Domains missing after saving the configuration for a new Cloud Detector in CMP


Article ID: 223584


Updated On:


Data Loss Prevention Cloud Service for Email Data Loss Prevention Cloud Package


You've added a list of emails domains as requested, as part of configuring a new Cloud Detection Server (CDS), in the Cloud Management Portal (CMP).


Email domains were previously required in order to set the configuration of "accepted sender domains" for the Cloud Service for Email.


Release : 15.7+

Component :


When you login to CMP to configure a Cloud Detector - you need to provide several details,depending on what kind of CDS is being configured.

For Email Detectors, the list includes: 

  • Which region for your Cloud Service (US or EU)
  • Which type of Email your company is using (Gmail, O365, Exchange)
  • Which mode of Email Service (Reflecting, Forwarding)
  • Which sending domains are expected for emails being accepted for the service?

As it turns out, the "domains" are no longer an essential detail - because that list is actually obtained AFTER the provisioning of a new Cloud Service for Email Detector:

  1. For a Cloud Email Detector in Forwarding mode - the list of email domains actually comes via a script FROM Email (the downstream MTA for all customers in Forwarding mode)
  2. For a Cloud Email Detector in Reflecting mode (O365 only) - the list of email domains actually comes FROM the Enforce Server, as configured by customers*.

*The reason we used to require email domains was that prior to DLP 15.1 MP1, customers in Reflecting mode couldn't manage domains via the Enforce Server, so the DLP Cloud Operations team required you to submit all domains at the time of provisioning.