Steps on how to automatically reject/block sensitive data patterns (SSN)
Go to “Office 365 Admin Center” then choose “Admin Centers”
Select “Exchange” and in the Exchange Admin Center go to “mail flow“
Under “rules” click on “+” to add a rule (create a new rule)
You can name the rule any name you want (sample Block SSN Data)
In *Apply this rule if – select “The recipient is located…” then select Outside the organization
Click “add condition” – select “The subject or body matches…” then enter this pattern \d\d\d-\d\d-\d\d\d\d (US-SSN patter
Under *Do the follow.. – if you’d like to block this message select “Reject the message with the explanation” – then you can type in any reason you want to be disclosed.
Optional – if you’d like the admin to be informed of the incident you can select – “Generate incident report and send it to…” – set the recipient who will receive the report and manage the content “you can select all“.