DLP Enforce Server and Email Security.cloud Quarantine integration

book

Article ID: 222001

calendar_today

Updated On:

Products

Data Loss Prevention Cloud Service for Email Email Security.cloud

Issue/Introduction

You are following the documentation on how to set up Email Quarantine:

Configuring the Enforce Server to sync with Email Security.cloud Email Quarantine

and

 

In step 2, the instructions state "... When Email Security.cloud receives the message, it inspects the relevant headers.  Based on these headers, it quarantines the message."

But you want to know how to set the required options in your Email Security.cloud account.

Cause

DLP Cloud Service for Email customers in "forwarding mode" have the "Email Quarantine" feature in Email Security.cloud enabled as part of their service.

However, the configuration of the quarantine policy is actually a Data Protection configuration within Email Security.cloud.

Environment

Release : 15.8

Component :

  • Cloud Service for Email Response Rule
  • Email Security.cloud Email Quarantine

Resolution

In ClientNet (aka the Email Security.cloud portal), go to Dashboard > Services > Data Protection.

  1. Click on "New Policy".
  2. Set "Apply to" to "Outbound Email only".
  3. Select "Quarantine" from the "Action" drop down.
  4. Add Administrator email(s) as required.
  5. Click "Add Rule".
  6. The rule condition in this case should be "Content Keyword List".
  7. You will need to create a new Content Keyword List for this action - the keyword in question is given at the DLP documentation page above: "X-dlp-uniquemsgid". When you save this new list the rule is updated with the header string.
  8. Set the rule to "Look in" the "Header" of outgoing messages.

 

Additional Information

Screenshot example of rule as configured in ClientNet:

 

For further information about setting up rules in Email Security.cloud, including a recommendation to test new rules with a "Log only" action, before implementing quarantine function - please see this page:

About actions and Email Data Protection policies

Attachments