Data Loss Prevention

Hi All,

One of my customer is looking for a DLP policy like :- users can send mail to only one perticular domain, Sending mails to other domains should be blocked.

They are using OWA (Outlook web access) for mail accessing on IE.

They are using DLP Endpoint Only ...

I don't think DLP Endpoint only can achieve this requirement.

Implement a Network Prevent for Email can do this kind of requirement.

1) Writing the policy on particular domain should not be hard task.

You should create a policy that blocks all emails with an IDM exception of allowed domain name(s). The domain name is better to be written in @example.com format.

2) As for OWA - here yang_zhang is probably right: OWA is not supported as I know.
What you can do is to test the rule with the parameters similar to "Webmail" policy.

I will try to repro the scenario and will let you know.

Create Block policy and defined/add the mail domain which you want to block and apply on network monitor/prevent.

Domain specific blocking would not be an ideal use case for DLP. This would rather be best achieved using your MTA or Mail Security solution, meant for the same.

Moreover, DLP Endpoint will not effectively block specific domains for OWA. This will be possible with DLP Network Prevent for Email (although this is not the best use case).

This should actually be quite easy to do.  Create an endpoint policy that captures and blocks all messages from your owa domain containing a sent to any domain.  Create exceptions for the domains you want people to be able to send to.