I have created an Email Protection Rule Content Category rule which is set to Block, Notify, and Request Justification when a Content Category Rule with key words is matched. At the DLP Policy level I have set Device Control and Full Content Protection and enabled Outlook Add-ins.
When I upload a document that matches the Content Category rule or type matching content in the body of the email then click send, I receive the notification but I do not receive the justification prompt. (I have set up a similar Web Post Protection rule which does request justification when the Content Category rule is matched.
Is there anything which I may have misunderstood on this Email Protection rule or anything I need to check.
#1 Make sure that your 'User Notification Service' is turned on.
From Agent configuration, the following tabs
User Interface Service > Do you have 'Enable End-User Notification Popup' selected?
Miscillanious > Do you have 'User Interface Service' enabled?
Request Justification > Do you have this enabled and configured?
#2 Have you rebooted since enforcing this policy? It requires an agent restart to take effect on some of those settings.
In order to use the request justification popup, the action must include "block". Using only a monitor/notify user/store evidence action will result in the email being sent without request for justification.