Cisco Community
English
Register
Congratulate December's Spotlight Awardees. CLICK HERE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
297
Views
0
Helpful
3
Replies
Highlighted
sdonovan123
Beginner
Beginner
‎10-07-2014 06:19 AM
‎10-07-2014 06:19 AM

Can DLP be used to prevent email from a specific domain from being forwarded?

Hello,

 

I am wondering if DLP be used to prevent email from a specific domain from being forwarded?

 

Shawn

Labels:
0 Helpful
Reply
3 REPLIES 3
Highlighted
Ken Stieers
Engager
Engager
‎10-07-2014 07:58 AM
‎10-07-2014 07:58 AM

If you mean inbound mail, no.  Its only applied to Outgoing messages.

If you mean messages received from domain x, and then forwarded by your users, maybe... Depends on your DLP app.

You may be able to do it with a content filter as well...

0 Helpful
Reply
Highlighted
David Miller
Beginner
Beginner
‎10-13-2014 05:33 AM
‎10-13-2014 05:33 AM

As the other answer says DLP only applies to outbound mail, and typically is used to look at email content not just the metadata (from, to, etc).  You could try tagging the incoming email from the specific domain with an x-header (e.g. X-DoNotForward) and then in your outbound filter look for that header and reject any emails or bounce them back to the sender with a notification message.  You do not need DLP to do this. 

0 Helpful
Reply
Highlighted
Ken Stieers
Engager
Engager
In response to David Miller
‎10-13-2014 09:36 PM
‎10-13-2014 09:36 PM

Adding a "do not forward" header is actually a pretty elegant solution.  The email system you use may be able to act on that header as well (I know Exchange 2010 can)

 

 

0 Helpful
Reply
Latest Contents
Cisco Endpoint Security Analytics (CESA) dashboard overview ...
Created by Jason Kunst on 01-19-2021 12:35 PM
0
0
0
0
The following guide goes over the in and out of the Cisco Endpoints Security Analytics Dashboard as an overview and faq page For more information on the solution please visit the CESA POV page  
#CiscoChat Live: Accelerating your security maturation journ...
Created by Kelli Glass on 01-15-2021 04:48 PM
0
0
0
0
Join us live on Tuesday, January 19 at 10:00 am PT (and on demand after) as we discuss the latest version of ATT&CK and the expansion of TTPs in v8.  As a security expert, you are tasked with protecting your environment. You see the value of... view more
#CiscoChat Live: Accelerating your security maturation journ...
Created by Kelli Glass on 01-15-2021 04:46 PM
3
0
3
0
Join us live on Tuesday, January 19 at 10:00 am PT (and on demand after) as we discuss the latest version of ATT&CK and the expansion of TTPs in v8.  As a security expert, you are tasked with protecting your environment. You see the value of... view more
What's New for Cisco Defense Orchestrator (CDO)
Created by Andrew Mallio on 01-15-2021 06:09 AM
1
40
1
40
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.  We make improvement... view more
Serious problem with Object Groups + Access Policies in FMC
Created by mhmservice on 01-15-2021 04:31 AM
0
0
0
0
Hi allI've been having a major problem with Object Groups in FMC access policiesIf I have a pre-existing line in a policy with an Object Group which contains a list of IPs, if I add an additional IP to that object group, then deploy, the traffic is still ... view more
Content for Community-Ad