).

例如,如果有一個規則是拒絕含有信用卡號碼的郵件,而另一個規則是需要核准,則您一定希望先執行拒絕規則,並停止套用其他規則。For example, if you have one rule to reject messages that include a credit card number, and another one requiring approval, you'll want the reject rule to happen first, and stop applying other rules.

ModeMode ModeMode 您可以指定是否要讓規則立即開始處理郵件,或您是否想要測試規則,而不影響郵件傳遞 (不論是否有資料遺失防護或 DLP 原則提示)。You can specify whether you want the rule to start processing messages immediately, or whether you want to test rules without affecting the delivery of the message (with or without Data Loss Prevention or DLP Policy Tips).

原則提示可在 Outlook 或 網頁型 Outlook 中呈現簡短附註,以提供可能原則違規的相關資訊給正在建立郵件的人員。如需詳細資訊,請參閱 Policy TipsPolicy Tips present a brief note in Outlook or Outlook on the web that provides information about possible policy violations to the person that's creating the message. For more information, see Policy Tips.

如需模式的詳細資訊,請參閱 測試郵件流程規則 (部分內容為機器翻譯)。For more information about the modes, see Test a mail flow rule.

於下列日期啟用此規則Activate this rule on the following date

於下列日期停用此規則Deactivate this rule on the following date

ActivationDateActivationDate

ExpiryDateExpiryDate

指定規則的有效日期範圍。Specifies the date range when the rule is active.
已選取或未選取 [開啟] 核取方塊On check box selected or not selected 新規則:New-TransportRule Cmdlet 上的 Enabled 參數。New rules: Enabled parameter on the New-TransportRule cmdlet.

現有規則:使用 Enable-TransportRuleDisable-TransportRule Cmdlet。Existing rules: Use the Enable-TransportRule or Disable-TransportRule cmdlets.

此值會顯示在規則的 State 屬性中。The value is displayed in the State property of the rule.

您可以建立已停用的規則,而在您準備進行測試時加以啟用。或者,您可以在不刪除規則的情況下進行停用,以保留設定。You can create a disabled rule, and enable it when you're ready to test it. Or, you can disable a rule without deleting it to preserve the settings.
如果無法完成規則處理時便順延郵件Defer the message if rule processing doesn't complete RuleErrorActionRuleErrorAction 您可以指定如果無法完成規則處理時,應該如何處理郵件。預設會忽略此規則,但您可以選擇重新提交郵件進行處理。You can specify how the message should be handled if the rule processing can't be completed. By default, the rule will be ignored, but you can choose to resubmit the message for processing.
符合郵件中的寄件者地址Match sender address in message SenderAddressLocationSenderAddressLocation 如果此規則使用可檢查寄件者電子郵件地址的條件或例外狀況,您可以查看郵件標頭、郵件信封或這兩者的值。If the rule uses conditions or exceptions that examine the sender's email address, you can look for the value in the message header, the message envelope, or both.
停止處理其他規則Stop processing more rules SenderAddressLocationSenderAddressLocation 這是適用於規則的動作,但它看起來像是 EAC 中的屬性。您可以選擇在規則處理郵件之後,停止將其他規則套用至郵件。This is an action for the rule, but it looks like a property in the EAC. You can choose to stop applying additional rules to a message after a rule processes a message.
CommentsComments CommentsComments 您可以輸入有關規則的描述性註解。You can enter descriptive comments about the rule.

郵件流程規則套用至訊息的方式How mail flow rules are applied to messages

通過組織中的所有郵件都會根據組織已啟用的郵件流程規則來評估。All messages that flow through your organization are evaluated against the enabled mail flow rules in your organization. 規則會以 EAC 中的 [郵件流程 規則] 頁面上所列的連續處理 > ,或是根據 PowerShell 中的對應 優先順序 參數值進行處理。Rules are processed in the order listed on the Mail flow > Rules page in EAC, or based on the corresponding Priority parameter value in PowerShell.

每個規則也提供選項可於符合規則時停止處理其他規則。對於符合多個郵件流程規則中條件的郵件而言,此設定很重要 (您想要將哪個規則套用到郵件?全部?僅只一個?)。Each rule also offers the option of stopping processing more rules when the rule is matched. This setting is important for messages that match the conditions in multiple mail flow rules (which rule do you want applied to the message? All? Just one?).

郵件類型引發的處理差異Differences in processing based on message type

通過組織的郵件有幾種類型。下表顯示郵件流程規則可處理的郵件類型。There are several types of messages that pass through an organization. The following table shows which messages types can be processed by mail flow rules.


通過組織的郵件有幾種類型。下表顯示傳輸規則可處理哪些郵件類型。Type of message 郵件類型Can a rule be applied?
一般郵件:包含單一 RTF 格式 (RTF)、HTML 或純文字郵件內文的郵件,或包含一組多部分或替代郵件內文的郵件。Regular messages: Messages that contain a single rich text format (RTF), HTML, or plain text message body or a multipart or alternative set of message bodies. Yes
Office 365 郵件加密:Office 365 中 Office 365 郵件加密所加密的郵件。Office 365 Message Encryption: Messages encrypted by Office 365 Message Encryption in Office 365. 如需詳細資訊,請參閱 Office 365 加密 (部分內容為機器翻譯)。For more information, see Encryption in Office 365. 規則永遠可以存取信封標頭,並根據可檢查這些標頭的條件來處理郵件。Rules can always access envelope headers and process messages based on conditions that inspect those headers.

如需可檢查或修改加密郵件內容的規則,您必須確認已啟用傳輸解密 (強制或選擇性;預設值是選擇性)。For a rule to inspect or modify the contents of an encrypted message, you need to verify that transport decryption is enabled (Mandatory or Optional; the default is Optional). 如需詳細資訊,請參閱定義 Office 365 中將電子郵件加密或解密的規則 (部分內容為機器翻譯)。For more information, see Define rules to encrypt or decrypt email messages in Office 365.

S/MIME 加密的郵件S/MIME encrypted messages 規則只可以存取信封標頭,並根據可檢查這些標頭的條件來處理郵件。Rules can only access envelope headers and process messages based on conditions that inspect those headers.

無法處理具有需要檢查郵件內容之條件的規則,或具有可以修改郵件內容之動作的規則。Rules with conditions that require inspection of the message's content, or actions that modify the message's content can't be processed.

RMS 保護的訊息:已套件 Active Directory Rights Management Services(AD RMS) 或 Azure 版權管理 (RMS) 原則的郵件。RMS protected messages: Messages that had an Active Directory Rights Management Services (AD RMS) or Azure Rights Management (RMS) policy applied. 規則永遠可以存取信封標頭,並根據可檢查這些標頭的條件來處理郵件。Rules can always access envelope headers and process messages based on conditions that inspect those headers.

如需可檢查或修改 RMS 保護之郵件內容的規則,您必須確認已啟用傳輸解密 (強制或選擇性;預設值是選擇性)。For a rule to inspect or modify the contents of an RMS protected message, you need to verify that transport decryption is enabled (Mandatory or Optional; the default is Optional).

明文簽章的郵件:已簽署但未加密的郵件。Clear-signed messages: Messages that have been signed but not encrypted. Yes
UM 郵件:由整合通訊服務建立或處理的郵件 (如語音信箱、傳真、未接來電通知),以及使用 Microsoft Outlook 語音存取 建立或轉寄的郵件。UM messages: Messages that are created or processed by the Unified Messaging service, such as voice mail, fax, missed call notifications, and messages created or forwarded by using Microsoft Outlook Voice Access. Yes
匿名郵件:匿名寄件者所傳送的郵件。Anonymous messages: Messages sent by anonymous senders. Yes
讀取報告:為了回應寄件者的索取讀信回條而產生的報告。Read reports: Reports that are generated in response to read receipt requests by senders. 讀取內含 IPM.Note*.MdnReadIPM.Note*.MdnNotRead 之郵件類別的報告。Read reports have a message class of IPM.Note*.MdnRead or IPM.Note*.MdnNotRead. Yes

其他注意事項What else should I know?

  • 在 Exchange Online Protection 中,規則的 版本RuleVersion 屬性值並不重要。The Version or RuleVersion property value for a rule isn't important in Exchange Online Protection.

  • 在建立或修改郵件流程規則之後,可能需要 30 分鐘,以將新規則或更新的規則套用至訊息。After you create or modify a mail flow rule, it can take up to 30 minutes for the new or updated rule to be applied to messages.

如需詳細資訊For more information

使用郵件流程規則來檢查 Exchange Online 中的郵件附件Use mail flow rules to inspect message attachments in Exchange Online

Office 365 中的電子郵件加密Email encryption in Office 365

日誌、傳輸和收件匣規則限制Journal, transport, and inbox rule limits