We add a message tag to emails that are user selected to be sent secure using the Cisco Plug-in to exempt the email from DLP scanning. Is that message tag removed when the message is sent or is it retained until manually removed? Case - orginal message was marked to be sent secure and message tag was applied, the message was replied to requesting additional information from the sender. The original sender replied to that reply adding addition information, did not select that Send Secure option on the reply and the message was not picked up as a DLP violation (contained DLP sensitive information). My question is the orginal message tag stay with the message and on the replies the DLP scanning would be exempted even it additional information is added?
If this is the case I may need to write a message filter to look for that message tag and manually change headers to have the message sent via the IEA appliance.