Emails are getting delayed from DLP to email security cloud - and an increase in Socket Errors are being reported by the on-premises Exchange server teams.

Protocol and / or Connectivity logs from Exchange (usually Edge server) may show the following:

2023-10-05T14:00:24.081Z,<Name_of_Send-Connector>,<ConnectionID>,2,,<DLP-PublicCloud-IP>:25,*,,"Failed to connect. Winsock error code: 10060, Win32 error code: 10060, Destination domain: <DLP-DetectorID>.ds.dlp.protect.broadcom.com, Error Message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond <DLP-PublicCloud-IP>:25."

Release : 16.0

The SmtpMaxMessagesPerConnection was decreased from default for the DLP Send Connector, which increased the number of connections required to process mail.

There was a change to the default settings in Exchange for the DLP Connector, which appears to have negatively impacted the Microsoft Exchange server ability to make timely connections for mail delivery.

Set the SmtpMaxMessagesPerConnection back to default of "20" - this should improve performance of the Exchange system, and fewer network errors are expected. 

This command can tell you what all advanced settings are for all Connectors in Exchange:

Get-SendConnector "<NAME_or_Identity> Send Connector" | Format-List

This one just returns the details about each connector's "SMTP" settings, including the "SmtpMaxMessagesPerConnection":

Get-SendConnector | fl *smtp*, *name*

For additional details on these Powershell commands, see internal KB: https://ca-broadcomcsm.wolkenservicedesk.com/wolken/esd/knowledgebase_search?articleId=246209