ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Symantec Cloud DLP IP's are causing soft fail errors in Exchange Online


Article ID: 213434


Updated On:


Data Loss Prevention Cloud Service for Email


From a technical view, some customer environments with specific SPF record setups, downstream from DLP may observe soft fail errors in exchange online after reflect mode in DLP has been configured in front and backend.


Modifications to SPF records are not typically needed for Reflect Mode detectors for DLP Cloud Service for Email, once configured backend and in DLP. 


Release : 15.x

Component : DLP Cloud Service for Email


Some custom environments may require adding DLP GCP Cloud Service IP range ( to their SPF records for their domains in their DNS to avoid soft fail errors in Exchange Online Protection (O365 or M365) downstream from DLP.