MC1024387 - Microsoft Purview | Data Loss Prevention: New predicates for email DLP to detect number of domains or recipients

Customers have expressed a significant pain point in managing and controlling the distribution of sensitive information in email. The lack of predicates to monitor the number of recipients or domains in outgoing emails poses a risk of data leaks and non-compliance with regulatory requirements. We are addressing this issue in Microsoft Purview | Data Loss Prevention by rolling out new predicates that will enable organizations to set precise policies that trigger alerts or actions when emails exceed a specified number of recipients or domains. This feature is essential for enhancing data security, ensuring compliance, and providing peace of mind to organizations concerned about unauthorized data dissemination.

This message is associated with Microsoft 365 Roadmap ID 483158.

When this will happen:

Public Preview: We will begin rolling out late April 2025 and expect to complete by mid-May 2025.

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out late May 2025 and expect to complete by mid-June 2025.

How this will affect your organization:

After this rollout, admins can use the new predicates in Data Loss Prevention > Policy settings > Create rule > Unique recipients greater than and Unique domains greater than to take action on emails based on the number of recipients or domains in the email:

This change will be available by default for admins to configure.

What you need to do to prepare:

This rollout will happen automatically by the specified dates with no admin action required before the rollout. Review your current configuration to determine the impact for your organization. You may want to notify your users about this change and update any relevant documentation.

Learn more: New-DlpComplianceRule (ExchangePowerShell) | Microsoft Learn (will be updated before rollout)