When you switch from Classic Outlook to New Outlook, dragging files or emails between accounts may stop working or prompt unexpected warnings. This happens because New Outlook enforces stricter data-protection limits that Classic Outlook did not have. This article explains the specific data-protection rules that block or restrict drag-and-drop operations between accounts in New Outlook. You will learn which actions are blocked, how to work around the limits, and what settings to check before moving data.
Key Takeaways: Data-Protection Limits for Drag-and-Drop in New Outlook
- New Outlook tenant-level data protection policy: Blocks dragging items from a work account to a personal account by default.
- Classic Outlook group policy or registry key: Allows drag-and-drop between accounts unless an administrator disables it via policy.
- New Outlook cross-tenant access settings: Require explicit admin configuration to allow dragging files between accounts in different Microsoft 365 tenants.
Why New Outlook Blocks Drag-and-Drop Between Accounts
Classic Outlook uses the same security model as the Windows operating system. When you drag an email or file from one account to another, Classic Outlook copies the data without inspecting the destination account type. New Outlook is a web-based application built on a unified security framework. It evaluates every data movement operation against tenant-level data protection policies.
The root cause of the block is the data protection policy in the Microsoft 365 tenant. This policy prevents users from copying or moving data from a work account to a personal account. The policy applies to all drag-and-drop actions within New Outlook. Classic Outlook does not enforce this policy by default. An administrator must configure group policy or registry keys to restrict drag-and-drop in Classic Outlook.
Data Protection Policy in Microsoft 365
The data protection policy is part of Microsoft Purview Information Protection. It is enabled automatically for all users in a tenant. The policy has three settings that affect drag-and-drop:
- Block copy to personal accounts: Prevents moving data from a work account to a personal Microsoft account or a non-corporate email address.
- Block copy to unmanaged devices: Prevents dragging data to a browser or app running on a device not managed by your organization.
- Block copy to external apps: Prevents dragging data to applications that are not part of the Microsoft 365 ecosystem.
These settings are enforced at the tenant level. Users cannot override them in New Outlook. Classic Outlook does not read these settings unless the administrator explicitly enables a related group policy.
Steps to Check and Adjust Data-Protection Limits for Drag-and-Drop
Before you attempt to drag files or emails between accounts in New Outlook, check the data protection policy in your tenant. If you are an end user, you may need to contact your administrator to review or adjust these settings. The steps below cover both user-side checks and admin-side configuration.
- Open New Outlook and test a drag-and-drop action
Drag an email from your work account to your personal account folder in the folder pane. If the operation is blocked, a red banner appears at the top of the window: “This action is blocked by your organization’s data protection policy.” - Check the data protection policy in Microsoft Purview
Sign in to the Microsoft Purview compliance portal atcompliance.microsoft.com. Go to Data Loss Prevention > Policies. Locate the policy named Default DLP policy for Microsoft 365 or a custom policy created by your administrator. Click the policy name to view its rules. - Review the rule that blocks drag-and-drop
In the policy editor, find the rule titled Block copy to personal accounts or Block copy to unmanaged devices. The rule description will list the actions it blocks. Drag-and-drop is listed under Blocked actions as Copy to personal account or Copy to external app. - Request an exception from your administrator
If you need to drag items between accounts for a legitimate business reason, ask your administrator to create an exception. The administrator can add your user account to an exclusion group in the DLP policy. This allows drag-and-drop only for your account while the policy remains active for everyone else. - Use Classic Outlook as a workaround
If the policy cannot be changed, switch to Classic Outlook for the drag operation. Open Classic Outlook, locate the item you want to move, and drag it to the destination account folder. Classic Outlook does not enforce the tenant data protection policy unless the administrator has configured a specific group policy for it. - Use the Move or Copy dialog in New Outlook
If drag-and-drop is blocked but you still need to move an item to another account, right-click the email or file. Select Move or Copy. In the dialog that opens, choose the destination account folder. New Outlook evaluates this action against the same policy, but the dialog may succeed if the policy only blocks drag gestures and not explicit menu commands. Test both methods to determine which one works.
When Drag-and-Drop Still Fails After Checking the Policy
New Outlook does not show the red banner but the drag action does nothing
This can happen when the destination account is in a different Microsoft 365 tenant. New Outlook blocks cross-tenant drag-and-drop by default. An administrator must configure cross-tenant access settings in the Microsoft 365 admin center. Go to Admin > Settings > Org settings > Cross-tenant access and add the external tenant as a trusted partner. This setting applies to all users in the organization.
Classic Outlook also blocks drag-and-drop between accounts
An administrator may have enabled the Disable drag and drop group policy in Classic Outlook. To check this, open the Group Policy Management Console on your domain controller. Navigate to User Configuration > Policies > Administrative Templates > Microsoft Outlook 2016 > Outlook Options > Other. Look for the setting Disable drag and drop. If it is set to Enabled, users cannot drag items between any folders in Classic Outlook. Change the setting to Not Configured or Disabled to restore drag-and-drop.
Files dragged from Outlook to Windows File Explorer are blocked
New Outlook may block dragging an attachment from an email to a folder on your desktop. This is controlled by the Block copy to unmanaged devices rule in the data protection policy. The policy treats File Explorer as an unmanaged app if the device is not enrolled in Microsoft Intune or another mobile device management system. To allow this action, the administrator must add the device to the managed device list or create an exception for the user.
Classic Outlook vs New Outlook: Data-Protection Limits for Drag-and-Drop
| Item | Classic Outlook | New Outlook |
|---|---|---|
| Default drag-and-drop between work and personal accounts | Allowed unless a group policy blocks it | Blocked by tenant data protection policy |
| Cross-tenant drag-and-drop | Allowed unless a group policy blocks it | Blocked unless cross-tenant access is configured |
| Drag to File Explorer on unmanaged device | Allowed | Blocked by default |
| Admin configuration needed to allow drag-and-drop | Group policy or registry key | Microsoft Purview DLP policy exclusion or cross-tenant access settings |
| User can override the limit | No, only an admin can change the policy | No, only an admin can change the policy |
When you move from Classic Outlook to New Outlook, the data-protection limits for drag-and-drop become stricter by default. In Classic Outlook, drag-and-drop between accounts works unless an administrator explicitly disables it. In New Outlook, the tenant data protection policy blocks drag-and-drop between work and personal accounts, between different tenants, and to unmanaged devices. You can work around these limits by using Classic Outlook for the drag operation, requesting a policy exception from your administrator, or using the Move dialog in New Outlook. Before switching to New Outlook, ask your administrator to review the data protection policy and cross-tenant access settings so that legitimate drag-and-drop actions are not blocked.