This configuration is designed to route the emails with DLP X-Header response “DLP reject” to quarantine. Currently, this configuration is supported using header “DLP-Reject”. In a
future release, DLP X-Header response “DLP-Quarantine” will be introduced.
Steps
-
In Google Admin Console, go to .
-
Under Content compliance section, click ADD ANOTHER RULE. The Add setting window appears.
-
In Content compliance field, enter the name or short description (ex. DLP Quarantine) for this compliance setting.
-
Under Email messages to affect section, select Outbound.
-
Under Add expressions that describe the content you want to search for in each message section, select If ANY of the following match the
message.
-
In Expressions section, click ADD. The Add setting window appears.
-
Select Advanced content match from the drop down.
-
Under Location section, select Full headers.
-
Under Match type section, select Starts with.
-
Under Content field, enter X-Forcepoint-DLP-Email: DLP-Reject.
-
Then click Save.
-
Under If the above expressions match, do the following section:
-
Select Quarantine message.
-
Enable Notify sender when mail is quarantined (onward delivery only)
-
Click Show options to enable additional options.
-
Under Account types to affect section, select Users, Groups and Unrecognized /
Catch-all.
-
Verify the settings and click SAVE.
The compliance setup for DLP Quarantine rule is created with the DLP-Reject header.
Note: After creation of the Gmail compliance for the DLP Quarantine, it might take few minutes but typically happen more quickly.
> 
> Google Workspace > Gmail > Compliance.
