You are facing an email delay issue from the DLP Cloud Service for Email
search cancel

You are facing an email delay issue from the DLP Cloud Service for Email

book

Article ID: 234877

calendar_today

Updated On:

Products

Data Loss Prevention Cloud Service for Email

Issue/Introduction

You are seeing a lot of undelivered emails on your Exchange server queues, which are not being accepted for delivery by your DLP Cloud Service for Email.

Environment

Release : 15.8

Component : DLP Cloud Service for Email, integrated with on-prem Exchange (aka - the DLP Cloud Service in "hybrid mode")

Cause

Confirm whether any new certificates have recently been applied to the SMTP services in Exchange.

Resolution

When saving new certificates for Exchange, it is also necessary to ensure the certificates have been applied to all the service in Exchange - most importantly, to the "SMTP" service, so that mail delivery can utilize the new certificate. Otherwise, the old certificate will continue to be presented.

Updates to Exchange are outside the scope of DLP Support, but we have found the following article discusses the steps required:

Assign certificates to Exchange Server services | Microsoft Docs

Additional Information

Messages sent from Exchange servers to DLP will be dropped if the Exchange certificate has expired - because the DLP Cloud Service is not an MTA (we are an SMTP Proxy), messages are never held by the Cloud Service. Instead, they would queue upstream if bounced or rejected.