When attempting to remediate quarantine incidents in Messaging Gateway(SMG) using the DLP Flexresponse pluging, remediation fails in DLP but no error is generated in SMG and the incident is not remediated:
DLP errors
Date | Submitted By | Summary |
---|---|---|
2/8/21 10:02 AM | ### | FlexResponse Action Failed [Email Quarantine Connect Approve Action] failed with message: The remediation request was not successful: Unable to remediate DlpUniqueMessageId ###. |
2/8/21 10:02 AM | ### |
FlexResponse Action Requested |
Component : DLP Connect
SMG is configured to use DLP "reflect mode" but messages are being delivered through DLP to SMG without first traversing the SMG system.
When SMG DLP Connect is enabled, there is an implied contract that SMG receives the message first before forwarding it to DLP for anaysis. When DLP Connect is configured in SMG but DLP is operating in "forward mode" i.e. DLP receives the message before SMG, a message audit id is not properly assigned to the message when it is received from the DLP server. The lack of an audit ID prevents the Flexresponse quarantine management API from operating as designed.
SMG - DLP operating "modes"
If DLP is configured in "Forward mode", i.e receives email traffic before Messaging Gateway, SMG DLP Connect should be disabled to allow the DLP Flexresponse API to operate properly.
To disable the SMG DLP Connect