When implementing DLP, do most companies require employees to classify ALL outgoing email?

When it comes to trying to catalog and control the data leaving your organization via email there are only a few general models to implement this control. One is to create classifications of data with varying levels of sensitivity and ask your associates to categorize them before sending. This will tell your systems (like backup, privacy, etc.) how to handle the information.  Microsoft works this way in their cheaper solutions.  Ideally, though your system will have the ability to detect sensitive data either based on tagging or based on true data detection.  This is usually only in the higher levels E5 of Microsoft.  DLP is truly difficult and ultimately you will end up with a combination of automatic detection and user interaction to get the best outcome.  Don't forget that many do not use email clients they use other ways to send data so a CASB solution will be needed too!

It is not mandated all email IDs. But many industries have data protection regulations (e.g., HIPAA, GDPR, PCI DSS) that mandate DLP controls, including email classification in all Emails.

DLP software uses business rules to classify and protect confidential and critical information. For example, companies can block outgoing emails containing confidential business information, such as financial reports. It is more concerned who manage patient data, PI data and other informations.