A prior version of the documentation for importing TLS certificates into one's Network Prevent for Email server keystore suggested the following location for this keystore:

When you install Network Prevent for Email Server, the installer creates an empty keystore file in installdir

c:\Program Files\Symantec\DataLossPrevention\DetectionServer\15.7\Protect\keystore\prevent.ks

Release : 15.7+

Component :

Symantec™ Data Loss Prevention MTA Integration Guide for Network Prevent for Email (broadcom.com)

This was actually incorrect, and if the keystore file for SMTP Prevent is updated in this location, TLS handshakes will fail to find the certificate assigned.

As a result, connections to the downstream MTA will be dropped as soon as they are established, usually with a simple "Forward connection closed" in the RequestProcessor log.

The correct location of the SMTP Prevent keystore is defined in the "Protect.properties" file on the Detection Server.

Linux:

#SMTP Prevent keystore
com.vontu.inline_smtp.keystore = /var/Symantec/DataLossPrevention/DetectionServer/15.7/keystore/prevent.ks

Windows:

#SMTP Prevent keystore
com.vontu.inline_smtp.keystore = C:/ProgramData/Symantec/DataLossPrevention/DetectionServer/15.7/keystore/prevent.ks

Current versions of the above documentation already reflect this change - this article is for informational purposes only and will be removed at a future date.