Hello all,
I'm integrating Symantec DLP Network Prevent for e-mail with Microsoft Exchange 2007 Edge in reflect mode.
The setup is like this:
MS Exchange Hub -> MS Exchange Edge -> DLP Reflect back to the Edge server.
I have the following problem:
If I write an e-mail from telnet by hand (writing all SMTP commands) reflect mode works great, policy applies and e-mails are checked by DLP.
If I send an e-mail normally (from an user) and it goes from MS Exchange Hub and to MS Exchange Edge and then to DLP I get an error back from DLP
4.3.0 (Fatal: Processing error. Closing connection.).
Also in Symantec Netw. Prevent for E-mail traffic log there is a Java error exception (general one - doesn't help) on each connection. My feeling is that MS Exchange writes something in the SMTP connection to DLP that which messes things up.
All e-mails gather in the Edge queue and nothing shows up in the DLP management (as Messages processed by Netw. Prevent). On DLP server wireshark shows the traffic coming from Edge normally, and 4.3.0 error replies sent back to the Edge.
What does MS Exchange write differently to the connection comparing with telnet e-mail a message by hand? Anyone encountered this?
We implemented this before with no problems.
Thank you.