Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EXOTransportRule Broken #5500

Closed
jadamones opened this issue Dec 3, 2024 · 3 comments
Closed

EXOTransportRule Broken #5500

jadamones opened this issue Dec 3, 2024 · 3 comments

Comments

@jadamones
Copy link

jadamones commented Dec 3, 2024
edited
Loading

Description of the issue

EXOTransportRule suddenly seems to fail a DSC test despite the configuration not being in drift.

<M365DSCEvent>
    <ConfigurationDrift Source="MSFT_EXOTransportRule" TenantId="xxx.onmicrosoft.com">
        <ParametersNotInDesiredState>
            <Param Name="RecipientDomainIs"></Param>
            <Param Name="ExceptIfRecipientAddressContainsWords"></Param>
            <Param Name="ExceptIfRecipientInSenderList"></Param>
            <Param Name="ExceptIfSenderInRecipientList"></Param>
            <Param Name="ExceptIfAttachmentNameMatchesPatterns"></Param>
            <Param Name="ExceptIfAttachmentPropertyContainsWords"></Param>
            <Param Name="FromAddressContainsWords"></Param>
            <Param Name="ExceptIfHeaderContainsWords"></Param>
            <Param Name="ExceptIfSenderADAttributeMatchesPatterns"></Param>
            <Param Name="AttachmentPropertyContainsWords"></Param>
            <Param Name="RecipientAddressContainsWords"></Param>
            <Param Name="ExceptIfAnyOfRecipientAddressMatchesPatterns"></Param>
            <Param Name="AttachmentNameMatchesPatterns"></Param>
            <Param Name="ExceptIfAttachmentContainsWords"></Param>
            <Param Name="ExceptIfAttachmentExtensionMatchesWords"></Param>
            <Param Name="AttachmentContainsWords"></Param>
            <Param Name="HeaderContainsWords"></Param>
            <Param Name="FromAddressMatchesPatterns"></Param>
            <Param Name="SubjectOrBodyMatchesPatterns"></Param>
            <Param Name="ExceptIfAttachmentMatchesPatterns"></Param>
            <Param Name="ExceptIfSenderADAttributeContainsWords"></Param>
            <Param Name="RecipientADAttributeMatchesPatterns"></Param>
            <Param Name="SenderDomainIs"></Param>
            <Param Name="ExceptIfSubjectOrBodyContainsWords"></Param>
            <Param Name="ExceptIfFromAddressContainsWords"></Param>
            <Param Name="ExceptIfRecipientADAttributeContainsWords"></Param>
            <Param Name="ExceptIfRecipientDomainIs"></Param>
            <Param Name="ExceptIfAnyOfRecipientAddressContainsWords"></Param>
            <Param Name="AnyOfRecipientAddressContainsWords"></Param>
            <Param Name="ExceptIfSubjectContainsWords"></Param>
            <Param Name="AttachmentMatchesPatterns"></Param>
            <Param Name="AnyOfRecipientAddressMatchesPatterns"></Param>
            <Param Name="ExceptIfSenderDomainIs"></Param>
            <Param Name="SenderADAttributeContainsWords"></Param>
            <Param Name="ExceptIfSubjectMatchesPatterns"></Param>
            <Param Name="HeaderMatchesPatterns"></Param>
            <Param Name="SubjectOrBodyContainsWords"></Param>
            <Param Name="ExceptIfRecipientADAttributeMatchesPatterns"></Param>
            <Param Name="RecipientAddressMatchesPatterns"></Param>
            <Param Name="AttachmentExtensionMatchesWords"></Param>
            <Param Name="RecipientADAttributeContainsWords"></Param>
            <Param Name="ExceptIfSubjectOrBodyMatchesPatterns"></Param>
            <Param Name="ExceptIfSenderIpRanges"></Param>
            <Param Name="SubjectContainsWords"></Param>
            <Param Name="SenderADAttributeMatchesPatterns"></Param>
            <Param Name="ExceptIfFromAddressMatchesPatterns"></Param>
            <Param Name="RecipientInSenderList"></Param>
            <Param Name="ExceptIfHeaderMatchesPatterns"></Param>
            <Param Name="ExceptIfRecipientAddressMatchesPatterns"></Param>
            <Param Name="SubjectMatchesPatterns"></Param>
            <Param Name="SenderIpRanges"></Param>
            <Param Name="MessageContainsDataClassifications"></Param>
            <Param Name="ContentCharacterSetContainsWords"></Param>
        </ParametersNotInDesiredState>
    </ConfigurationDrift>
    <DesiredValues>
        <Param Name ="Name">No-reply blocking</Param>
        <Param Name ="AnyOfRecipientAddressContainsWords">$null</Param>
        <Param Name ="AnyOfRecipientAddressMatchesPatterns">$null</Param>
        <Param Name ="ApplyOME">False</Param>
        <Param Name ="AttachmentContainsWords">$null</Param>
        <Param Name ="AttachmentExtensionMatchesWords">$null</Param>
        <Param Name ="AttachmentHasExecutableContent">False</Param>
        <Param Name ="AttachmentIsPasswordProtected">False</Param>
        <Param Name ="AttachmentIsUnsupported">False</Param>
        <Param Name ="AttachmentMatchesPatterns">$null</Param>
        <Param Name ="AttachmentNameMatchesPatterns">$null</Param>
        <Param Name ="AttachmentProcessingLimitExceeded">False</Param>
        <Param Name ="AttachmentPropertyContainsWords">$null</Param>
        <Param Name ="ContentCharacterSetContainsWords">$null</Param>
        <Param Name ="DeleteMessage">False</Param>
        <Param Name ="Enabled">False</Param>
        <Param Name ="ExceptIfAnyOfRecipientAddressContainsWords">$null</Param>
        <Param Name ="ExceptIfAnyOfRecipientAddressMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfAttachmentContainsWords">$null</Param>
        <Param Name ="ExceptIfAttachmentExtensionMatchesWords">$null</Param>
        <Param Name ="ExceptIfAttachmentHasExecutableContent">False</Param>
        <Param Name ="ExceptIfAttachmentIsPasswordProtected">False</Param>
        <Param Name ="ExceptIfAttachmentIsUnsupported">False</Param>
        <Param Name ="ExceptIfAttachmentMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfAttachmentNameMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfAttachmentPropertyContainsWords">$null</Param>
        <Param Name ="ExceptIfAttachmentProcessingLimitExceeded">False</Param>
        <Param Name ="ExceptIfFromAddressContainsWords">$null</Param>
        <Param Name ="ExceptIfFromAddressMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfHasNoClassification">False</Param>
        <Param Name ="ExceptIfHeaderContainsWords">$null</Param>
        <Param Name ="ExceptIfHeaderMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfRecipientADAttributeContainsWords">$null</Param>
        <Param Name ="ExceptIfRecipientADAttributeMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfRecipientAddressContainsWords">$null</Param>
        <Param Name ="ExceptIfRecipientAddressMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfRecipientDomainIs">$null</Param>
        <Param Name ="ExceptIfRecipientInSenderList">$null</Param>
        <Param Name ="ExceptIfSenderADAttributeContainsWords">$null</Param>
        <Param Name ="ExceptIfSenderADAttributeMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfSenderDomainIs">$null</Param>
        <Param Name ="ExceptIfSenderInRecipientList">$null</Param>
        <Param Name ="ExceptIfSenderIpRanges">$null</Param>
        <Param Name ="ExceptIfSubjectContainsWords">$null</Param>
        <Param Name ="ExceptIfSubjectMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfSubjectOrBodyContainsWords">$null</Param>
        <Param Name ="ExceptIfSubjectOrBodyMatchesPatterns">$null</Param>
        <Param Name ="FromAddressContainsWords">$null</Param>
        <Param Name ="FromAddressMatchesPatterns">$null</Param>
        <Param Name ="HasNoClassification">False</Param>
        <Param Name ="HeaderContainsWords">$null</Param>
        <Param Name ="HeaderMatchesPatterns">$null</Param>
        <Param Name ="MessageContainsDataClassifications">$null</Param>
        <Param Name ="Mode">Enforce</Param>
        <Param Name ="ModerateMessageByManager">False</Param>
        <Param Name ="Priority">0</Param>
        <Param Name ="Quarantine">False</Param>
        <Param Name ="RecipientADAttributeContainsWords">$null</Param>
        <Param Name ="RecipientADAttributeMatchesPatterns">$null</Param>
        <Param Name ="RecipientAddressContainsWords">$null</Param>
        <Param Name ="RecipientAddressMatchesPatterns">$null</Param>
        <Param Name ="RecipientAddressType">Resolved</Param>
        <Param Name ="RecipientDomainIs">$null</Param>
        <Param Name ="RecipientInSenderList">$null</Param>
        <Param Name ="RejectMessageEnhancedStatusCode">5.7.1</Param>
        <Param Name ="RejectMessageReasonText">This email address is not monitored and does not receive emails.</Param>
        <Param Name ="RemoveOME">False</Param>
        <Param Name ="RemoveOMEv2">False</Param>
        <Param Name ="RemoveRMSAttachmentEncryption">False</Param>
        <Param Name ="RouteMessageOutboundRequireTls">False</Param>
        <Param Name ="RuleErrorAction">Ignore</Param>
        <Param Name ="RuleSubType">None</Param>
        <Param Name ="SenderADAttributeContainsWords">$null</Param>
        <Param Name ="SenderADAttributeMatchesPatterns">$null</Param>
        <Param Name ="SenderAddressLocation">Header</Param>
        <Param Name ="SenderDomainIs">$null</Param>
        <Param Name ="SenderIpRanges">$null</Param>
        <Param Name ="SentTo">360syncsupport@xxx.Com</Param>
        <Param Name ="StopRuleProcessing">False</Param>
        <Param Name ="SubjectContainsWords">$null</Param>
        <Param Name ="SubjectMatchesPatterns">$null</Param>
        <Param Name ="SubjectOrBodyContainsWords">$null</Param>
        <Param Name ="SubjectOrBodyMatchesPatterns">$null</Param>
        <Param Name ="Ensure">Present</Param>
        <Param Name ="ApplicationId">xxxx</Param>
        <Param Name ="TenantId">xxx</Param>
        <Param Name ="CertificateThumbprint">xxx</Param>
        <Param Name ="AccessTokens">$null</Param>
        <Param Name ="Verbose">True</Param>
    </DesiredValues>
    <CurrentValues>
        <Param Name ="ExceptIfMessageSizeOver">$null</Param>
        <Param Name ="AnyOfCcHeaderMemberOf">$null</Param>
        <Param Name ="ExceptIfHeaderMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfFromMemberOf">$null</Param>
        <Param Name ="ExceptIfSenderADAttributeContainsWords">$null</Param>
        <Param Name ="ModerateMessageByUser">$null</Param>
        <Param Name ="Priority">0</Param>
        <Param Name ="SenderDomainIs">$null</Param>
        <Param Name ="SubjectMatchesPatterns">$null</Param>
        <Param Name ="ApplyHtmlDisclaimerLocation">$null</Param>
        <Param Name ="ExceptIfAnyOfRecipientAddressContainsWords">$null</Param>
        <Param Name ="FromAddressContainsWords">$null</Param>
        <Param Name ="HeaderContainsMessageHeader">$null</Param>
        <Param Name ="ExceptIfADComparisonOperator">$null</Param>
        <Param Name ="ExceptIfAnyOfCcHeaderMemberOf">$null</Param>
        <Param Name ="RemoveRMSAttachmentEncryption">False</Param>
        <Param Name ="AttachmentSizeOver">$null</Param>
        <Param Name ="HeaderMatchesPatterns">$null</Param>
        <Param Name ="RecipientInSenderList">$null</Param>
        <Param Name ="DlpPolicy">$null</Param>
        <Param Name ="StopRuleProcessing">False</Param>
        <Param Name ="Comments">$null</Param>
        <Param Name ="RejectMessageEnhancedStatusCode">5.7.1</Param>
        <Param Name ="ExceptIfFrom">$null</Param>
        <Param Name ="AnyOfToCcHeaderMemberOf">$null</Param>
        <Param Name ="RejectMessageReasonText">This email address is not monitored and does not receive emails.</Param>
        <Param Name ="FromMemberOf">$null</Param>
        <Param Name ="RecipientAddressContainsWords">$null</Param>
        <Param Name ="RemoveHeader">$null</Param>
        <Param Name ="AttachmentMatchesPatterns">$null</Param>
        <Param Name ="AddManagerAsRecipientType">$null</Param>
        <Param Name ="ExceptIfContentCharacterSetContainsWords">$null</Param>
        <Param Name ="BetweenMemberOf1">$null</Param>
        <Param Name ="PrependSubject">$null</Param>
        <Param Name ="ModerateMessageByManager">False</Param>
        <Param Name ="RemoveOMEv2">False</Param>
        <Param Name ="ApplyClassification">$null</Param>
        <Param Name ="SubjectOrBodyMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfHeaderContainsMessageHeader">$null</Param>
        <Param Name ="ManagerForEvaluatedUser">$null</Param>
        <Param Name ="SCLOver">$null</Param>
        <Param Name ="ApplicationId">xxx</Param>
        <Param Name ="ExceptIfWithImportance">$null</Param>
        <Param Name ="ManagerAddresses">$null</Param>
        <Param Name ="AccessTokens">$null</Param>
        <Param Name ="Mode">Enforce</Param>
        <Param Name ="ApplyHtmlDisclaimerFallbackAction">$null</Param>
        <Param Name ="AttachmentIsUnsupported">False</Param>
        <Param Name ="SentToScope">$null</Param>
        <Param Name ="SenderManagementRelationship">$null</Param>
        <Param Name ="ExceptIfAttachmentNameMatchesPatterns">$null</Param>
        <Param Name ="AnyOfToHeader">$null</Param>
        <Param Name ="ExceptIfManagerForEvaluatedUser">$null</Param>
        <Param Name ="ExceptIfBetweenMemberOf1">$null</Param>
        <Param Name ="ExceptIfAnyOfToCcHeaderMemberOf">$null</Param>
        <Param Name ="ExceptIfSubjectOrBodyMatchesPatterns">$null</Param>
        <Param Name ="AnyOfCcHeader">$null</Param>
        <Param Name ="ExceptIfSentToMemberOf">$null</Param>
        <Param Name ="ExceptIfHeaderMatchesMessageHeader">$null</Param>
        <Param Name ="ExceptIfSentToScope">$null</Param>
        <Param Name ="AttachmentProcessingLimitExceeded">False</Param>
        <Param Name ="ExceptIfSenderManagementRelationship">$null</Param>
        <Param Name ="ExceptIfAnyOfCcHeader">$null</Param>
        <Param Name ="CertificateThumbprint">xxx</Param>
        <Param Name ="ApplyOME">False</Param>
        <Param Name ="AttachmentPropertyContainsWords">$null</Param>
        <Param Name ="AnyOfToCcHeader">$null</Param>
        <Param Name ="RecipientDomainIs">$null</Param>
        <Param Name ="RecipientAddressType">Resolved</Param>
        <Param Name ="From">$null</Param>
        <Param Name ="HeaderMatchesMessageHeader">$null</Param>
        <Param Name ="Quarantine">False</Param>
        <Param Name ="ExceptIfADComparisonAttribute">$null</Param>
        <Param Name ="RecipientADAttributeContainsWords">$null</Param>
        <Param Name ="HasNoClassification">False</Param>
        <Param Name ="ExceptIfAttachmentHasExecutableContent">False</Param>
        <Param Name ="ExceptIfSentTo">$null</Param>
        <Param Name ="ExceptIfSubjectOrBodyContainsWords">$null</Param>
        <Param Name ="RuleErrorAction">Ignore</Param>
        <Param Name ="ExceptIfHasClassification">$null</Param>
        <Param Name ="HasClassification">$null</Param>
        <Param Name ="ExceptIfSenderIpRanges">$null</Param>
        <Param Name ="FromScope">$null</Param>
        <Param Name ="AnyOfRecipientAddressContainsWords">$null</Param>
        <Param Name ="ExceptIfSenderDomainIs">$null</Param>
        <Param Name ="AddToRecipients">$null</Param>
        <Param Name ="ApplyHtmlDisclaimerText">$null</Param>
        <Param Name ="AttachmentIsPasswordProtected">False</Param>
        <Param Name ="Enabled">False</Param>
        <Param Name ="RecipientADAttributeMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfRecipientADAttributeMatchesPatterns">$null</Param>
        <Param Name ="BetweenMemberOf2">$null</Param>
        <Param Name ="SenderAddressLocation">Header</Param>
        <Param Name ="RuleSubType">None</Param>
        <Param Name ="ExceptIfRecipientAddressContainsWords">$null</Param>
        <Param Name ="HeaderContainsWords">$null</Param>
        <Param Name ="ExceptIfMessageTypeMatches">$null</Param>
        <Param Name ="ActivationDate">$null</Param>
        <Param Name ="ExceptIfSCLOver">$null</Param>
        <Param Name ="ExpiryDate">$null</Param>
        <Param Name ="TenantId">xxxx.onmicrosoft.com</Param>
        <Param Name ="ApplyRightsProtectionTemplate">$null</Param>
        <Param Name ="SetHeaderName">$null</Param>
        <Param Name ="ExceptIfSenderADAttributeMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfAttachmentContainsWords">$null</Param>
        <Param Name ="SenderInRecipientList">$null</Param>
        <Param Name ="SetAuditSeverity">$null</Param>
        <Param Name ="Name">No-reply blocking</Param>
        <Param Name ="SentTo">360syncsupport@xxx.Com</Param>
        <Param Name ="ExceptIfManagerAddresses">$null</Param>
        <Param Name ="ADComparisonAttribute">$null</Param>
        <Param Name ="ExceptIfHasNoClassification">False</Param>
        <Param Name ="ApplyRightsProtectionCustomizationTemplate">$null</Param>
        <Param Name ="ExceptIfAttachmentPropertyContainsWords">$null</Param>
        <Param Name ="SenderIpRanges">$null</Param>
        <Param Name ="MessageTypeMatches">$null</Param>
        <Param Name ="CertificatePassword">$null</Param>
        <Param Name ="AttachmentHasExecutableContent">False</Param>
        <Param Name ="ExceptIfAttachmentMatchesPatterns">$null</Param>
        <Param Name ="Ensure">Present</Param>
        <Param Name ="Credential">$null</Param>
        <Param Name ="BlindCopyTo">$null</Param>
        <Param Name ="SetSCL">$null</Param>
        <Param Name ="ExceptIfAnyOfToHeaderMemberOf">$null</Param>
        <Param Name ="RedirectMessageTo">$null</Param>
        <Param Name ="Managedidentity">False</Param>
        <Param Name ="ExceptIfSubjectContainsWords">$null</Param>
        <Param Name ="ExceptIfAttachmentExtensionMatchesWords">$null</Param>
        <Param Name ="SubjectContainsWords">$null</Param>
        <Param Name ="RemoveOME">False</Param>
        <Param Name ="RouteMessageOutboundConnector">$null</Param>
        <Param Name ="CopyTo">$null</Param>
        <Param Name ="ExceptIfAnyOfToCcHeader">$null</Param>
        <Param Name ="GenerateNotification">$null</Param>
        <Param Name ="ExceptIfRecipientADAttributeContainsWords">$null</Param>
        <Param Name ="DeleteMessage">False</Param>
        <Param Name ="ExceptIfAnyOfToHeader">$null</Param>
        <Param Name ="ADComparisonOperator">$null</Param>
        <Param Name ="SetHeaderValue">$null</Param>
        <Param Name ="AnyOfToHeaderMemberOf">$null</Param>
        <Param Name ="ExceptIfHeaderContainsWords">$null</Param>
        <Param Name ="RecipientAddressMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfAnyOfRecipientAddressMatchesPatterns">$null</Param>
        <Param Name ="FromAddressMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfFromAddressMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfAttachmentProcessingLimitExceeded">False</Param>
        <Param Name ="AttachmentNameMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfRecipientInSenderList">$null</Param>
        <Param Name ="ExceptIfRecipientDomainIs">$null</Param>
        <Param Name ="SenderADAttributeMatchesPatterns">$null</Param>
        <Param Name ="ExceptIfAttachmentIsPasswordProtected">False</Param>
        <Param Name ="AttachmentExtensionMatchesWords">$null</Param>
        <Param Name ="ContentCharacterSetContainsWords">$null</Param>
        <Param Name ="ExceptIfRecipientAddressMatchesPatterns">$null</Param>
        <Param Name ="CertificatePath">$null</Param>
        <Param Name ="ExceptIfAttachmentIsUnsupported">False</Param>
        <Param Name ="SentToMemberOf">$null</Param>
        <Param Name ="ExceptIfBetweenMemberOf2">$null</Param>
        <Param Name ="SenderADAttributeContainsWords">$null</Param>
        <Param Name ="SubjectOrBodyContainsWords">$null</Param>
        <Param Name ="RouteMessageOutboundRequireTls">False</Param>
        <Param Name ="ExceptIfFromAddressContainsWords">$null</Param>
        <Param Name ="ExceptIfFromScope">$null</Param>
        <Param Name ="AnyOfRecipientAddressMatchesPatterns">$null</Param>
        <Param Name ="WithImportance">$null</Param>
        <Param Name ="GenerateIncidentReport">$null</Param>
        <Param Name ="ExceptIfAttachmentSizeOver">$null</Param>
        <Param Name ="ExceptIfSenderInRecipientList">$null</Param>
        <Param Name ="MessageSizeOver">$null</Param>
        <Param Name ="AttachmentContainsWords">$null</Param>
        <Param Name ="IncidentReportContent">$null</Param>
        <Param Name ="ExceptIfSubjectMatchesPatterns">$null</Param>
    </CurrentValues>
</M365DSCEvent>

Microsoft 365 DSC Version

v1.24.1127.1

Which workloads are affected

Exchange Online

The DSC configuration

EXOTransportRule "EXOTransportRule-No-reply blocking"
    {
        AccessTokens                                 = $AccessTokens;
        AnyOfRecipientAddressContainsWords           = @();
        AnyOfRecipientAddressMatchesPatterns         = @();
        ApplicationId                                = $ApplicationId;
        ApplyOME                                     = $False;
        AttachmentContainsWords                      = @();
        AttachmentExtensionMatchesWords              = @();
        AttachmentHasExecutableContent               = $False;
        AttachmentIsPasswordProtected                = $False;
        AttachmentIsUnsupported                      = $False;
        AttachmentMatchesPatterns                    = @();
        AttachmentNameMatchesPatterns                = @();
        AttachmentProcessingLimitExceeded            = $False;
        AttachmentPropertyContainsWords              = @();
        CertificateThumbprint                        = $Thumbprint;
        ContentCharacterSetContainsWords             = @();
        DeleteMessage                                = $False;
        Enabled                                      = $False;
        Ensure                                       = "Present";
        ExceptIfAnyOfRecipientAddressContainsWords   = @();
        ExceptIfAnyOfRecipientAddressMatchesPatterns = @();
        ExceptIfAttachmentContainsWords              = @();
        ExceptIfAttachmentExtensionMatchesWords      = @();
        ExceptIfAttachmentHasExecutableContent       = $False;
        ExceptIfAttachmentIsPasswordProtected        = $False;
        ExceptIfAttachmentIsUnsupported              = $False;
        ExceptIfAttachmentMatchesPatterns            = @();
        ExceptIfAttachmentNameMatchesPatterns        = @();
        ExceptIfAttachmentProcessingLimitExceeded    = $False;
        ExceptIfAttachmentPropertyContainsWords      = @();
        ExceptIfFromAddressContainsWords             = @();
        ExceptIfFromAddressMatchesPatterns           = @();
        ExceptIfHasNoClassification                  = $False;
        ExceptIfHeaderContainsWords                  = @();
        ExceptIfHeaderMatchesPatterns                = @();
        ExceptIfRecipientADAttributeContainsWords    = @();
        ExceptIfRecipientADAttributeMatchesPatterns  = @();
        ExceptIfRecipientAddressContainsWords        = @();
        ExceptIfRecipientAddressMatchesPatterns      = @();
        ExceptIfRecipientDomainIs                    = @();
        ExceptIfRecipientInSenderList                = @();
        ExceptIfSenderADAttributeContainsWords       = @();
        ExceptIfSenderADAttributeMatchesPatterns     = @();
        ExceptIfSenderDomainIs                       = @();
        ExceptIfSenderInRecipientList                = @();
        ExceptIfSenderIpRanges                       = @();
        ExceptIfSubjectContainsWords                 = @();
        ExceptIfSubjectMatchesPatterns               = @();
        ExceptIfSubjectOrBodyContainsWords           = @();
        ExceptIfSubjectOrBodyMatchesPatterns         = @();
        FromAddressContainsWords                     = @();
        FromAddressMatchesPatterns                   = @();
        HasNoClassification                          = $False;
        HeaderContainsWords                          = @();
        HeaderMatchesPatterns                        = @();
        MessageContainsDataClassifications           = @();
        Mode                                         = "Enforce";
        ModerateMessageByManager                     = $False;
        Name                                         = "No-reply blocking";
        Priority                                     = 0;
        Quarantine                                   = $False;
        RecipientADAttributeContainsWords            = @();
        RecipientADAttributeMatchesPatterns          = @();
        RecipientAddressContainsWords                = @();
        RecipientAddressMatchesPatterns              = @();
        RecipientAddressType                         = "Resolved";
        RecipientDomainIs                            = @();
        RecipientInSenderList                        = @();
        RejectMessageEnhancedStatusCode              = "5.7.1";
        RejectMessageReasonText                      = "This email address is not monitored and does not receive emails.";
        RemoveOME                                    = $False;
        RemoveOMEv2                                  = $False;
        RemoveRMSAttachmentEncryption                = $False;
        RouteMessageOutboundRequireTls               = $False;
        RuleErrorAction                              = "Ignore";
        RuleSubType                                  = "None";
        SenderADAttributeContainsWords               = @();
        SenderADAttributeMatchesPatterns             = @();
        SenderAddressLocation                        = "Header";
        SenderDomainIs                               = @();
        SenderInRecipientList                        = @();
        SenderIpRanges                               = @();
        SentTo                                       = @("[email protected]");
        StopRuleProcessing                           = $False;
        SubjectContainsWords                         = @();
        SubjectMatchesPatterns                       = @();
        SubjectOrBodyContainsWords                   = @();
        SubjectOrBodyMatchesPatterns                 = @();
        TenantId                                     = $TenantId;
    }

Verbose logs showing the problem



Environment Information + PowerShell Version



      		
    

      
  





        

            


            

              
            

        

      


      
    








      

    



      

  
            

    

      
    

    


      

          @jadamones
jadamones




        changed the title
EXOTransportRule NotInDesiredState

EXOTransportRule Broken


      Dec 9, 2024

    

  








      

  
      



  

  @jadamones





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      



      

  Author


  


  

    

  





      


        


  
    

      
          
Just following up on this. In the later version since 1.24.1127.1 transport rule testing seems to be broken. This example shows the same rule above but demonstrates that each parameter is in the desired state, however, it fails each time it's tested:







<style>

</style>







Parameter
Current Value
Desired Value






Name
No-reply blocking
No-reply blocking




AnyOfRecipientAddressContainsWords
$null
$null




AnyOfRecipientAddressMatchesPatterns
$null
$null




ApplyOME
FALSE
FALSE




AttachmentContainsWords
$null
$null




AttachmentExtensionMatchesWords
$null
$null




AttachmentHasExecutableContent
FALSE
FALSE




AttachmentIsPasswordProtected
FALSE
FALSE




AttachmentIsUnsupported
FALSE
FALSE




AttachmentMatchesPatterns
$null
$null




AttachmentNameMatchesPatterns
$null
$null




AttachmentProcessingLimitExceeded
FALSE
FALSE




AttachmentPropertyContainsWords
$null
$null




ContentCharacterSetContainsWords
$null
$null




DeleteMessage
FALSE
FALSE




Enabled
FALSE
FALSE




ExceptIfAnyOfRecipientAddressContainsWords
$null
$null




ExceptIfAnyOfRecipientAddressMatchesPatterns
$null
$null




ExceptIfAttachmentContainsWords
$null
$null




ExceptIfAttachmentExtensionMatchesWords
$null
$null




ExceptIfAttachmentHasExecutableContent
FALSE
FALSE




ExceptIfAttachmentIsPasswordProtected
FALSE
FALSE




ExceptIfAttachmentIsUnsupported
FALSE
FALSE




ExceptIfAttachmentMatchesPatterns
$null
$null




ExceptIfAttachmentNameMatchesPatterns
$null
$null




ExceptIfAttachmentPropertyContainsWords
$null
$null




ExceptIfAttachmentProcessingLimitExceeded
FALSE
FALSE




ExceptIfFromAddressContainsWords
$null
$null




ExceptIfFromAddressMatchesPatterns
$null
$null




ExceptIfHasNoClassification
FALSE
FALSE




ExceptIfHeaderContainsWords
$null
$null




ExceptIfHeaderMatchesPatterns
$null
$null




ExceptIfRecipientADAttributeContainsWords
$null
$null




ExceptIfRecipientADAttributeMatchesPatterns
$null
$null




ExceptIfRecipientAddressContainsWords
$null
$null




ExceptIfRecipientAddressMatchesPatterns
$null
$null




ExceptIfRecipientDomainIs
$null
$null




ExceptIfRecipientInSenderList
$null
$null




ExceptIfSenderADAttributeContainsWords
$null
$null




ExceptIfSenderADAttributeMatchesPatterns
$null
$null




ExceptIfSenderDomainIs
$null
$null




ExceptIfSenderInRecipientList
$null
$null




ExceptIfSenderIpRanges
$null
$null




ExceptIfSubjectContainsWords
$null
$null




ExceptIfSubjectMatchesPatterns
$null
$null




ExceptIfSubjectOrBodyContainsWords
$null
$null




ExceptIfSubjectOrBodyMatchesPatterns
$null
$null




FromAddressContainsWords
$null
$null




FromAddressMatchesPatterns
$null
$null




HasNoClassification
FALSE
FALSE




HeaderContainsWords
$null
$null




HeaderMatchesPatterns
$null
$null




MessageContainsDataClassifications
$null
$null




Mode
Enforce
Enforce




ModerateMessageByManager
FALSE
FALSE




Priority
0
0




Quarantine
FALSE
FALSE




RecipientADAttributeContainsWords
$null
$null




RecipientADAttributeMatchesPatterns
$null
$null




RecipientAddressContainsWords
$null
$null




RecipientAddressMatchesPatterns
$null
$null




RecipientAddressType
Resolved
Resolved




RecipientDomainIs
$null
$null




RecipientInSenderList
$null
$null




RejectMessageEnhancedStatusCode
5.7.1
5.7.1




RejectMessageReasonText
This email address is not   monitored and does not receive emails.
This email address is not   monitored and does not receive emails.




RemoveOME
FALSE
FALSE




RemoveOMEv2
FALSE
FALSE




RemoveRMSAttachmentEncryption
FALSE
FALSE




RouteMessageOutboundRequireTls
FALSE
FALSE




RuleErrorAction
Ignore
Ignore




RuleSubType
None
None




SenderADAttributeContainsWords
$null
$null




SenderADAttributeMatchesPatterns
$null
$null




SenderAddressLocation
Header
Header




SenderDomainIs
$null
$null




SenderIpRanges
$null
$null




StopRuleProcessing
FALSE
FALSE




SubjectContainsWords
$null
$null




SubjectMatchesPatterns
$null
$null




SubjectOrBodyContainsWords
$null
$null




SubjectOrBodyMatchesPatterns
$null
$null




Ensure
Present
Present




AccessTokens
$null
$null




Verbose
TRUE
TRUE







      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
      



  

  @Morph2310





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      



      

  


  

    

  





      


        


  
    

      
          
Hello,


I have an additional question regarding EXO Transport rules, I see that in your case the "SenderIpRanges" gives no outcome.

Maybe somebody encountered such issue? My Rules has it configured, all settings are being exported, but any IP ranges I get are always empty.

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
          

  

    
  


  

      

    @jadamones
jadamones



    mentioned this issue
    
      Dec 18, 2024
    





  


  

      
  
  Closed

  







  









      

  
      



  

  @ykuijs





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      

  
  Member


      

  


  

    

      

      
            ykuijs
  

      

      

      commented


        Dec 18, 2024


      
    


  





      


        


  
    

      
          
This is indeed a regression since 1.24.1127.1. Am now investigating.


This is a duplicate with #5575. Closing this one. Will update on the progress in the other issue.

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
            

    

      
    

    


      

          @ykuijs
ykuijs




            closed this as completed


      Dec 18, 2024

    

  


    











  
  

    

      

  





  




  
  

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



  






  
                  




    

  


      
  

    Assignees
  



        

    No one assigned







      


  


  

    Labels
  



    

    None yet







      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    
      

        
    

    Development
  




          
    
No branches or pull requests







    
  




      

    

  
      

  

    

      3 participants
    

    

        
          @ykuijs 
        
          @jadamones 
        
          @Morph2310