We are running MEG 7.5.1. We have a Compliance Rule configured to quarantine emails when the predefined dictionary named 'Date Of Birth and Name' is matched. This works well. However we have a standard application form PDF that is sent by numerous users on a daily basis which contains the words 'Date of birth' within the form, which obviously triggers the Compliance Rule created above. This creates 20-30 false/positives daily that we have to release from Quarantine. For argument sake the filename of the application form is 'appform.docx'. Is it possible to 'whitelist' this form even though it contains the words 'Date of birth' so that is not quarantined? All other filenames must continue to be quarantined. When testing using the 'File Filtering' compliance rule, we found that although this allows the email through, the Complaince Rule to check for Date of Birth Name is still tested against the email as well, and is therefore still quarantined. Also, I tried creating a separate Email Policy, without the Date of Birth and Name compliance rule configured, and moved this policy above the existing one. This unfortunately bypasses the Date of Birth and Name compliance rule all together because only ONE policy can be applied to an email.
There is an option to configure an exclusion based on certain critera in the Compliance Rules which will need to be used. Most customers when running into this scenario will configure a new compliance rule then base it on a bypass phrase in the body.
Then in the compliance rule configure the bypass compliance rule under exclusions.
If you need assistance with configuring an exclusion rule we would recommend to contact support and open a SR so they can walk through this as well.