ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Symantec Cloud DLP IP's are causing soft fail errors in Exchange Online

book

Article ID: 213434

calendar_today

Updated On:

Products

Data Loss Prevention Cloud Service for Email

Issue/Introduction

From a technical view, some customer environments with specific SPF record setups, downstream from DLP may observe soft fail errors in exchange online after reflect mode in DLP has been configured in front and backend.

Cause

Modifications to SPF records are not typically needed for Reflect Mode detectors for DLP Cloud Service for Email, once configured backend and in DLP. 

Environment

Release : 15.x

Component : DLP Cloud Service for Email

Resolution

Some custom environments may require adding DLP GCP Cloud Service IP range (144.49.240.0/21) to their SPF records for their domains in their DNS to avoid soft fail errors in Exchange Online Protection (O365 or M365) downstream from DLP.