Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Restrict to send mail to perticular domains

Created: 01 May 2013 | 5 comments
Manish vats's picture

Hi All,

One of my customer is looking for a DLP policy like :- users can send mail to only one perticular domain, Sending mails to other domains should be blocked.

They are using OWA (Outlook web access) for mail accessing on IE.

They are using DLP Endpoint Only ...

Operating Systems:

Comments 5 CommentsJump to latest comment

yang_zhang's picture

I don't think DLP Endpoint only can achieve this requirement.

Implement a Network Prevent for Email can do this kind of requirement.

If a forum post solves your problem, please flag it as a solution. If you like an article, blog post or download vote it up.
UFO's picture

1) Writing the policy on particular domain should not be hard task.

You should create a policy that blocks all emails with an IDM exception of allowed domain name(s). The domain name is better to be written in @example.com format.

2) As for OWA - here yang_zhang is probably right: OWA is not supported as I know.
What you can do is to test the rule with the parameters similar to "Webmail" policy.

I will try to repro the scenario and will let you know.

STS: DLP

kishorilal1986's picture

Create Block policy and defined/add the mail domain which you want to block and apply on network monitor/prevent.

Denis Kattithara 1's picture

Domain specific blocking would not be an ideal use case for DLP. This would rather be best achieved using your MTA or Mail Security solution, meant for the same.

Moreover, DLP Endpoint will not effectively block specific domains for OWA. This will be possible with DLP Network Prevent for Email (although this is not the best use case).

Jsneed's picture

This should actually be quite easy to do.  Create an endpoint policy that captures and blocks all messages from your owa domain containing a sent to any domain.  Create exceptions for the domains you want people to be able to send to.