cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4078
Views
15
Helpful
7
Replies

Bypass Cisco email encryption and DLP for specific domains

WhereIsMyCIDR
Level 1
Level 1

Hi. We've implemented DLP & Cisco Email encryption for any content that our business requires encrypted, however we've recently implemented Required TLS betwee one of our business partners and would like to bypass DLP & Email encryption to ONLY those specific domains.

 

Is this possible to do on the ESA/IronPort and how can we go about implementing this if it is?

 

Thanks

1 Accepted Solution

Accepted Solutions

If you're getting into content filters now as well, then what Ken mentioned would definitely be the way to go. You should setup a new mail policy specific to those receiving domains, and then just disable any filters/DLP policies for that mail policy only so they would not be applied. Also, for any TLS required connections, if TLS fails then there would be a rejection and an NDR should be returned to the sender.

 

Thanks!

-Dennis M.

View solution in original post

7 Replies 7

When you say email encryption, do you mean PXE/CRES? Are you using a content filter to pick which messages to encrypt?

Assuming the answer's are yes, go to Ougoing Mail policies and create a new policy. Use the recipient domain as the recipient filter, and then you can turn off DLP and the content filter.

dmccabej
Cisco Employee
Cisco Employee

Hello,

 

There are multiple ways to do this, but the easiest would probably be by just adding the recipient domain(s) to the exclusion list within the DLP policy. You'll want to make sure you select 'Is Not' from the drop-down menu so that the policy only applies if the recipient is not within that list. This should bypass any DLP policies you wish to exclude for these specific recipients.

 

dlp-filter.jpg

 

Another being what Ken has mentioned above by just creating a new mail policy for these recipients, and just not selecting the particular content filters or DLP policies.  

 

Thanks!

-Dennis M.

 

Thanks Dennis & Ken .  That was very helpful.  

Our users are also using keywords to send out encrypted emails. Is there a way to bypass that encryption regardless if the users inputs the keyword to those specific domains?

 

Also in the event that TLS fails is there a away to prevent the message from being sent to remote party and send an alert to the administrator ?

I think that's default behavior for "TLS required"

If you're getting into content filters now as well, then what Ken mentioned would definitely be the way to go. You should setup a new mail policy specific to those receiving domains, and then just disable any filters/DLP policies for that mail policy only so they would not be applied. Also, for any TLS required connections, if TLS fails then there would be a rejection and an NDR should be returned to the sender.

 

Thanks!

-Dennis M.

Thank you Ken & Dennis for your help.

 

Hey guys. Is there a way to alert and end user if the message they sent failed due to TLS not working? 

We need to let our users know in situations where they send urgent emails but are not aware of TLS not working.