This article offers a solution for basic logging and reporting of all emails that pass through the Email Security.cloud Service (ESS)
The scope of the solution is as follows:
The solution consists of configuring a Data Protection policy that will log all inbound or outbound emails (or both) starting from the moment it is activated. Data logged by this policy is fully indexed and held on the service infrastructure for up to 40 days. You may therefore use the Email Track and Trace tool, using the Service filter for Data Protection, to quickly and consistently find and list emails that have triggered the policy up to approximately 1000 results. Past this number, you may use the Reports feature of the portal to obtain reports on emails passed through the service, with up to 500.000 lines of results per report.
Data Protection policy
Steps to configure the policy:
Steps to configure the report:
Please note for Log Only Data Protection policy, we do recommend placing the policy at the very top of the order to ensure that every emails are logged before it trigger another policy condition on the remaining list.