Transport Rule Predicates
Applies to: Exchange Server 2010
In Microsoft Exchange Server 2010, predicates are used to create conditions and exceptions in a transport rule. Transport rules can be applied to e-mail messages routed through Hub Transport and Edge Transport servers. Some predicates are available on both transport server roles, and some are exclusive to just one transport server role.
Contents
Predicates and Predicate Properties
Predicates Available on Hub Transport servers
Predicates Available on Edge Transport servers
Predicate Properties
Predicates and Predicate Properties
Transport rule conditions and exceptions consist of one or more predicates. Predicates instruct the Transport Rules agent on a Hub Transport server (or the Edge Rules agent on an Edge Transport server) to examine a specific part of an e-mail message, such as sender, recipients, subject, other message headers, and message body, to determine whether the rule should be applied to that message. As such, predicates act as building blocks for conditions and exceptions.
To determine whether a transport rule should be applied to a message, most predicates have one or more properties for which you must specify a value. The Transport Rules agent inspects message properties for specified values. For example, the HasClassification predicate requires that you specify one or more message classifications for the classification property. Some predicates don't have properties. For example, the HasNoClassification predicate simply inspects whether a message has a classification, and therefore doesn't require any values.
To assign a value to a predicate, you must determine the predicate property or properties in the case of predicates that require more than one property. In the Exchange Management Console (EMC), you can specify predicate values in the Edit the rule description by clicking an underlined value box of the New Transport Rule or Edit Transport Rule wizards. In the Exchange Management Shell the properties are available as parameters of the New-TransportRule and Set-TransportRule cmdlets. Property values are specified after the property name.
Note
In Exchange 2010, you don't need to instantiate predicates and actions by using the Get-TransportRulePredicate and Get-TransportRuleAction cmdlets. These cmdlets only allow you to list the predicates and actions available for use on the Hub Transport and Edge Transport servers on which the cmdlets are executed. The New-TransportRule and Set-TransportRule cmdlets have all the predicates and actions available as parameters, allowing you to create or modify a transport rule using a single command.
Because some predicates examine specific fields within an e-mail message (such as the message header fields), you must set two predicate properties. When you use a predicate to inspect message headers, one predicate property specifies the header to examine, such as To, From, Received, or Content-Type. You must also specify a value for the second property. Predicates that require a second property are listed in Table 1 and Table 2, with the second property listed in the Second predicate property column.
Return to top
Predicates Available on Hub Transport Servers
Table 1 lists the predicates available on a Hub Transport server, and provides the following information about each predicate:
- The Predicate column lists the predicate as it appears in the New Transport Rule and Edit Transport Rule wizards in the EMC.
- The Predicate name column lists the predicate name as returned by the Get-TransportRulePredicate cmdlet.
- The Predicate property and Second predicate property columns list the property types. Most property types accept specific values. Refer to Table 3 to determine valid values for a property type.
Note
Each predicate listed in Table 1 also has an equivalent exception that can be selected from the Exceptions page of the New Transport Rule and Edit Transport Rule wizards. In the Shell, the predicates that can be used as exceptions start with ExceptIf. For example, for the FromMemberOf predicate, the parameter that can be used as an exception in transport rule cmdlets is called ExceptIfFromMemberOf.
The same predicate object contains the logic for use in a transport rule condition and exception. Therefore, when you use the Get-TransportRulePredicate cmdlet to list predicates, exceptions aren't listed as separate predicates.
Table 1 Predicates available on Hub Transport servers
No | Predicate | Predicate name | Predicate property | Second predicate property | Description |
---|---|---|---|---|---|
1 |
from people |
From |
Addresses |
Not applicable |
|
2 |
from a member of distribution list |
FromMemberOf |
Addresses |
Not applicable |
|
3 |
from users that are inside or outside the organization |
FromScope |
FromUserScope |
Not applicable |
|
4 |
sent to people |
SentTo |
Addresses |
Not applicable |
|
5 |
sent to a member of distribution list |
SentToMemberOf |
Addresses |
Not applicable |
|
6 |
sent to users that are inside or outside the organization, or partners |
SentToScope |
ToUserScope |
Not applicable |
|
7 |
between members of distribution list and distribution list |
BetweenMemberOf |
Addresses ( |
Addresses ( |
|
8 |
when the manager of any sender is people |
ManagerIs |
EvaluatedUser ( |
Addresses ( |
|
9 |
when the sender is the manager of a recipient |
ManagementRelationship |
ManagementRelationship ( |
Not applicable |
|
10 |
if the sender and recipient's AD Attribute are Evaluation |
ADAttributeComparison |
ADAttribute ( |
Evaluation ( |
|
11 |
when a recipient's address contains specific words |
RecipientAddressContainsWords |
Words |
Not applicable |
|
12 |
when a recipient's address contains text patterns |
RecipientAddressMatchesPatterns |
Patterns |
Not applicable |
|
13 |
when a recipient's properties contains specific words |
RecipientAttributeContains |
Words* ( |
Not applicable |
|
14 |
when a recipient's properties contains text patterns |
RecipientAttributeMatches |
Patterns* ( |
Not applicable |
|
15 |
when any of the recipients in the To field is people |
AnyOfToHeader |
Addresses |
Not applicable |
|
16 |
when any of the recipients in the "To" field is a member of distribution list |
AnyOfToHeaderMemberOf |
Addresses |
Not applicable |
|
17 |
when any of the recipients in the Cc field is people |
AnyOfCcHeader |
Addresses |
Addresses |
|
18 |
when any of the recipients in the Cc field is member of distribution list |
AnyOfCcHeaderMemberOf |
Addresses |
Not applicable |
|
19 |
when any of the recipients in the To or Cc fields is people |
AnyOfToCcHeader |
Addresses |
Not applicable |
|
20 |
when any of the recipients in the To or CC fields is a member of a distribution list |
AnyOfToCcHeaderMemberOf |
Addresses |
Not applicable |
|
21 |
marked with classification |
HasClassification |
Classification |
Not applicable |
|
22 |
when the Subject field contains specific words |
SubjectContains |
Words |
Not applicable |
|
23 |
when the Subject field or message body contains specific words |
SubjectOrBodyContains |
Words |
Not applicable |
|
24 |
when the message header contains specific words |
HeaderContains |
MessageHeader ( |
Words ( |
|
25 |
when the From address contains specific words |
FromAddressContains |
Words ( |
Not applicable |
|
26 |
when the Subject field contains text patterns |
SubjectMatches |
Patterns ( |
Not applicable |
|
27 |
when the Subject field or the message body contains text patterns |
SubjectOrBodyMatches |
Patterns ( |
Not applicable |
|
28 |
when the message header matches text patterns |
HeaderMatches |
MessageHeader ( |
Patterns ( |
|
29 |
when the From address matches text patterns |
FromAddressMatches |
Patterns ( |
Not applicable |
|
30 |
when any attachment file name matches text patterns |
AttachmentNameMatches |
Patterns ( |
Not applicable |
|
31 |
with a spam confidence level (SCL) rating that is greater than or equal to limit |
SCLOver |
SclValue |
Not applicable |
|
32 |
when the size of any attachment is greater than or equal to limit |
AttachmentSizeOver |
Size |
Not applicable |
|
33 |
marked with importance |
WithImportance |
Importance |
Not applicable |
|
34 |
if the message is Message Type |
MessageTypeMatches |
MessageType |
Not applicable |
|
35 |
when the sender's properties contain specific words |
SenderAttributeContains |
Words* ( |
Not applicable |
|
36 |
when the sender's properties match text patterns |
SenderAttributeMatches |
Patterns ( |
Not applicable |
|
37 |
not marked with a message classification |
HasNoClassifications |
Not applicable |
Not applicable |
|
38 |
when an attachment's content contains words |
AttachmentContainsWords |
Words |
Not applicable |
|
39 |
when an attachment's content matches text patterns |
AttachmentMatchesPatterns |
Patterns |
Not applicable |
|
40 |
when an attachment is unsupported |
AttachmentIsUnsupported |
Not applicable |
Not applicable |
|
Return to top
Predicates Available on Edge Transport Servers
Table 2 lists the predicates available on Edge Transport servers.
Note
Each predicate listed in Table 1 also has an equivalent exception that can be selected from the Exceptions page of the New Transport Rule and Edit Transport Rule wizards. In the Shell, the predicates that can be used as exceptions start with ExceptIf
. For example, for the FromMemberOf
predicate, the parameter that can be used as an exception in transport rule cmdlets is called ExceptIfFromMemberOf.
The same predicate object contains the logic for use in a transport rule condition and exception. Therefore, when you use the Get-TransportRulePredicate cmdlet to list predicates, exceptions aren't listed as separate predicates.
Predicates available on Edge Transport servers
No | Predicate | Predicate name | Predicate property | Second predicate property | Description |
---|---|---|---|---|---|
1 |
when the subject field contains specific words |
SubjectContains |
Words |
Not applicable |
|
2 |
when the subject field or message body contains specific words |
SubjectOrBodyContains |
Words |
Not applicable |
|
3 |
when the message header contains specific words |
HeaderContains |
MessageHeader |
Words |
|
4 |
when the From address contains specific words |
FromAddressContains |
Words |
Not applicable |
|
5 |
when any recipient address contains specific words |
AnyOfRecipientAddressContainsWords |
Words |
Not applicable |
|
6 |
when the Subject field matches text patterns |
SubjectMatches |
Patterns |
Not applicable |
|
7 |
when the Subject field or the message body matches text patterns |
SubjectOrBodyMatches |
Patterns |
Not applicable |
|
8 |
when the message header matches text patterns |
HeaderMatches |
MessageHeader |
Patterns |
|
9 |
when the From address matches text patterns |
FromAddressMatches |
Patterns |
Not applicable |
|
10 |
when any recipient address matches text patterns |
AnyOfRecipientAddressMatches |
Patterns |
Not applicable |
|
11 |
with a spam confidence level (SCL) rating that is greater than or equal to limit |
SCLOver |
SclValue |
Not applicable |
|
12 |
when the size of any attachment is greater than or equal to limit |
AttachmentSizeOver |
Size |
Not applicable |
|
13 |
From users that are inside or outside the organization |
FromScope |
Scope |
Not applicable |
|
Return to top
Predicate Properties
The following table lists the property types used in transport rule predicates.
Table 3 Property types used in transport rule predicates
Predicate | Name | Description |
---|---|---|
ADAttribute |
One of the Active Directory attributes available for use |
The
When you use the Shell to create a transport rule consisting of the You can also specify multiple Active Directory attributes and value pairs. For example, " |
Addresses and Addresses2 |
Array of Active Directory mailbox, contact, or distribution group objects |
The |
Classification |
Message classification object |
The For example, use the following command to search for messages with the
|
EvaluatedUser |
Single value of |
The |
Evaluation |
Single value of |
The |
FromUserScope |
Single value of |
The
Note:
To determine whether mail contacts are considered to be inside or outside the organization, the domain part of the sender's address is compared with the configured accepted domains. For more information, see Understanding Accepted Domains
|
Importance |
Single value of |
The |
ManagementRelationship |
Single value of |
The |
MessageHeader |
Single string |
The |
MessageType |
Single message type name |
The
|
Patterns |
Array or regular expressions |
The |
SclValue |
Single integer |
The |
Size |
Single integer with quantifier such as KB or MB |
The
For example, |
ToUserScope |
One of the following values:
|
The
|
Words |
Array of strings |
The In Exchange 2010, only instances of the word without a prefix or suffix are matched. For example, if you specify the word "contoso", the rule will fire only if an exact match is found. The following variations where the word appears as a suffix, a prefix, or between other characters (other than the space character) aren't considered an exact match:
The property isn't case-sensitive. The asterisk (*) is treated as a literal character, and not used as a wildcard character. |
Return to top