DLP Network Prevent for Email Server is analyzing the duplicate emails from Messaging Backbone even NPE advance setting L7.discardDuplicateMessagesis is set to FALSE to avoid duplicate incidents.
Component: DLP Network Prevent for Email
Enable incident reconciliation on the Enforce Server computer on Windows
Incident reconciliation should be enabled if the upstream MTA splits emails, whether that is based on domain or internal vs external recipient or other criteria. Setting discardDuplicateMessages to FALSE (which is default for NPE) makes sure that when these split emails are received we do detection on all parts of them, where as incident reconciliation caches the incidents from SMTP and merges incidents from split emails. It is commomn in cloud based MTAs like O365 and Gmail, but some other MTAs seem to do this as well.