Re: Configuring ESA C190 with Symantc DLP

mohamed.fawzy2012 · ‎01-02-2018

i have ESA C190 and want to configure external DLP "Symantic DLP" , i don't know , i tried to search on document and founding nothing

Libin Varghese · ‎01-02-2018

I do not see an article specific for that integration.

If the target is to send all emails to an external Symatec DLP server this can be accomplished using SMTP routes.

So under Network -> SMTP Routes -> All other domains: IP for DLP server.

Inbound emails would need other SMTP routes for your internal domain to be delivered to your exchange servers.

Outbound emails would then use the entry for all other domains and attempt delivery there.

However, it would then be the Symantec DLP server's responsibility to deliver the emails to the intended domains.

Regards,
Libin Varghese

marc.luescherFRE · ‎01-03-2018

we had to deal with similar implementations and did it as follows :

SMTP Routes

Add your DLP hostname and IP

Message Filters

Send all messages to alternate host DLP hostname if X-header does not say SYMDLP-Processed=yes

DLP Hostname

add an X-header to all processed messages like SYMDLP-Processed=yes

forward all message back to the C190

You mainly create a loop for DLP checking by an external service. Hope you get the idea.

Ken Stieers · ‎01-03-2018

Is the Symantec DLP just an smtp relay, aka just like the ESA but with different filters?
That seems compliacted when you could just point the outbound connector from Exchange/Notes/whatever at the ip(s) of the DLP box(es) and the outbound route of the DLP box at the ESA...

Why the loop?