The environment has recently been upgraded to DLP 16, When trying to email reports you see the following error "Unable to send email.  Check logs for more details".

Release : 16.0.x

The localhost log shows: 

Level: SEVERE
Source: com.symantec.dlp.incidentdomainservices.IncidentEmailService
Message: Error sending incident email.
Cause:
javax.mail.MessagingException: Could not convert socket to TLSjavax.mail.MessagingException: Could not convert socket to TLS; nested exception is:
    javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

DLP is attempting to force a TLS connection and as a result you see the error "Unable to send email.  Check logs for more details" in the DLP console when trying to send an email report

The concern was resolved with the recently released hotfix: 16.0.00101.60099 - released on April 12th 2023 

After applying the hotfix to the Enforce Server complete the following steps:

1. Login to the Enforce Console
2. Go to "System -> Settings -> General"
3. On the General Settings page select "Configure"
4. On the Configuration page make 1 small change ( for example: delete 1 letter from any line) and Save
5. Change back to the original configuration.
6. Once the "Save" option at the top of the page is active select "Save" 

Once you select save Enforce will perform a TLS check and once the check fails it will update the DB with the new setting

Maintenance Pack 2 (16.0 MP2) contains this fix.