Mail Server Required Configuration

Action Settings for DLP Rules

DLP rules have these action settings:

Action	Description
Detect	The data transmission event is logged in the Logs & Monitor view. Administrators with permission can view the data that was sent. The traffic is passed.
Inform User	The transmission is passed, but the incident is logged and the user is notified.
Ask User	The transmission is held until the user verifies that it should be sent. A notification, usually with a remediation link to the Self Incident Handling portal, is sent to the user. The user decides whether the transmission should be completed or not. The decision is logged and can be viewed under the User Response category in a log entry. Administrators with full permissions or the View, Release, or Discard DLP messages permission can send or discard the message.
Prevent	The data transmission is blocked.
Watermark	Tracks outgoing Microsoft Office documents (Word, Excel, or PowerPoint files from Office 2007 and higher) by adding visible watermarks or invisible encrypted text.

When you set Data Owners to be notified, a mail server becomes a required component of the DLP system.

The DLP Gateway sends mail notifications to users and Data Owners, therefore it is necessary for the gateway to access the mail server as a client.

Important:

The mail server must be set to act as a mail relay. This lets users or administrators with permissions to release (Send) emails that DLP captured and quarantined on Ask User rules.
You must configure the mail server to trust anonymous SMTP connections from the DLP Gateway. Alternatively, if your environment requires it, configure your mail relay server to trust authenticated SMTP connections from the DLP Gateway.