A policy rule or exception has been created, containing an address (such as an email address, domain, IP, etc.), to match a sender or recipient. However, it does not include (or exclude) the sender as expected, even though the address appears to match.
In some cases, the address appears to be the same as the one in the message, but contains extra characters that prevent it from matching. Copying and pasting data from other sources - including DLP incident reports, PDF files, or other rich text formats - can introduce metadata characters that are not visible in the user interface, but are present in the data and will interfere with matching.
To check for this problem, we recommend exporting the policy as an XML template, then opening it in a full-featured text editor such as Notepad++ or Notepad2. Locate the address that is not matching as expected, then change the file encoding to ANSI or ASCII to reveal any special characters, which typically appear as non-ASCII characters or question marks (?).
If this proves to be the issue, remove the exception completely and recreate it, either by typing the address by hand, or by copying it from a known plain-text source, such as a file with the encoding set to ANSI or ASCII. The address should now match as expected.
Imported Document ID: TECH221996
Subscribing will provide email updates when this Article is updated. Login is required.