Mmmh…. the DLP software acts as a proxy between internal mail server and external mail server.
It accepts the mail from the internal system and in the same time sends the data out to the external system besides the last package to complete the mail. When the mail is received by the DLP gateway from the internal server completely, it is scanned for compliance to the DLP policy and if the check is ok, the last packet is transmitted to the external mail server, finishing mail delivery.
If the check is not ok, the last packet is withheld and the gateway shuts down the connection to the external mail server. So basically the mail has left the company, but because of the interrupted transfer, the external mail server is discarding the temp mail that has been deliverd by now.
I’m not sure at the moment that I like this behaviour… I’m thinking about better ways to handle this…. not finished thinking it through by now…. will let you know my thougts.
Post a Comment