Purview Exchange DLP Granular Failure Controls Preview July 2026

Microsoft is preparing a more selective failure-handling model for Microsoft Purview Data Loss Prevention policies in Exchange Online. The feature, called Granular Protections for Exchange Online, is listed on the Microsoft 365 Roadmap as in development, with public preview availability targeted for July 2026 and general availability planned for August 2026.
Rather than treating every content-classification or text-extraction failure as the same event, administrators will be able to create DLP policies around individual failure types. Microsoft specifically calls out timeouts, throttling, and other scan errors.

A secure email gateway scans attachments, categorizes failures, and applies policy actions via monitoring dashboards.Why the change matters​

Exchange DLP policies inspect email content and attachments for sensitive information, then apply actions such as blocking, encrypting, rerouting, or requiring approval. But scanning is not infallible: attachments may be unreadable, content extraction can fail, and the underlying classification service can time out or be throttled.
A blanket policy for all scan failures forces security teams into an awkward choice. They can apply aggressive handling to every error and risk disrupting legitimate mail, or allow messages through and accept a potentially larger inspection gap. Microsoft’s planned controls should let teams distinguish between failure modes and apply proportional responses.
For example, an organization could choose to audit transient timeout events while escalating messages whose attachments could not be scanned at all. That is materially more useful than a single catch-all rule, particularly for tenants with large attachments, encrypted documents, complex file types, or high message volumes.

Exchange-only, and still preview​

The Roadmap entry applies to Microsoft Purview and Exchange Online in Microsoft’s worldwide standard multi-tenant cloud. It is not presented as a Windows client feature, and it does not change Outlook’s local DLP user interface by itself. The policy evaluation remains an Exchange Online and Purview administrative function.
Microsoft’s existing Purview documentation already exposes Exchange DLP conditions for cases where a document could not be scanned or did not complete scanning. Activity Explorer can also show matched-condition details for Exchange DLP events, including attachment scanning conditions. The roadmap item appears aimed at refining the policy controls behind those types of failures so administrators can target the reason an inspection did not complete.

What admins should do​

There is nothing to configure until the preview reaches the tenant. When it does, Purview administrators should avoid immediately attaching restrictive actions to every new failure category.
  • Review current Exchange DLP rules that handle unscannable or incompletely scanned attachments.
  • Test failure-specific actions in an audit or simulation-oriented policy before enforcing blocks.
  • Check Activity Explorer and service health data to determine whether a rise in timeouts or throttling reflects tenant policy design, unusually large mail flow, or a Microsoft service issue.
  • Document the intended treatment for each class of failure so compliance and messaging teams agree on which cases warrant blocking versus review.
Per Microsoft’s July 13 roadmap update, public preview is expected this month, with broader availability scheduled for August 2026.

References​

  1. Primary source: Microsoft 365 Roadmap
    Published: 2026-07-13T23:07:14.8221961Z
  2. Official source: learn.microsoft.com
 

Back
Top