Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=email-add-data-control-rule

Add rule

You can add rules to the Data Control policies to detect and manage sensitive information in emails. You define what to scan for and select what action to take when the rule matches.

To add a rule to an existing Data Control policy, do as follows:

  1. In Sophos Central, go to My Products > Email Security > Policies.
  2. Click an existing Data Control policy.
  3. Click Settings.
  4. Click Inbound or Outbound to set the direction of emails this rule checks.
  5. Click Add rule.
  6. Enter a rule name and description.

  7. Select a rule type.

    You can use Sophos-provided templates to detect common sensitive data, or create custom rules using CCLs, message attributes, or keywords. For information, see Rule type.

  8. Click Next.

  9. In Add items, configure the content the rule applies to, depending on the rule type.

    For most rule types, you can use Sophos-provided lists or custom lists specific to your needs.

    Select one or more of the following options under Search in to search for rule types in the corresponding location:

    • Subject
    • Body
    • Attachment Name
    • Attachment Content

    Where we search depends on the selection you make in Search in.

    When we find a rule type in one location, we stop searching there and start searching in the next location. We only report the first instance of a rule type in each location.

  10. Click Next.

  11. In Message Attributes, select the attributes you want to filter messages by.

    For more information, see Message attributes.

  12. Click Next.

    If you're creating an inbound rule, the External senders dialog appears. For an outbound rule, the External recipients dialog appears.

  13. Configure the external email addresses or domains that you want to include in or exclude from the rule.

    For more information, see External senders or recipients.

    This rule-level setting gives you more granular control. You can also configure external users and domains at the policy level. See External users and domains.

  14. Click Next.

  15. In Choose action, select what happens when the rule matches.

    For more information on the available actions, see Actions.

    The options may vary depending on whether the rule is inbound or outbound.

    You can also combine rule types by selecting actions that allow continued processing. If supported, the Continue processing option appears, and you can turn it on.

  16. Turn on Filter messages with this rule to enforce the rule.

  17. Click Save.

When the rule is turned on, messages that match appear in the Data Control summary and Message History reports.