You are wondering about the basic architecture of DLP for Email Prevent.

All supported releases of DLP:

• Network Prevent for Email
• Cloud Prevent for Microsoft Office 365

The DLP Network Prevent for Email product is NOT an MTA. It works merely as an SMTP Proxy for mail traffic.

Configure an appropriate Mail Routing mode

The Network Prevent for Email server must be configured to work in either of the below modes:

a) Reflect - In this mode DLP simply scans emails and then returns the same back to the origin server.

By default, DLP is configured to accept and forward on different ports. Configuring both these functions to work on the same port may result in a Loop (in Reflecting mode only).

• • • RequestProcessor.ServerSocketPort - This setting defines the port via which DLP accepts mails (default: 10025)
    • RequestProcessor.MTAResubmitPort - This setting defines the port via which DLP forwards mails (default: 10026)
      
      NOTE: You can only set one port value for each of the above settings. Attempting to configure multiple values i.e. separated with a comma will lead to RequestProcessor not being able to start up. 

b) Forward - In Forwarding mode, we must specify the MTA where email will be forwarded. There are 2 options for setting this configuration:

• • • Enable MX lookup (Specify Domains)
    • Disable MX lookup (Specify Host Names/IP Addresses)

Disable Open Relay

DLP Network Prevent for Email simply works as an Email relay, thus increasing the possibility of being vulnerable to Open Relay connections within the LAN. You may leverage the “RequestProcessor.AllowHosts” setting to define the hosts from where connections will be accepted.
 

For more comprehensive and complete information about setting up Email Prevent, be sure to see the following Help Center Topics:

• Implementing Network Prevent for Email (broadcom.com)
• Environment compatibility and requirements for Network Prevent for Email and Cloud Prevent for Email Servers (broadcom.com)