New-AutoSensitivityLabelRule
This cmdlet is available only in Security & Compliance PowerShell. For more information, see Security & Compliance PowerShell.
Use the New-AutoSensitivityLabelRule cmdlet to create auto-labeling rules and associate then with auto-labeling policies in your organization.
For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.
Syntax
Default (Default)
New-AutoSensitivityLabelRule
[-Name] <String>
-Policy <PolicyIdParameter>
-Workload <Workload>
[-AccessScope <AccessScope>]
[-ActivationDate <System.DateTime>]
[-AnyOfRecipientAddressContainsWords <MultiValuedProperty>]
[-AnyOfRecipientAddressMatchesPatterns <MultiValuedProperty>]
[-Comment <String>]
[-Confirm]
[-ContentContainsSensitiveInformation <PswsHashtable[]>]
[-ContentExtensionMatchesWords <MultiValuedProperty>]
[-ContentPropertyContainsWords <MultiValuedProperty>]
[-Disabled <Boolean>]
[-DocumentCreatedBy <MultiValuedProperty>]
[-DocumentIsPasswordProtected <Boolean>]
[-DocumentIsUnsupported <Boolean>]
[-DocumentNameMatchesWords <MultiValuedProperty>]
[-DocumentSizeOver <Microsoft.Exchange.Data.ByteQuantifiedSize>]
[-ExceptIfAccessScope <AccessScope>]
[-ExceptIfAnyOfRecipientAddressContainsWords <MultiValuedProperty>]
[-ExceptIfAnyOfRecipientAddressMatchesPatterns <MultiValuedProperty>]
[-ExceptIfContentContainsSensitiveInformation <PswsHashtable[]>]
[-ExceptIfContentExtensionMatchesWords <MultiValuedProperty>]
[-ExceptIfContentPropertyContainsWords <MultiValuedProperty>]
[-ExceptIfDocumentCreatedBy <MultiValuedProperty>]
[-ExceptIfDocumentIsPasswordProtected <Boolean>]
[-ExceptIfDocumentIsUnsupported <Boolean>]
[-ExceptIfDocumentNameMatchesWords <MultiValuedProperty>]
[-ExceptIfDocumentSizeOver <Microsoft.Exchange.Data.ByteQuantifiedSize>]
[-ExceptIfFrom <RecipientIdParameter[]>]
[-ExceptIfFromAddressContainsWords <MultiValuedProperty>]
[-ExceptIfFromAddressMatchesPatterns <MultiValuedProperty>]
[-ExceptIfFromMemberOf <SmtpAddress[]>]
[-ExceptIfHeaderMatchesPatterns <PswsHashtable>]
[-ExceptIfProcessingLimitExceeded <Boolean>]
[-ExceptIfRecipientDomainIs <MultiValuedProperty>]
[-ExceptIfSenderDomainIs <MultiValuedProperty>]
[-ExceptIfSenderIPRanges <MultiValuedProperty>]
[-ExceptIfSentTo <MultiValuedProperty>]
[-ExceptIfSentToMemberOf <RecipientIdParameter[]>]
[-ExceptIfSubjectMatchesPatterns <MultiValuedProperty>]
[-ExpiryDate <System.DateTime>]
[-From <RecipientIdParameter[]>]
[-FromAddressContainsWords <MultiValuedProperty>]
[-FromAddressMatchesPatterns <MultiValuedProperty>]
[-FromMemberOf <SmtpAddress[]>]
[-HeaderMatchesPatterns <PswsHashtable>]
[-ImmutableId <System.Guid>]
[-Priority <System.Int32>]
[-ProcessingLimitExceeded <Boolean>]
[-RecipientDomainIs <MultiValuedProperty>]
[-ReportSeverityLevel <RuleSeverity>]
[-RuleErrorAction <PolicyRuleErrorAction>]
[-SenderDomainIs <MultiValuedProperty>]
[-SenderIPRanges <MultiValuedProperty>]
[-SentTo <MultiValuedProperty>]
[-SentToMemberOf <RecipientIdParameter[]>]
[-SourceType <String>]
[-SubjectMatchesPatterns <MultiValuedProperty>]
[-WhatIf]
[<CommonParameters>]
Description
To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see Permissions in the Microsoft Purview compliance portal.
Examples
Example 1
New-AutoSensitivityLabelRule -Name "SocialSecurityRule" -Policy "SSNPolicy" -ContentContainsSensitiveInformation @{"name"="U.S. Social Security Number (SSN)";"mincount"="1"} -Workload SharePoint
This example creates an autolabeling rule named "SocialSecurityRule" that is assigned to the policy "SSNPolicy." This rule looks for Social Security Numbers on documents with a minimum count of 1 on SharePoint sites.
Parameters
-AccessScope
Applicable: Security & Compliance
The AccessScope parameter specifies a condition for the auto-labeling policy rule that's based on the access scope of the content. The rule is applied to content that matches the specified access scope. Valid values are:
- InOrganization: The rule is applied to content that's accessible inside the organization.
- NotInOrganization: The rule is applied to content that's accessible outside the organization.
- None: The condition isn't used.
Parameter properties
| Type: | AccessScope |
| Default value: | None |
| Accepted values: | InOrganization, NotInOrganization, None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ActivationDate
Applicable: Security & Compliance
This parameter is reserved for internal Microsoft use.
Parameter properties
| Type: | System.DateTime |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-AnyOfRecipientAddressContainsWords
Applicable: Security & Compliance
The AnyOfRecipientAddressContainsWords parameter specifies a condition for the auto-labeling policy rule that looks for words or phrases in recipient email addresses. You can specify multiple words or phrases separated by commas.
- Single word:
"no_reply" - Multiple words:
no_reply,urgent,... - Multiple words and phrases:
"phrase 1",word1,"phrase with , or spaces",word2,...
The maximum individual word or phrase length is 128 characters. The maximum number of words or phrases is 600.
You can use this condition in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-AnyOfRecipientAddressMatchesPatterns
Applicable: Security & Compliance
The AnyOfRecipientAddressMatchesPatterns parameter specifies a condition for the auto-labeling policy rule that looks for text patterns in recipient email addresses by using regular expressions. You can specify multiple text patterns by using the following syntax: "regular expression1"|"regular expression2"|..."regular expressionN".
The maximum individual regular expression length is 128 characters. The maximum number of regular expressions is 10.
You can use this condition in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Comment
Applicable: Security & Compliance
The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note".
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Confirm
Applicable: Security & Compliance
The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.
- Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax:
-Confirm:$false. - Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ContentContainsSensitiveInformation
Applicable: Security & Compliance
The ContentContainsSensitiveInformation parameter specifies a condition for the rule that's based on a sensitive information type match in content. The rule is applied to content that contains the specified sensitive information type.
This parameter uses the basic syntax @(@{Name="SensitiveInformationType1";[minCount="Value"],@{Name="SensitiveInformationType2";[minCount="Value"],...). For example, @(@{Name="U.S. Social Security Number (SSN)"; minCount="2"},@{Name="Credit Card Number"; minCount="1"; minConfidence="85"}).
Exact Data Match sensitive information types are supported only groups. For example:
@(@{operator="And"; groups=@(@{name="Default"; operator="Or"; sensitivetypes=@(@{id="<<EDM SIT Id>>"; name="<<EDM SIT name>>"; maxcount="-1"; classifiertype="ExactMatch"; mincount="100"; confidencelevel="Medium"})})})
Parameter properties
| Type: | PswsHashtable[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ContentExtensionMatchesWords
Applicable: Security & Compliance
The ContentExtensionMatchesWords parameter specifies a condition for the auto-labeling policy rule that looks for words in file name extensions. You can specify multiple words separated by commas.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ContentPropertyContainsWords
Applicable: Security & Compliance
The ContentPropertyContainsWords parameter specifies a condition for the auto-labeling policy rule that's based on a property match in content. The rule is applied to content that contains the specified property.
This parameter accepts values in the format: "Property1:Value1,Value2","Property2:Value3,Value4",..."PropertyN:ValueN,ValueN".
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Disabled
Applicable: Security & Compliance
The Disabled parameter specifies whether the auto-labeling policy rule is enabled or disabled. Valid values are:
- $true: The rule is disabled.
- $false: The rule is enabled. This value is the default.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DocumentCreatedBy
Applicable: Security & Compliance
{{ Fill DocumentCreatedBy Description }}
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DocumentIsPasswordProtected
Applicable: Security & Compliance
The DocumentIsPasswordProtected parameter specifies a condition for the auto-labeling policy rule that looks for password protected files (because the contents of the file can't be inspected). Password detection works for Office documents, compressed files (.zip, .7z, .rar, .tar, etc.), and .pdf files. Valid values are:
- $true: Look for password protected files.
- $false: Don't look for password protected files.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DocumentIsUnsupported
Applicable: Security & Compliance
The DocumentIsUnsupported parameter specifies a condition for the auto-labeling policy rule that looks for files that can't be scanned. Valid values are:
- $true: Look for unsupported files that can't be scanned.
- $false: Don't look for unsupported files that can't be scanned.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DocumentNameMatchesWords
Applicable: Security & Compliance
The DocumentNameMatchesWords parameter specifies a condition for the auto-labeling policy rule that looks for words or phrases in the name of message attachments. You can specify multiple words or phrases separated by commas.
- Single word:
"no_reply" - Multiple words:
no_reply,urgent,... - Multiple words and phrases:
"phrase 1",word1,"phrase with , or spaces",word2,...
The maximum individual word or phrase length is 128 characters. The maximum number of words or phrases is 50.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DocumentSizeOver
Applicable: Security & Compliance
The DocumentSizeOver parameter specifies a condition for the auto-labeling policy rule that looks for messages where any attachment is greater than the specified size.
When you enter a value, qualify the value with one of the following units:
- B (bytes)
- KB (kilobytes)
- MB (megabytes)
- GB (gigabytes)
- TB (terabytes)
Unqualified values are typically treated as bytes, but small values might be rounded up to the nearest kilobyte.
You can use this condition in auto-labeling policy rules that are scoped only to Exchange.
Parameter properties
| Type: | Microsoft.Exchange.Data.ByteQuantifiedSize |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfAccessScope
Applicable: Security & Compliance
The ExceptIfAccessScopeAccessScope parameter specifies an exception for the auto-labeling policy rule that's based on the access scope of the content. The rule isn't applied to content that matches the specified access scope. Valid values are:
- InOrganization: The rule isn't applied to content that's accessible inside the organization.
- NotInOrganization: The rule isn't applied to content that's accessible outside the organization.
- None: The exception isn't used.
Parameter properties
| Type: | AccessScope |
| Default value: | None |
| Accepted values: | InOrganization, NotInOrganization, None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfAnyOfRecipientAddressContainsWords
Applicable: Security & Compliance
The ExceptIfAnyOfRecipientAddressContainsWords parameter specifies an exception for the auto-labeling policy rule that looks for words or phrases in recipient email addresses. You can specify multiple words separated by commas.
- Single word:
"no_reply" - Multiple words:
no_reply,urgent,... - Multiple words and phrases:
"phrase 1",word1,"phrase with , or spaces",word2,...
The maximum individual word or phrase length is 128 characters. The maximum number of words or phrases is 600.
You can use this exception in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfAnyOfRecipientAddressMatchesPatterns
Applicable: Security & Compliance
The ExceptIfAnyOfRecipientAddressMatchesPatterns parameter specifies an exception for the auto-labeling policy rule that looks for text patterns in recipient email addresses by using regular expressions. You can specify multiple text patterns by using the following syntax: "regular expression1"|"regular expression2"|..."regular expressionN".
The maximum individual regular expression length is 128 characters. The maximum number of regular expressions is 10.
You can use this exception in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfContentContainsSensitiveInformation
Applicable: Security & Compliance
The ExceptIfContentContainsSensitiveInformation parameter specifies an exception for the auto-labeling policy rule that's based on a sensitive information type match in content. The rule isn't applied to content that contains the specified sensitive information type.
This parameter uses the basic syntax @(@{Name="SensitiveInformationType1";[minCount="Value"],@{Name="SensitiveInformationType2";[minCount="Value"],...). For example, @(@{Name="U.S. Social Security Number (SSN)"; minCount="2"},@{Name="Credit Card Number"}).
Parameter properties
| Type: | PswsHashtable[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfContentExtensionMatchesWords
Applicable: Security & Compliance
The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the auto-labeling policy rule that looks for words in file name extensions. You can specify multiple words separated by commas.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfContentPropertyContainsWords
Applicable: Security & Compliance
The ExceptIfContentPropertyContainsWords parameter specifies an exception for the auto-labeling policy rule that's based on a property match in content. The rule is not applied to content that contains the specified property.
This parameter accepts values in the format: "Property1:Value1,Value2","Property2:Value3,Value4",..."PropertyN:ValueN,ValueN".
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfDocumentCreatedBy
Applicable: Security & Compliance
{{ Fill ExceptIfDocumentCreatedBy Description }}
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfDocumentIsPasswordProtected
Applicable: Security & Compliance
The ExceptIfDocumentIsPasswordProtected parameter specifies an exception for the auto-labeling policy rule that looks for password protected files (because the contents of the file can't be inspected). Password detection works for Office documents, compressed files (.zip, .7z, .rar, .tar, etc.), and .pdf files. Valid values are:
- $true: Look for password protected files.
- $false: Don't look for password protected files.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfDocumentIsUnsupported
Applicable: Security & Compliance
The ExceptIfDocumentIsUnsupported parameter specifies an exception for the auto-labeling policy rule that looks for files that can't be scanned. Valid values are:
- $true: Look for unsupported files that can't be scanned.
- $false: Don't look for unsupported files that can't be scanned.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfDocumentNameMatchesWords
Applicable: Security & Compliance
The ExceptIfDocumentNameMatchesWords parameter specifies an exception for the auto-labeling policy rule that looks for words or phrases in the name of message attachments. You can specify multiple words or phrases separated by commas.
- Single word:
"no_reply" - Multiple words:
no_reply,urgent,... - Multiple words and phrases:
"phrase 1",word1,"phrase with , or spaces",word2,...
The maximum individual word or phrase length is 128 characters. The maximum number of words or phrases is 50.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfDocumentSizeOver
Applicable: Security & Compliance
The ExceptIfDocumentSizeOver parameter specifies an exception for the auto-labeling policy rule that looks for messages where any attachment is greater than the specified size.
When you enter a value, qualify the value with one of the following units:
- B (bytes)
- KB (kilobytes)
- MB (megabytes)
- GB (gigabytes)
- TB (terabytes)
Unqualified values are typically treated as bytes, but small values might be rounded up to the nearest kilobyte.
You can use this exception in auto-labeling policy rules that are scoped only to Exchange.
Parameter properties
| Type: | Microsoft.Exchange.Data.ByteQuantifiedSize |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfFrom
Applicable: Security & Compliance
The ExceptIfFrom parameter specifies an exception for the auto-labeling policy rule that looks for messages from specific senders. You can use any value that uniquely identifies the sender. For example:
- Name
- Alias
- Distinguished name (DN)
- Canonical DN
- Email address
- GUID
Parameter properties
| Type: | RecipientIdParameter[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfFromAddressContainsWords
Applicable: Security & Compliance
The ExceptIfFromAddressContainsWords parameter specifies an exception for the auto-labeling policy rule that looks for words or phrases in the sender's email address. You can specify multiple words or phrases separated by commas.
- Single word:
"no_reply" - Multiple words:
no_reply,urgent,... - Multiple words and phrases:
"phrase 1",word1,"phrase with , or spaces",word2,...
The maximum individual word length is 128 characters. The maximum number of words or phrases is 50.
You can use this exception in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfFromAddressMatchesPatterns
Applicable: Security & Compliance
The ExceptIfFromAddressMatchesPatterns parameter specifies an exception for the auto-labeling policy rule that looks for text patterns in the sender's email address by using regular expressions. You can specify multiple text patterns by using the following syntax: "regular expression1"|"regular expression2"|..."regular expressionN".
The maximum individual regular expression length is 128 characters. The maximum number of regular expressions is 10.
You can use this exception in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfFromMemberOf
Applicable: Security & Compliance
The ExceptIfFromMemberOf parameter specifies an exception for the auto-labeling policy rule that looks for messages sent by group members. You identify the group members by their email addresses.
You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".
Parameter properties
| Type: | SmtpAddress[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfHeaderMatchesPatterns
Applicable: Security & Compliance
The HeaderMatchesPatterns parameter specifies an exception for the auto-labeling policy rule that looks for text patterns in a header field by using regular expressions. You can specify multiple text patterns by using the following syntax: "regular expression1","regular expression2",..."regular expressionN".
You can use this exception in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | PswsHashtable |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfProcessingLimitExceeded
Applicable: Security & Compliance
The ExceptIfProcessingLimitExceeded parameter specifies an exception for the auto-labeling policy rule that looks for files where scanning couldn't complete. Valid values are:
- $true: Look for files where scanning couldn't complete.
- $false: Don't look for files where scanning couldn't complete.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfRecipientDomainIs
Applicable: Security & Compliance
The ExceptIfRecipientDomainIs parameter specifies an exception for the auto-labeling policy rule that looks for recipients with email addresses in the specified domains. You can specify multiple domains separated by commas.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfSenderDomainIs
Applicable: Security & Compliance
The ExceptIfSenderDomainIs parameter specifies an exception for the auto-labeling policy rule that looks for messages from senders with email address in the specified domains. You can specify multiple values separated by commas.
You can use this exception in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfSenderIPRanges
Applicable: Security & Compliance
The ExceptIfSenderIpRanges parameter specifies an exception for the auto-labeling policy rule that looks for senders whose IP addresses matches the specified value, or fall within the specified ranges. Valid values are:
- Single IP address: For example, 192.168.1.1.
- IP address range: For example, 192.168.0.1-192.168.0.254.
- Classless Inter-Domain Routing (CIDR) IP address range: For example, 192.168.0.1/25.
You can specify multiple values separated by commas.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfSentTo
Applicable: Security & Compliance
The ExceptIfSentTo parameter specifies an exception for the auto-labeling policy rule that looks for recipients in messages. You can use any value that uniquely identifies the recipient. For example:
- Name
- Alias
- Distinguished name (DN)
- Canonical DN
- Email address
- GUID
You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".
You can use this exception in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfSentToMemberOf
Applicable: Security & Compliance
The ExceptIfSentToMemberOf parameter specifies an exception for the auto-labeling policy rule that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups. You identify the groups by email address. You can specify multiple values separated by commas.
You can use this exception in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | RecipientIdParameter[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExceptIfSubjectMatchesPatterns
Applicable: Security & Compliance
The ExceptIfSubjectMatchesPatterns parameter specifies an exception for the auto-labeling policy rule that looks for text patterns in the Subject field of messages by using regular expressions. You can specify multiple text patterns by using the following syntax: "regular expression1"|"regular expression2"|..."regular expressionN".
The maximum individual regular expression length is 128 characters. The maximum number of regular expressions is 10.
You can use this exception in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ExpiryDate
Applicable: Security & Compliance
This parameter is reserved for internal Microsoft use.
Parameter properties
| Type: | System.DateTime |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-From
Applicable: Security & Compliance
This parameter is reserved for internal Microsoft use.
Parameter properties
| Type: | RecipientIdParameter[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-FromAddressContainsWords
Applicable: Security & Compliance
The FromAddressContainsWords parameter specifies a condition for the auto-labeling policy rule that looks for words or phrases in the sender's email address. You can specify multiple words or phrases separated by commas.
- Single word:
"no_reply" - Multiple words:
no_reply,urgent,... - Multiple words and phrases:
"phrase 1",word1,"phrase with , or spaces",word2,...
The maximum individual word length is 128 characters. The maximum number of words or phrases is 50.
You can use this condition in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-FromAddressMatchesPatterns
Applicable: Security & Compliance
The FromAddressMatchesPatterns parameter specifies a condition for the auto-labeling policy rule that looks for text patterns in the sender's email address by using regular expressions. You can specify multiple text patterns by using the following syntax: "regular expression1"|"regular expression2"|..."regular expressionN".
The maximum individual regular expression length is 128 characters. The maximum number of regular expressions is 10.
You can use this condition in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-FromMemberOf
Applicable: Security & Compliance
This parameter is reserved for internal Microsoft use.
Parameter properties
| Type: | SmtpAddress[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-HeaderMatchesPatterns
Applicable: Security & Compliance
The HeaderMatchesPatterns parameter specifies a condition for the auto-labeling policy rule that looks for text patterns in a header field by using regular expressions. You can specify multiple text patterns by using the following syntax: "regular expression1","regular expression2",..."regular expressionN".
You can use this condition in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | PswsHashtable |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ImmutableId
Applicable: Security & Compliance
This parameter is reserved for internal Microsoft use.
Parameter properties
| Type: | System.Guid |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Name
Applicable: Security & Compliance
The Name parameter specifies a unique name for the auto-labeling policy rule. If the value contains spaces, enclose the value with quotation marks (").
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 0 |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Policy
Applicable: Security & Compliance
The Policy parameter specifies the auto-labeling policy that contains the auto-labeling policy rule. You can use any value that uniquely identifies the policy. For example:
- Name
- Distinguished name (DN)
- GUID
Parameter properties
| Type: | PolicyIdParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Priority
Applicable: Security & Compliance
This parameter is reserved for internal Microsoft use.
Parameter properties
| Type: | System.Int32 |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ProcessingLimitExceeded
Applicable: Security & Compliance
The ProcessingLimitExceeded parameter specifies a condition for the auto-labeling policy rule that looks for files where scanning couldn't complete. You can use this condition to create rules that work together to identify and process messages where the content couldn't be fully scanned. Valid values are:
- $true: Look for files where scanning couldn't complete.
- $false: Don't look for files where scanning couldn't complete.
Parameter properties
| Type: | Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-RecipientDomainIs
Applicable: Security & Compliance
The RecipientDomainIs parameter specifies a condition for the auto-labeling policy rule that looks for recipients with email addresses in the specified domains. You can specify multiple domains separated by commas.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ReportSeverityLevel
Applicable: Security & Compliance
The ReportSeverityLevel parameter specifies the severity level of the incident report for content detections based on the rule. Valid values are:
- None: You can't select this value if the rule has no actions configured.
- Low: This value is the default.
- Medium
- High
Parameter properties
| Type: | RuleSeverity |
| Default value: | None |
| Accepted values: | Low, Medium, High, None, Informational, Information |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-RuleErrorAction
Applicable: Security & Compliance
The RuleErrorAction parameter specifies what to do if an error is encountered during the evaluation of the rule. Valid values are:
- Ignore
- RetryThenBlock
- Blank (the value $null): This value is the default.
Parameter properties
| Type: | PolicyRuleErrorAction |
| Default value: | None |
| Accepted values: | Ignore, RetryThenBlock |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SenderDomainIs
Applicable: Security & Compliance
The SenderDomainIs parameter specifies a condition for the auto-labeling policy rule that looks for messages from senders with email address in the specified domains. You can specify multiple values separated by commas.
You can use this condition in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SenderIPRanges
Applicable: Security & Compliance
The SenderIpRanges parameter specifies a condition for the auto-sensitivity policy rule that looks for senders whose IP addresses matches the specified value, or fall within the specified ranges. Valid values are:
- Single IP address: For example, 192.168.1.1.
- IP address range: For example, 192.168.0.1-192.168.0.254.
- Classless Inter-Domain Routing (CIDR) IP address range: For example, 192.168.0.1/25.
You can specify multiple values separated by commas.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SentTo
Applicable: Security & Compliance
The SentTo parameter specifies a condition for the auto-sensitivity policy rule that looks for recipients in messages. You can use any value that uniquely identifies the recipient. For example:
- Name
- Alias
- Distinguished name (DN)
- Canonical DN
- Email address
- GUID
You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: "Value1","Value2",..."ValueN".
You can use this condition in auto-sensitivity policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SentToMemberOf
Applicable: Security & Compliance
The SentToMemberOf parameter specifies a condition for the auto-labeling policy rule that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups. You identify the groups by email address. You can specify multiple values separated by commas.
You can use this condition in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | RecipientIdParameter[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SourceType
Applicable: Security & Compliance
{{ Fill SourceType Description }}
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SubjectMatchesPatterns
Applicable: Security & Compliance
The SubjectMatchesPatterns parameter specifies a condition for the auto-labeling policy rule that looks for text patterns in the Subject field of messages by using regular expressions. You can specify multiple text patterns by using the following syntax: "regular expression1"|"regular expression2"|..."regular expressionN".
The maximum individual regular expression length is 128 characters. The maximum number of regular expressions is 10.
You can use this condition in auto-labeling policies that are scoped only to Exchange.
Parameter properties
| Type: | MultiValuedProperty |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-WhatIf
Applicable: Security & Compliance
The WhatIf switch doesn't work in Security & Compliance PowerShell.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Workload
Applicable: Security & Compliance
The Workload parameter specifies the workload. Valid values are:
- Exchange
- OneDriveForBusiness
- SharePoint
Parameter properties
| Type: | Workload |
| Default value: | None |
| Accepted values: | Exchange, SharePoint, OneDriveForBusiness |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.